Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Using GRE/IPSEC tunnel as backup to MPLS

Here is my lab. I want to put this into production, but first I need to get it working

in my lab:

http://www.flickr.com/photos/31154535@N07/9195902948/

What we would like to do:

Use the MPLS cloud as a primary for traffic between the two sites. If the MPLS should fail, taffic should

flow over the IPSEC/GRE tunnel. We would like also to do all this with dynamic routing.

We do BGP peering with our MPLS provider on the 01 routers in each site. When then redistribute those

routes into EIGRP.

The routers called fake FW are just that. I have had a hard time to get ASAs to work properly in GNS3,

so I am just using a router for now.

So the problems:

1.)

On the fake FW in Atlanta (top of drawing). Here is the partial output of show ip eigrp topology:

P 5.5.0.0/16, 1 successors, FD is 297252096

        via 10.3.208.140 (297252096/297249536), FastEthernet0/0.601

        via 10.3.208.131 (25602816/25600256), FastEthernet0/0.601

There are similar entries for the other networks in New Haven. My understanding is the route

with the lower metric should be the chosen one? Is that correct? Looking at the routing table

however I see this:

D       5.5.0.0/16

           [90/297252096] via 10.3.208.140, 00:04:24, FastEthernet0/0.601

That route is poing to the 02 router where the GRE tunnel is.

2.)

I cant ping anything from the fake fws to the opposite site. But I can ping everything

from the 02 routers to the opposite site.

I will stop there since I think that is we need to get those two things fixed before we

can continue.

Thanks!

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Bronze

Using GRE/IPSEC tunnel as backup to MPLS

Thanks for posting all the information. I see the problem.

Selecting the 10.5.0.0/16 subnet again here is the behavior:

While MPLS is up on R01 is learned via BGP:

*> 10.5.0.0/16     10.247.247.5                 500     0 8600 8600 i

When MPLS is down, R01 learns this subnet via EIGRP from R02. I assumed it was via iBGP but there isn't any BGP between R01 and R02. This is in fact a local originated route

> 10.5.0.0/16     10.3.208.140     25628160         32768 ?

If you want this done correctly, you must implement route tagging during redistribution. When you redistribute from BGP into EIGRP on either site, you must tag the route. You must also do the same during OSPF to EIGRP redistribution.

Now, during EIGRP to BGP or during EIGRP to OSPF, you must deny those routes based on the tag.

R01 should never advertise 10.5.0.0/16 as a local subnet as it belongs to HVN.

Regards,

14 REPLIES
Hall of Fame Super Bronze

Using GRE/IPSEC tunnel as backup to MPLS

Internal EIGRP routes will be preferred over External EIGRP routes regardless of the metric.

You need to configure your GRE tunnels with a protocol other than EIGRP so redistribution can take place and you can use EIGRP metrics for route preference.

New Member

Using GRE/IPSEC tunnel as backup to MPLS

Edison,

Thanks for your input. What I ended up doing was changing (with distance command and ACL) the AD of internally learned routes over the tunnel interfaces to 175. Once I did that I could see the BGP learned routes in the routing tables of the FAKE_FWs.

Do you think this is a viable method? or should I go with using OSPF as you sudggested?

Thanks again

P.

New Member

Using GRE/IPSEC tunnel as backup to MPLS

I wanted to update this thread because I have a partially working solution. I have not tried Edison's solution yet becuase I want to rule this one out before I go with his idea.

As I described in the prior entries I am increasing AD on routes learned over the GRE tunnel to 175. That puts the BGP routes in the routing table of the 02 router:

##################################

## Before MPLS CLOUD GOES DOWN ##

##################################

ATL02#sh ip eigrp vrf QWEST_WWW top
IP-EIGRP Topology Table for AS(1)/ID(108.47.84.6) Routing Table: QWEST_WWW
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status

P 5.5.0.0/16, 1 successors, FD is 25602816, tag is 8600
        via 10.3.208.131 (25602816/25600256), FastEthernet1/0.601
        via 172.16.1.1 (297249536/30720), Tunnel1
P 5.0.0.0/16, 1 successors, FD is 30720
        via 10.3.208.129 (30720/28160), FastEthernet1/0.601
P 10.3.0.0/16, 1 successors, FD is 30720
        via 10.3.208.129 (30720/28160), FastEthernet1/0.601
P 10.147.147.0/29, 1 successors, FD is 25602816, tag is 8600
        via 10.3.208.131 (25602816/25600256), FastEthernet1/0.601
        via 172.16.1.1 (297249536/30720), Tunnel1
P 10.0.0.0/16, 1 successors, FD is 30720
        via 10.3.208.129 (30720/28160), FastEthernet1/0.601
P 10.1.0.0/16, 1 successors, FD is 25602816, tag is 8600
        via 10.3.208.131 (25602816/25600256), FastEthernet1/0.601
        via 172.16.1.1 (297249536/30720), Tunnel1
P 10.5.0.0/16, 1 successors, FD is 25602816, tag is 8600
        via 10.3.208.131 (25602816/25600256), FastEthernet1/0.601
        via 172.16.1.1 (297249536/30720), Tunnel1
P 10.3.208.128/25, 1 successors, FD is 28160
        via Connected, FastEthernet1/0.601
P 10.5.208.128/25, 1 successors, FD is 25602816, tag is 8600
        via 10.3.208.131 (25602816/25600256), FastEthernet1/0.601
        via 172.16.1.1 (297246976/28160), Tunnel1
P 172.16.1.0/24, 1 successors, FD is 297244416
        via Connected, Tunnel1
ATL02#
ATL02#
ATL02#
ATL02#sh ip route vrf QWEST_WWW

Routing Table: QWEST_WWW
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 57.129.165.41 to network 0.0.0.0

     5.0.0.0/16 is subnetted, 2 subnets
D EX    5.5.0.0 [170/25602816] via 10.3.208.131, 00:01:00, FastEthernet1/0.601
D       5.0.0.0 [90/30720] via 10.3.208.129, 00:01:00, FastEthernet1/0.601
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.1.0 is directly connected, Tunnel1
     57.0.0.0/30 is subnetted, 1 subnets
C       67.129.165.40 is directly connected, FastEthernet0/0
     10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks
D       10.3.0.0/16 [90/30720] via 10.3.208.129, 00:01:02, FastEthernet1/0.601
D EX    10.147.147.0/29
           [170/25602816] via 10.3.208.131, 00:01:02, FastEthernet1/0.601
D       10.0.0.0/16 [90/30720] via 10.3.208.129, 00:01:03, FastEthernet1/0.601
D EX    10.1.0.0/16
           [170/25602816] via 10.3.208.131, 00:01:03, FastEthernet1/0.601
D EX    10.5.0.0/16
           [170/25602816] via 10.3.208.131, 00:01:03, FastEthernet1/0.601
C       10.3.208.128/25 is directly connected, FastEthernet1/0.601
D EX    10.5.208.128/25
           [170/25602816] via 10.3.208.131, 00:01:03, FastEthernet1/0.601
C    108.47.84.0/24 is directly connected, FastEthernet1/0.602
B*   0.0.0.0/0 [20/0] via 57.165.41, 00:01:25
ATL02

Then I bring down the MPLS cloud and everything fails over to the GRE tunnel after about 2 mins.

##########################

# MPLS CLOUD GOES DOWN #

##########################

ATL02#sh ip eigrp vrf QWEST_WWW top

IP-EIGRP Topology Table for AS(1)/ID(208.47.84.6) Routing Table: QWEST_WWW

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

       r - reply Status, s - sia Status

P 5.5.0.0/16, 1 successors, FD is 25602816

        via 172.16.1.1 (297249536/30720), Tunnel1

P 5.0.0.0/16, 1 successors, FD is 30720

        via 10.3.208.129 (30720/28160), FastEthernet1/0.601

P 10.3.0.0/16, 1 successors, FD is 30720

        via 10.3.208.129 (30720/28160), FastEthernet1/0.601

P 10.147.147.0/29, 1 successors, FD is 25602816

        via 172.16.1.1 (297249536/30720), Tunnel1

P 10.0.0.0/16, 1 successors, FD is 30720

        via 10.3.208.129 (30720/28160), FastEthernet1/0.601

P 10.1.0.0/16, 1 successors, FD is 25602816

        via 172.16.1.1 (297249536/30720), Tunnel1

P 10.5.0.0/16, 1 successors, FD is 25602816

        via 172.16.1.1 (297249536/30720), Tunnel1

P 10.3.208.128/25, 1 successors, FD is 28160

        via Connected, FastEthernet1/0.601

P 10.5.208.128/25, 1 successors, FD is 25602816

        via 172.16.1.1 (297246976/28160), Tunnel1

P 172.16.1.0/24, 1 successors, FD is 297244416

        via Connected, Tunnel1

ATL02#sh ip route vrf QWEST_WWW

Routing Table: QWEST_WWW

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 57.129.165.41 to network 0.0.0.0

     5.0.0.0/16 is subnetted, 2 subnets

D       5.5.0.0 [175/297249536] via 172.16.1.1, 00:02:01, Tunnel1

D       5.0.0.0 [90/30720] via 10.3.208.129, 00:02:40, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Tunnel1

     57.0.0.0/30 is subnetted, 1 subnets

C       67.129.165.40 is directly connected, FastEthernet0/0

     10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks

D       10.3.0.0/16 [90/30720] via 10.3.208.129, 00:02:42, FastEthernet1/0.601

D       10.147.147.0/29 [175/297249536] via 172.16.1.1, 00:02:03, Tunnel1

D       10.0.0.0/16 [90/30720] via 10.3.208.129, 00:02:42, FastEthernet1/0.601

D       10.1.0.0/16 [175/297249536] via 172.16.1.1, 00:02:04, Tunnel1

D       10.5.0.0/16 [175/297249536] via 172.16.1.1, 00:02:04, Tunnel1

C       10.3.208.128/25 is directly connected, FastEthernet1/0.601

D       10.5.208.128/25 [175/297246976] via 172.16.1.1, 00:02:04, Tunnel1

C    109.47.84.0/24 is directly connected, FastEthernet1/0.602

B*   0.0.0.0/0 [20/0] via 57.129.165.41, 00:18:29

So failover works as planned. The only problem remaining is when the MPLS cloud comes back. Things dont fail back. The only way I can get the routes back into the routing table is to clear the eigrp neighbors on one of the 02 routers.

##############################

# MPLS CLOUD COMES BACK UP #

##############################

ATL02#sh ip route vrf QWEST_WWW

Routing Table: QWEST_WWW

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 57.129.165.41 to network 0.0.0.0

     5.0.0.0/16 is subnetted, 2 subnets

D       5.5.0.0 [175/297249536] via 172.16.1.1, 00:08:45, Tunnel1

D       5.0.0.0 [90/30720] via 10.3.208.129, 00:09:24, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Tunnel1

     57.0.0.0/30 is subnetted, 1 subnets

C       67.129.165.40 is directly connected, FastEthernet0/0

     10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks

D       10.3.0.0/16 [90/30720] via 10.3.208.129, 00:09:26, FastEthernet1/0.601

D       10.147.147.0/29 [175/297249536] via 172.16.1.1, 00:08:47, Tunnel1

D       10.0.0.0/16 [90/30720] via 10.3.208.129, 00:09:26, FastEthernet1/0.601

D       10.1.0.0/16 [175/297249536] via 172.16.1.1, 00:08:49, Tunnel1

D       10.5.0.0/16 [175/297249536] via 172.16.1.1, 00:08:49, Tunnel1

C       10.3.208.128/25 is directly connected, FastEthernet1/0.601

D       10.5.208.128/25 [175/297246976] via 172.16.1.1, 00:08:49, Tunnel1

C    108.47.84.0/24 is directly connected, FastEthernet1/0.602

B*   0.0.0.0/0 [20/0] via 67.129.165.41, 00:25:13

ATL02#sh ip eigrp vrf QWEST_WWW top

IP-EIGRP Topology Table for AS(1)/ID(208.47.84.6) Routing Table: QWEST_WWW

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

       r - reply Status, s - sia Status

P 5.5.0.0/16, 1 successors, FD is 25602816

        via 172.16.1.1 (297249536/30720), Tunnel1

P 5.0.0.0/16, 1 successors, FD is 30720

        via 10.3.208.129 (30720/28160), FastEthernet1/0.601

P 10.3.0.0/16, 1 successors, FD is 30720

        via 10.3.208.129 (30720/28160), FastEthernet1/0.601

P 10.147.147.0/29, 1 successors, FD is 25602816

        via 172.16.1.1 (297249536/30720), Tunnel1

P 10.0.0.0/16, 1 successors, FD is 30720

        via 10.3.208.129 (30720/28160), FastEthernet1/0.601

P 10.1.0.0/16, 1 successors, FD is 25602816

        via 172.16.1.1 (297249536/30720), Tunnel1

P 10.5.0.0/16, 1 successors, FD is 25602816

        via 172.16.1.1 (297249536/30720), Tunnel1

P 10.3.208.128/25, 1 successors, FD is 28160

        via Connected, FastEthernet1/0.601

P 10.5.208.128/25, 1 successors, FD is 25602816

        via 172.16.1.1 (297246976/28160), Tunnel1

P 172.16.1.0/24, 1 successors, FD is 297244416

        via Connected, Tunnel1

###################################

### After Clear EIGRP Neighbors #######

###################################

ATL02#sh ip eigrp vrf QWEST_WWW top

*Mar  1 00:29:22.355: %DUAL-5-NBRCHANGE: IP-EIGRP(1) 1: Neighbor 172.16.1.1 (Tunnel1) is up: new adjacency

ATL02#sh ip eigrp vrf QWEST_WWW top

IP-EIGRP Topology Table for AS(1)/ID(208.47.84.6) Routing Table: QWEST_WWW

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

       r - reply Status, s - sia Status

P 5.5.0.0/16, 1 successors, FD is 25602816, tag is 8600

        via 10.3.208.131 (25602816/25600256), FastEthernet1/0.601

        via 172.16.1.1 (297249536/30720), Tunnel1

P 5.0.0.0/16, 1 successors, FD is 30720

        via 10.3.208.129 (30720/28160), FastEthernet1/0.601

P 10.3.0.0/16, 1 successors, FD is 30720

        via 10.3.208.129 (30720/28160), FastEthernet1/0.601

P 10.0.0.0/16, 1 successors, FD is 30720

        via 10.3.208.129 (30720/28160), FastEthernet1/0.601

P 10.147.147.0/29, 1 successors, FD is 25602816, tag is 8600

        via 10.3.208.131 (25602816/25600256), FastEthernet1/0.601

        via 172.16.1.1 (297249536/30720), Tunnel1

P 10.1.0.0/16, 1 successors, FD is 25602816, tag is 8600

        via 10.3.208.131 (25602816/25600256), FastEthernet1/0.601

        via 172.16.1.1 (297249536/30720), Tunnel1

P 10.5.0.0/16, 1 successors, FD is 25602816, tag is 8600

        via 10.3.208.131 (25602816/25600256), FastEthernet1/0.601

        via 172.16.1.1 (297249536/30720), Tunnel1

P 10.3.208.128/25, 1 successors, FD is 28160

        via Connected, FastEthernet1/0.601

P 10.5.208.128/25, 1 successors, FD is 25602816, tag is 8600

        via 10.3.208.131 (25602816/25600256), FastEthernet1/0.601

        via 172.16.1.1 (297246976/28160), Tunnel1

P 172.16.1.0/24, 1 successors, FD is 297244416

        via Connected, Tunnel1

        via 10.3.208.131 (25602816/25600256), FastEthernet1/0.601

ATL02#sh ip route vrf QWEST_WWW

Routing Table: QWEST_WWW

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 57.129.165.41 to network 0.0.0.0

     5.0.0.0/16 is subnetted, 2 subnets

D EX    5.5.0.0 [170/25602816] via 10.3.208.131, 00:00:15, FastEthernet1/0.601

D       5.0.0.0 [90/30720] via 10.3.208.129, 00:00:15, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Tunnel1

     57.0.0.0/30 is subnetted, 1 subnets

C       67.129.165.40 is directly connected, FastEthernet0/0

     10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks

D       10.3.0.0/16 [90/30720] via 10.3.208.129, 00:00:17, FastEthernet1/0.601

D EX    10.147.147.0/29

           [170/25602816] via 10.3.208.131, 00:00:17, FastEthernet1/0.601

D       10.0.0.0/16 [90/30720] via 10.3.208.129, 00:00:18, FastEthernet1/0.601

D EX    10.1.0.0/16

           [170/25602816] via 10.3.208.131, 00:00:18, FastEthernet1/0.601

D EX    10.5.0.0/16

           [170/25602816] via 10.3.208.131, 00:00:18, FastEthernet1/0.601

C       10.3.208.128/25 is directly connected, FastEthernet1/0.601

D EX    10.5.208.128/25

           [170/25602816] via 10.3.208.131, 00:00:18, FastEthernet1/0.601

C    108.47.84.0/24 is directly connected, FastEthernet1/0.602

B*   0.0.0.0/0 [20/0] via 67.129.165.41, 00:28:33

ATL02#

Maybe this is what Edison was trying to warn me about. But I want to rule any small mistake out.

Thanks again!

New Member

Re: Using GRE/IPSEC tunnel as backup to MPLS

OK, it's official, this is driving me bonkers. I took Edison's advice and set up OSFP on the GRE routers (02 routers in the diagram) and we are doing redistribution

router eigrp 1
no auto-summary
!
address-family ipv4 vrf QWEST_WWW
  redistribute ospf 1 vrf QWEST_WWW metric 80 1 255 1 1500
  network 10.3.208.0 0.0.0.255
  no auto-summary
  autonomous-system 1
exit-address-family
!
router ospf 1 vrf QWEST_WWW
log-adjacency-changes
redistribute eigrp 1 metric 1000 subnets
network 172.16.1.0 0.0.0.255 area 0
!

The 02 routers routing table and EIGRP topology is exactly the same as the prior post. In fact when the MPLS cloud goes down I get the same results; failover works fine, but fail back does not. I still have to issue the clear ip eigrp vrf QWEST_WWW neighbor command to see the perferred routes in the fake_fws routing table.

Tearing hair out now

Adding updated diagram

http://www.flickr.com/photos/31154535@N07/9216288913/lightbox/

New Member

Re: Using GRE/IPSEC tunnel as backup to MPLS

I am adding more information so it might help..

I noticed that if I clear the bgp process after fail back on the 01 routers that updates the routing table with the preferred routes over the 01 routers.

#######################

## BGP with MPLS down ##

#######################

ATL01#sh ip bgp vpnv4 vrf EL_MPLS

BGP table version is 45, local router ID is 10.3.255.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 65000:2 (default for vrf EL_MPLS)

*> 5.0.0.0/16       10.3.208.129         30720         32768 i

*> 5.5.0.0/16       10.3.208.140      32002816         32768 ?

*> 10.0.0.0/16      10.3.208.129         30720         32768 i

*> 10.1.0.0/16      10.3.208.140      32002816         32768 ?

*> 10.3.0.0/16      10.3.208.129         30720         32768 i

*> 10.3.208.128/25  0.0.0.0                  0         32768 ?

*> 10.5.0.0/16      10.3.208.140      32002816         32768 ?

*> 10.5.208.128/25  10.3.208.140      32002816         32768 ?

*> 10.147.147.0/29  10.3.208.140      32002816         32768 ?

*> 172.16.1.0/24    10.3.208.140      32002816         32768 ?

#########################

## BGP with MPLS back up ##

#########################

ATL01#sh ip bgp vpnv4 vrf EL_MPLS

BGP table version is 46, local router ID is 10.3.255.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 65000:2 (default for vrf EL_MPLS)

*> 5.0.0.0/16       10.3.208.129         30720         32768 i

*  5.5.0.0/16       10.247.247.5                           0 8600 8600 i

*>                  10.3.208.140      32002816         32768 ?

*> 10.0.0.0/16      10.3.208.129         30720         32768 i

*  10.1.0.0/16      10.247.247.5                           0 8600 8600 i

*>                  10.3.208.140      32002816         32768 ?

*> 10.3.0.0/16      10.3.208.129         30720         32768 i

*> 10.3.208.128/25  0.0.0.0                  0         32768 ?

*  10.5.0.0/16      10.247.247.5                           0 8600 8600 i

*>                  10.3.208.140      32002816         32768 ?

*  10.5.208.128/25  10.247.247.5                           0 8600 8600 ?

*>                  10.3.208.140      32002816         32768 ?

*  10.147.147.0/29  10.247.247.5                           0 8600 8600 ?

*>                  10.3.208.140      32002816         32768 ?

*  172.16.1.0/24    10.247.247.5                           0 8600 8600 ?

*>                  10.3.208.140      32002816         32768 ?

#########################

#####  After clearing BGP    ##

#########################

ATL01#clear ip bgp *

ATL01#

*Mar  1 00:54:31.027: %BGP-5-ADJCHANGE: neighbor 10.247.247.5 vpn vrf EL_MPLS Down User reset

*Mar  1 00:54:31.027: %BGP-5-ADJCHANGE: neighbor 107.7.79.133 vpn vrf EL_WWW Down User reset

ATL01#

*Mar  1 00:54:32.259: %BGP-5-ADJCHANGE: neighbor 107.7.79.133 vpn vrf EL_WWW Up

*Mar  1 00:54:32.487: %BGP-5-ADJCHANGE: neighbor 10.247.247.5 vpn vrf EL_MPLS Up

ATL01#sh ip bgp vpnv4 vrf EL_MPLS

BGP table version is 13, local router ID is 10.3.255.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 65000:2 (default for vrf EL_MPLS)

*> 5.0.0.0/16       10.247.247.5                           0 8600 8600 ?

*> 5.5.0.0/16       10.247.247.5                           0 8600 8600 i

*> 10.0.0.0/16      10.247.247.5                           0 8600 8600 ?

*> 10.1.0.0/16      10.247.247.5                           0 8600 8600 i

*> 10.3.0.0/16      10.247.247.5                           0 8600 8600 ?

r> 10.3.208.128/25  10.247.247.5                           0 8600 8600 ?

*> 10.5.0.0/16      10.247.247.5                           0 8600 8600 i

*> 10.5.208.128/25  10.247.247.5                           0 8600 8600 ?

*> 10.147.147.0/29  10.247.247.5                           0 8600 8600 ?

*> 172.16.1.0/24    10.247.247.5                           0 8600 8600 ?

ATL01#

Does this help??

Hall of Fame Super Bronze

Using GRE/IPSEC tunnel as backup to MPLS

From simplicity sake, I'm picking a subnet from HVN (10.5.0.0/16).

With MPLS down on R01, the BGP table shows:

*> 10.5.0.0/16      10.3.208.140      32002816         32768 ?

Which means is learning this route from R02 via iBGP.

With MPLS up on R01, the BGP table shows:

*  10.5.0.0/16      10.247.247.5                           0 8600 8600 i

*>                  10.3.208.140      32002816         32768 ?

R01 still uses R02 because the AS_PATH length is shorter.

See

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtml

Rule 4

When you reset the BGP table:

*> 10.5.0.0/16      10.247.247.5                           0 8600 8600 i

The entire algorithm restart but I don't see in the logs the iBGP session being made.

Can you post the BGP table from R01 and R02 after a reset?

If you want R01 to be primary after a failover, I recommend using LOCAL_PREF on incoming prefixes from HVN.

Regards,

New Member

Using GRE/IPSEC tunnel as backup to MPLS

Edison,

Thanks so much for your reply.

I have updated the diagram so it is easier to read:

http://www.flickr.com/photos/31154535@N07/9240815180/lightbox/

  • Our goal is to have normal site to site traffic (HVN <-> ATL) go over the 01 Routers (MPLS) in each site. Right now that is not a problem,

  • If the MPLS could goes down we would like site to site traffic to go over the tunnel. Right now that is not a problem either. When MPLS goes away, traffic starts to move over the 02 Routers and through the tunnel.

  • The remaining problem is when the MPLS becomes available again. Traffic does not switch back to the 01 routers automatically. Clearing BGP on the 01 routers fixes it.

I am adding the information you asked for (I hope this is what you wanted). This is the BGP tables and  routing tables of the 01 and 02 routers in ATL when things are running normally i.e site to site traffic is going over the 01 routers.

#############################################################################

################################ ATL 01 Router  ###############################

#############################################################################

ATL01#sh ip bgp vpnv4 vrf EL_MPLS

BGP table version is 19, local router ID is 10.3.255.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 65000:2 (default for vrf EL_MPLS)

*> 5.0.0.0/16       10.3.208.129         30720         32768 i

*> 5.5.0.0/16       10.247.247.5                           0 8600 8600 i

*> 10.0.0.0/16      10.3.208.129         30720         32768 i

*> 10.1.0.0/16      10.247.247.5                           0 8600 8600 i

*> 10.3.0.0/16      10.3.208.129         30720         32768 i

*> 10.3.208.128/25  0.0.0.0                  0         32768 ?

*> 10.5.0.0/16      10.247.247.5                           0 8600 8600 i

*> 10.5.208.128/25  10.247.247.5                           0 8600 8600 ?

*> 172.16.1.0/24    10.247.247.5                           0 8600 8600 ?

ATL01#sh ip route vrf EL_MPLS

Routing Table: EL_MPLS

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     5.0.0.0/16 is subnetted, 2 subnets

B       5.5.0.0 [20/0] via 10.247.247.5, 00:17:38

D       5.0.0.0 [90/30720] via 10.3.208.129, 00:17:38, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

B       172.16.1.0 [20/0] via 10.247.247.5, 00:17:38

     10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks

D       10.3.0.0/16 [90/30720] via 10.3.208.129, 00:17:38, FastEthernet1/0.601

C       10.247.247.0/29 is directly connected, FastEthernet0/0.601

D       10.0.0.0/16 [90/30720] via 10.3.208.129, 00:17:40, FastEthernet1/0.601

B       10.1.0.0/16 [20/0] via 10.247.247.5, 00:17:40

B       10.5.0.0/16 [20/0] via 10.247.247.5, 00:17:40

C       10.3.208.128/25 is directly connected, FastEthernet1/0.601

B       10.5.208.128/25 [20/0] via 10.247.247.5, 00:17:41

ATL01#

#############################################################################

################################ ATL 02 Router  ###############################

#############################################################################

ATL02#sh ip bgp vpnv4 vrf QWEST_WWW

BGP table version is 4, local router ID is 10.3.255.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf QWEST_WWW)

*> 0.0.0.0         57.129.165.41            0             0 7600 i

*> 108.47.84.0      0.0.0.0                  0         32768 i

ATL02#sh ip bgp vpnv4 vrf QWEST_WWW

BGP table version is 4, local router ID is 10.3.255.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf QWEST_WWW)

*> 0.0.0.0          57.129.165.41            0             0 7600 i

*> 108.47.84.0      0.0.0.0                  0         32768 i

ATL02#sh ip route vrf QWEST_WWW

Routing Table: QWEST_WWW

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 57.129.165.41 to network 0.0.0.0

     5.0.0.0/16 is subnetted, 2 subnets

O E2    5.5.0.0 [110/1000] via 172.16.1.1, 01:15:38, Tunnel1

D       5.0.0.0 [90/30720] via 10.3.208.129, 00:20:10, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Tunnel1

     57.0.0.0/30 is subnetted, 1 subnets

C       67.129.165.40 is directly connected, FastEthernet0/0

     10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

D       10.3.0.0/16 [90/30720] via 10.3.208.129, 00:20:12, FastEthernet1/0.601

D       10.0.0.0/16 [90/30720] via 10.3.208.129, 00:20:12, FastEthernet1/0.601

O E2    10.1.0.0/16 [110/1000] via 172.16.1.1, 01:15:40, Tunnel1

O E2    10.5.0.0/16 [110/1000] via 172.16.1.1, 01:15:41, Tunnel1

C       10.3.208.128/25 is directly connected, FastEthernet1/0.601

O E2    10.5.208.128/25 [110/1000] via 172.16.1.1, 01:15:41, Tunnel1

C    108.47.84.0/24 is directly connected, FastEthernet1/0.602

B*   0.0.0.0/0 [20/0] via 57.129.165.41, 00:27:31

Hall of Fame Super Bronze

Using GRE/IPSEC tunnel as backup to MPLS

As previously recommended, increase the LOCAL_PREF (default is 100) against prefixes learned from HVN on R01 and it should solve the problem on the fail back.

New Member

Using GRE/IPSEC tunnel as backup to MPLS

Still no change.

Traffic stays on the 02 routers until I issue a clear ip bgp * on the 01 Router or clear ip eigrp vrf QWEST_WWW on the 02 Router.

I want to add the config I have for the ISP router just in case there is a problem there.

So this is the router between the 01 routers. I have included the routing table during the different phases of normal, failover and failback. I dont think there is much there but perhaps.

earthlink_rt#sh run | b router

router bgp 8600

no synchronization

bgp router-id 1.1.1.2

bgp log-neighbor-changes

no auto-summary

!

address-family ipv4 vrf EL_MPLS

  neighbor 10.147.147.4 remote-as 65000

  neighbor 10.147.147.4 activate

  neighbor 10.147.147.4 as-override

  neighbor 10.247.247.6 remote-as 65000

  neighbor 10.247.247.6 activate

  neighbor 10.247.247.6 as-override

  no synchronization

bgp redistribute-internal

exit-address-family

########################

## Normal operation ####

########################

earthlink_rt#sh ip route vrf EL_MPLS

Gateway of last resort is not set

     5.0.0.0/16 is subnetted, 2 subnets

B       5.5.0.0 [20/30720] via 10.147.147.4, 00:10:21

B       5.0.0.0 [20/25628160] via 10.147.147.4, 00:08:32

     172.16.0.0/24 is subnetted, 1 subnets

B       172.16.1.0 [20/25628160] via 10.147.147.4, 00:08:32

     10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks

B       10.3.0.0/16 [20/25628160] via 10.147.147.4, 00:08:32

C       10.247.247.0/29 is directly connected, FastEthernet0/0.601

C       10.147.147.0/29 is directly connected, FastEthernet2/0.601

B       10.0.0.0/16 [20/25628160] via 10.147.147.4, 00:08:34

B       10.1.0.0/16 [20/30720] via 10.147.147.4, 00:10:23

B       10.5.0.0/16 [20/30720] via 10.147.147.4, 00:10:24

B       10.3.208.128/25 [20/0] via 10.247.247.6, 00:08:31

B       10.5.208.128/25 [20/0] via 10.147.147.4, 00:10:24

########################

## MPLS GOES DOWN ###

########################

earthlink_rt#sh ip route vrf EL_MPLS

Gateway of last resort is not set

######################

## Failback ############

######################

earthlink_rt#sh ip route vrf EL_MPLS

Gateway of last resort is not set

     5.0.0.0/16 is subnetted, 2 subnets

B       5.5.0.0 [20/30720] via 10.147.147.4, 00:00:21

B       5.0.0.0 [20/30720] via 10.247.247.6, 00:00:30

     172.16.0.0/24 is subnetted, 1 subnets

B       172.16.1.0 [20/25628160] via 10.247.247.6, 00:00:30

     10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks

B       10.3.0.0/16 [20/30720] via 10.247.247.6, 00:00:30

C       10.247.247.0/29 is directly connected, FastEthernet0/0.601

C       10.147.147.0/29 is directly connected, FastEthernet2/0.601

B       10.0.0.0/16 [20/30720] via 10.247.247.6, 00:00:32

B       10.1.0.0/16 [20/30720] via 10.147.147.4, 00:00:23

B       10.5.0.0/16 [20/30720] via 10.147.147.4, 00:00:25

B       10.3.208.128/25 [20/0] via 10.247.247.6, 00:00:33

B       10.5.208.128/25 [20/0] via 10.147.147.4, 00:00:25

Also, here is the config I put on the ATL 01 Router that you asked for. The HVN 01 Router looks the same with different IPs.

router eigrp 1

no auto-summary

!

address-family ipv4 vrf EL_MPLS

redistribute bgp 65000 metric 100 1 255 1 1500

network 10.5.208.0 0.0.0.255

no auto-summary

autonomous-system 1

exit-address-family

router bgp 65000

no synchronization

bgp router-id 10.147.147.4

bgp log-neighbor-changes

no auto-summary

address-family ipv4 vrf EL_MPLS

redistribute eigrp 1

neighbor 10.147.147.5 remote-as 8600

neighbor 10.147.147.5 ebgp-multihop 2

neighbor 10.147.147.5 activate

neighbor 10.147.147.5 route-map LOCAL_PREF in

no synchronization

bgp redistribute-internal

network 5.5.0.0 mask 255.255.0.0

network 10.1.0.0 mask 255.255.0.0

network 10.5.0.0 mask 255.255.0.0

exit-address-family

route-map LOCAL_PREF permit 10

set local-preference 500

And here is the routing table of the FAKE_FW in ATL after failback where you can see that the 02 Routers IP (

10.3.208.140) is still there

ATL_FAKE_FW#sh ip route

Gateway of last resort is 108.47.84.1 to network 0.0.0.0

     5.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

D EX   5.5.0.0/16

           [170/25628160] via 10.3.208.140, 00:12:38, FastEthernet0/0.601

C       5.0.0.0/24 is directly connected, FastEthernet1/0.5

D       5.0.0.0/16 is a summary, 00:12:38, Null0

     172.16.0.0/24 is subnetted, 1 subnets

S       172.16.1.0 [1/0] via 10.3.208.140

     10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks

D       10.3.0.0/16 is a summary, 00:12:38, Null0

D       10.0.0.0/16 is a summary, 00:12:40, Null0

D EX   10.1.0.0/16

           [170/25628160] via 10.3.208.140, 00:12:40, FastEthernet0/0.601

D EX   10.5.0.0/16

           [170/25628160] via 10.3.208.140, 00:12:39, FastEthernet0/0.601

C       10.0.56.0/24 is directly connected, FastEthernet1/0.702

C       10.3.61.0/24 is directly connected, FastEthernet1/0.99

D EX   10.5.208.128/25

           [170/25628160] via 10.3.208.140, 00:12:40, FastEthernet0/0.601

C       10.3.208.0/24 is directly connected, FastEthernet0/0.601

C   108.47.84.0/24 is directly connected, FastEthernet0/0.602

S*   0.0.0.0/0 [1/0] via 208.47.84.1

Will that local preference attribute get passed down to the FAKE_FW? It is only running EIGRP.

Thanks again for your patience!

Hall of Fame Super Bronze

Using GRE/IPSEC tunnel as backup to MPLS

Please post the BGP and Routing Table from all 4 routers (ATL01/02 and HVN01/02) during normal, failover and failback conditions.

Please be descriptive with the names. I see now an earthlink router being mentioned and that's not in the diagram.

New Member

Re: Using GRE/IPSEC tunnel as backup to MPLS

Here are the tables:

######################

# Normal Operations ##

######################

############# ATL01 ################

ATL01#sh ip int br

Interface                 IP-Address     OK? Method Status

     Protocol

FastEthernet0/0           unassigned     YES NVRAM up                   up

FastEthernet0/0.601       10.247.247.6   YES NVRAM up                   up

FastEthernet0/0.1125       207.7.79.134   YES NVRAM up                   up

FastEthernet1/0           unassigned     YES NVRAM up                   up

FastEthernet1/0.601       10.3.208.131   YES NVRAM up                   up

FastEthernet1/0.602       108.47.84.5     YES NVRAM up                   up

FastEthernet2/0           unassigned     YES NVRAM administratively down down

FastEthernet3/0           unassigned     YES NVRAM administratively down down

Loopback0                 10.3.255.2     YES NVRAM up                   up

ATL01#sh ip bgp vpnv4 all

BGP table version is 25, local router ID is 10.3.255.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop           Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf EL_WWW)

*> 0.0.0.0         207.7.79.133             0             0 8600 i

*> 208.47.84.0     0.0.0.0                 0         32768 i

Route Distinguisher: 65000:2 (default for vrf EL_MPLS)

*> 5.0.0.0/16       10.3.208.129         30720         32768 i

*> 5.5.0.0/16       10.247.247.5                 500     0 8600 8600 i

*> 10.0.0.0/16     10.3.208.129         30720         32768 i

*> 10.1.0.0/16     10.247.247.5                 500     0 8600 8600 i

*> 10.3.0.0/16     10.3.208.129         30720         32768 i

*> 10.3.208.128/25 0.0.0.0                 0         32768 ?

*> 10.5.0.0/16     10.247.247.5                 500     0 8600 8600 i

*> 10.5.208.128/25 10.247.247.5                 500     0 8600 8600 ?

*> 172.16.1.0/24   10.247.247.5                  500     0 8600 8600 ?

ATL01#sh ip route vrf EL_MPLS

Gateway of last resort is not set

     5.0.0.0/16 is subnetted, 2 subnets

B       5.5.0.0 [20/0] via 10.247.247.5, 00:22:41

D       5.0.0.0 [90/30720] via 10.3.208.129, 00:20:57, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

B       172.16.1.0 [20/0] via 10.247.247.5, 00:22:41

     10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks

D       10.3.0.0/16 [90/30720] via 10.3.208.129, 00:20:57, FastEthernet1/0.601

C       10.247.247.0/29 is directly connected, FastEthernet0/0.601

D       10.0.0.0/16 [90/30720] via 10.3.208.129, 00:20:59, FastEthernet1/0.601

B       10.1.0.0/16 [20/0] via 10.247.247.5, 00:22:43

B       10.5.0.0/16 [20/0] via 10.247.247.5, 00:22:43

C       10.3.208.128/25 is directly connected, FastEthernet1/0.601

################# ATL02 ################################

ATL02#sh ip int br

Interface                 IP-Address     OK? Method Status

     Protocol

FastEthernet0/0           57.129.165.42   YES NVRAM up                  up

FastEthernet1/0           unassigned     YES NVRAM up                   up

FastEthernet1/0.601       10.3.208.140   YES NVRAM up                   up

FastEthernet1/0.602       108.47.84.6     YES NVRAM up                   up

FastEthernet2/0           unassigned     YES NVRAM administratively down down

FastEthernet3/0           unassigned     YES NVRAM administratively down down

Loopback0                10.3.255.1     YES NVRAM up                   up

Tunnel1                   172.16.1.2     YES NVRAM up                   up

ATL02#sh ip bgp vpnv4 vrf all

%Unknown VRF

ATL02#sh ip bgp vpnv4 all

BGP table version is 4, local router ID is 10.3.255.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop           Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf QWEST_WWW)

*> 0.0.0.0         57.129.165.41           0             0 7600 i

*> 108.47.84.0     0.0.0.0                 0         32768 i

ATL02#sh ip route vrf QWEST_WWW

Routing Table: QWEST_WWW

Gateway of last resort is 57.129.165.41 to network 0.0.0.0

     5.0.0.0/16 is subnetted, 2 subnets

O E2   5.5.0.0 [110/1000] via 172.16.1.1, 05:26:37, Tunnel1

D       5.0.0.0 [90/30720] via 10.3.208.129, 00:23:35, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Tunnel1

     57.0.0.0/30 is subnetted, 1 subnets

C       67.129.165.40 is directly connected, FastEthernet0/0

     10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

D      10.3.0.0/16 [90/30720] via 10.3.208.129, 00:23:37, FastEthernet1/0.601

D       10.0.0.0/16 [90/30720] via 10.3.208.129, 00:23:37, FastEthernet1/0.601

O E2   10.1.0.0/16 [110/1000] via 172.16.1.1, 05:26:39, Tunnel1

O E2   10.5.0.0/16 [110/1000] via 172.16.1.1, 05:26:39, Tunnel1

C       10.3.208.128/25 is directly connected, FastEthernet1/0.601

O E2   10.5.208.128/25 [110/1000] via 172.16.1.1, 05:26:39, Tunnel1

C   108.47.84.0/24 is directly connected, FastEthernet1/0.602

B*   0.0.0.0/0 [20/0] via 67.129.165.41, 04:38:29

B       10.5.208.128/25 [20/0] via 10.247.247.5, 00:22:45

##################### ATL FAKE_FW ####################################

ATL_FAKE_FW#sh ip int br

Interface                 IP-Address     OK? Method Status

     Protocol

FastEthernet0/0           unassigned     YES NVRAM up                   up

FastEthernet0/0.601       10.3.208.129   YES NVRAM up                   up

FastEthernet0/0.602       108.47.84.10   YES NVRAM up                   up

FastEthernet1/0          unassigned     YES NVRAM up                   up

FastEthernet1/0.5         5.0.0.1         YES NVRAM up                   up

FastEthernet1/0.99         10.3.61.1       YES NVRAM up                   up

FastEthernet1/0.702       10.0.56.1       YES NVRAM up                   up

Loopback0                 unassigned     YES NVRAM up                   up

ATL_FAKE_FW#sh ip eigrp topology

IP-EIGRP Topology Table for AS(1)/ID(10.3.208.129)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

       r - reply Status, s - sia Status

P 5.5.0.0/16, 1 successors, FD is 25602816, tag is 8600

       via 10.3.208.131 (25602816/25600256), FastEthernet0/0.601

P 5.0.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 5.0.0.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.5

P 10.3.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 10.0.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 10.1.0.0/16, 1 successors, FD is 25602816, tag is 8600

       via 10.3.208.131 (25602816/25600256), FastEthernet0/0.601

P 10.5.0.0/16, 1 successors, FD is 25602816, tag is 8600

       via 10.3.208.131 (25602816/25600256), FastEthernet0/0.601

P 10.0.56.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.702

P 10.5.208.128/25, 1 successors, FD is 25602816, tag is 8600

       via 10.3.208.131 (25602816/25600256), FastEthernet0/0.601

P 172.16.1.0/24, 0 successors, FD is Inaccessible

       via 10.3.208.140 (25628160/25625600), FastEthernet0/0.601

       via 10.3.208.131 (25602816/25600256), FastEthernet0/0.601

P 10.3.208.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet0/0.601

ATL_FAKE_FW#sh ip route

Gateway of last resort is 108.47.84.1 to network 0.0.0.0

     5.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

D EX   5.5.0.0/16

           [170/25602816] via 10.3.208.131, 00:25:13, FastEthernet0/0.601

C       5.0.0.0/24 is directly connected, FastEthernet1/0.5

D       5.0.0.0/16 is a summary, 00:26:57, Null0

     172.16.0.0/24 is subnetted, 1 subnets

S       172.16.1.0 [1/0] via 10.3.208.140

     10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks

D       10.3.0.0/16 is a summary, 00:26:57, Null0

D       10.0.0.0/16 is a summary, 00:26:59, Null0

D EX   10.1.0.0/16

           [170/25602816] via 10.3.208.131, 00:25:15, FastEthernet0/0.601

D EX   10.5.0.0/16

           [170/25602816] via 10.3.208.131, 00:25:15, FastEthernet0/0.601

C       10.0.56.0/24 is directly connected, FastEthernet1/0.702

C       10.3.61.0/24 is directly connected, FastEthernet1/0.99

D EX   10.5.208.128/25

           [170/25602816] via 10.3.208.131, 00:25:16, FastEthernet0/0.601

C       10.3.208.0/24 is directly connected, FastEthernet0/0.601

C   108.47.84.0/24 is directly connected, FastEthernet0/0.602

S*   0.0.0.0/0 [1/0] via 208.47.84.1

########################### ISP1 (MPLS Provider) ####################

earthlink_rt#sh ip int br

Interface                 IP-Address     OK? Method Status

     Protocol

FastEthernet0/0           unassigned     YES NVRAM up                   up

FastEthernet0/0.601       10.247.247.5   YES NVRAM up                   up

FastEthernet0/0.1125      207.7.79.133   YES NVRAM up                   up

FastEthernet1/0           unassigned     YES NVRAM up                   up

FastEthernet1/0.10         166.166.166.1   YES NVRAM up                   up

FastEthernet2/0           unassigned      YES NVRAM up                   up

FastEthernet2/0.44         109.113.252.34 YES NVRAM up                   up

FastEthernet2/0.601       10.147.147.5   YES NVRAM up                   up

FastEthernet3/0           unassigned     YES NVRAM administratively down down

Loopback1                 1.1.1.2         YES NVRAM up                   up

earthlink_rt#sh ip bgp vpnv4 all

BGP table version is 69, local router ID is 1.1.1.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop           Metric LocPrf Weight Path

Route Distinguisher: 8600:1 (default for vrf EL_WWW)

r> 0.0.0.0         166.166.166.3                          0 9600 7600 65000 i

* 73.144.247.0/24 109.113.252.33           0             0 65000

65000 65000 65000 65000 65000 i

*>                 166.166.166.3                         0 9600 7600 65000 i

* 108.47.84.0     207.7.79.134             0             0 65000

65000 65000 65000 65000 65000 i

*>                 166.166.166.3                         0 9600 7600 65000 i

Route Distinguisher: 8600:2 (default for vrf EL_MPLS)

*> 5.0.0.0/16       10.247.247.6         30720             0 65000 i

*> 5.5.0.0/16       10.147.147.4         30720             0 65000 i

*> 10.0.0.0/16     10.247.247.6         30720             0 65000 i

*> 10.1.0.0/16     10.147.147.4         30720             0 65000 i

*> 10.3.0.0/16     10.247.247.6         30720             0 65000 i

*> 10.3.208.128/25 10.247.247.6             0             0 65000 ?

*                   10.147.147.4     25628160             0 65000 ?

*> 10.5.0.0/16     10.147.147.4         30720            0 65000 i

   Network         Next Hop           Metric LocPrf Weight Path

*> 10.5.208.128/25 10.147.147.4             0             0 65000 ?

*> 172.16.1.0/24   10.147.147.4     25628160             0 65000 ?

earthlink_rt#sh ip route vrf EL_MPLS

Routing Table: EL_MPLS

Gateway of last resort is not set

     5.0.0.0/16 is subnetted, 2 subnets

B       5.5.0.0 [20/30720] via 10.147.147.4, 00:59:35

B       5.0.0.0 [20/30720] via 10.247.247.6, 00:31:41

     172.16.0.0/24 is subnetted, 1 subnets

B       172.16.1.0 [20/25628160] via 10.147.147.4, 00:33:25

     10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks

B       10.3.0.0/16 [20/30720] via 10.247.247.6, 00:31:41

C       10.247.247.0/29 is directly connected, FastEthernet0/0.601

C       10.147.147.0/29 is directly connected, FastEthernet2/0.601

B       10.0.0.0/16 [20/30720] via 10.247.247.6, 00:31:43

B       10.1.0.0/16 [20/30720] via 10.147.147.4, 00:59:37

B       10.5.0.0/16 [20/30720] via 10.147.147.4, 00:59:39

B       10.3.208.128/25 [20/0] via 10.247.247.6, 00:33:24

B       10.5.208.128/25 [20/0] via 10.147.147.4, 00:59:39

#################### HVN 01 #####################################

HVN1_01#sh ip int br

Interface                 IP-Address     OK? Method Status

     Protocol

FastEthernet0/0           unassigned     YES NVRAM up                   up

FastEthernet0/0.44         109.113.252.33 YES NVRAM up                   up

FastEthernet0/0.601       10.147.147.4   YES NVRAM up                   up

FastEthernet1/0          unassigned     YES NVRAM up                   up

FastEthernet1/0.601       10.5.208.131   YES NVRAM up                   up

FastEthernet1/0.602       73.144.247.5   YES NVRAM up                   up

HVN1_01#sh ip bgp vpnv4 all

BGP table version is 99, local router ID is 10.147.147.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop           Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf EL_MPLS)

*> 5.0.0.0/16       10.147.147.5                 500     0 8600 8600 i

*> 5.5.0.0/16       10.5.208.129         30720         32768 i

*> 10.0.0.0/16     10.147.147.5                 500     0 8600 8600 i

*> 10.1.0.0/16     10.5.208.129         30720         32768 i

*> 10.3.0.0/16     10.147.147.5                 500     0 8600 8600 i

* 10.3.208.128/25 10.147.147.5                500     0 8600 8600 ?

*>                 10.5.208.140     25628160         32768 ?

*> 10.5.0.0/16     10.5.208.129         30720         32768 i

*> 10.5.208.128/25 0.0.0.0                 0         32768 ?

*> 172.16.1.0/24   10.5.208.140     25628160         32768 ?

Route Distinguisher: 65000:2 (default for vrf EL_WWW)

*> 0.0.0.0         109.113.252.34           0             0 8600 i

*> 73.144.247.0/24 0.0.0.0                 0         32768 i

HVN1_01#sh ip route vrf EL_MPLS

Routing Table: EL_MPLS

Gateway of last resort is not set

     5.0.0.0/16 is subnetted, 2 subnets

D       5.5.0.0 [90/30720] via 10.5.208.129, 01:49:53, FastEthernet1/0.601

B       5.0.0.0 [20/0] via 10.147.147.5, 00:35:48

     172.16.0.0/24 is subnetted, 1 subnets

D EX   172.16.1.0

           [170/25628160] via 10.5.208.140, 01:49:52, FastEthernet1/0.601

     10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks

B       10.3.0.0/16 [20/0] via 10.147.147.5, 00:35:48

C       10.147.147.0/29 is directly connected, FastEthernet0/0.601

B       10.0.0.0/16 [20/0] via 10.147.147.5, 00:35:50

D       10.1.0.0/16 [90/30720] via 10.5.208.129, 01:49:54, FastEthernet1/0.601

D       10.5.0.0/16 [90/30720] via 10.5.208.129, 01:49:55, FastEthernet1/0.601

D EX   10.3.208.128/25

          [170/25628160] via 10.5.208.140, 01:49:55, FastEthernet1/0.601

C       10.5.208.128/25 is directly connected, FastEthernet1/0.601

##################### HVN02 ##################################

HVN02#sh ip int br

Interface                 IP-Address     OK? Method Status

     Protocol

FastEthernet0/0           65.124.198.174 YES NVRAM up                   up

FastEthernet1/0           unassigned     YES NVRAM up                   up

FastEthernet1/0.601       10.5.208.140   YES NVRAM up                   up

FastEthernet1/0.602       73.144.247.6   YES NVRAM up                   up

FastEthernet2/0           unassigned     YES NVRAM administratively down down

FastEthernet3/0           unassigned     YES NVRAM up                  up

Loopback0                 10.5.255.1     YES NVRAM up                   up

Tunnel1                   172.16.1.1     YES NVRAM up                   up

HVN02#sh ip bgp vpnv4 all

BGP table version is 4, local router ID is 10.5.255.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop           Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf QWEST_WWW)

*> 0.0.0.0         65.124.198.173           0             0 7600 i

*> 73.144.247.0/24 0.0.0.0                 0         32768 i

HVN02#sh ip route vrf QWEST_WWW

Routing Table: QWEST_WWW

Gateway of last resort is 65.124.198.173 to network 0.0.0.0

     65.0.0.0/30 is subnetted, 1 subnets

C       65.124.198.172 is directly connected, FastEthernet0/0

     5.0.0.0/16 is subnetted, 2 subnets

D       5.5.0.0 [90/30720] via 10.5.208.129, 01:53:24, FastEthernet1/0.601

O E2   5.0.0.0 [110/1000] via 172.16.1.2, 00:39:14, Tunnel1

     172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Tunnel1

     10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

O E2   10.3.0.0/16 [110/1000] via 172.16.1.2, 00:39:16, Tunnel1

O E2   10.0.0.0/16 [110/1000] via 172.16.1.2, 00:39:16, Tunnel1

D       10.1.0.0/16 [90/30720] via 10.5.208.129, 01:53:26, FastEthernet1/0.601

D       10.5.0.0/16 [90/30720] via 10.5.208.129, 01:53:26, FastEthernet1/0.601

O E2   10.3.208.128/25 [110/1000] via 172.16.1.2, 04:54:04, Tunnel1

C       10.5.208.128/25 is directly connected, FastEthernet1/0.601

     73.0.0.0/24 is subnetted, 1 subnets

C       63.144.247.0 is directly connected, FastEthernet1/0.602

B*   0.0.0.0/0 [20/0] via 65.124.198.173, 05:42:50

####################### HVN FAKE_FW ####################################

fake_fw_hvn#sh ip int br

Interface                 IP-Address     OK? Method Status

     Protocol

FastEthernet0/0           unassigned     YES NVRAM up                   up

FastEthernet0/0.601       10.5.208.129   YES NVRAM up                   up

FastEthernet0/0.602       73.144.247.10   YES NVRAM up                   up

FastEthernet1/0           unassigned     YES NVRAM up                  up

FastEthernet1/0.5         5.5.5.1         YES NVRAM up                   up

FastEthernet1/0.99         10.5.61.1       YES NVRAM up                   up

FastEthernet1/0.702       10.1.51.1       YES NVRAM up                   up

fake_fw_hvn#sh ip eigrp topology

IP-EIGRP Topology Table for AS(1)/ID(10.5.208.129)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

       r - reply Status, s - sia Status

P 5.5.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 5.0.0.0/16, 1 successors, FD is 25602816, tag is 8600

       via 10.5.208.131 (25602816/25600256), FastEthernet0/0.601

P 5.5.5.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.5

P 10.3.0.0/16, 1 successors, FD is 25602816, tag is 8600

       via 10.5.208.131 (25602816/25600256), FastEthernet0/0.601

P 10.0.0.0/16, 1 successors, FD is 25602816, tag is 8600

       via 10.5.208.131 (25602816/25600256), FastEthernet0/0.601

P 10.1.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 10.5.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 10.5.61.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.99

P 10.1.51.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.702

P 10.3.208.128/25, 1 successors, FD is 25628160

       via 10.5.208.140 (25628160/25625600), FastEthernet0/0.601, serno 72

P 10.5.208.128/25, 1 successors, FD is 28160

       via Connected, FastEthernet0/0.601

P 172.16.1.0/24, 0 successors, FD is Inaccessible

       via 10.5.208.140 (25628160/25625600), FastEthernet0/0.601, serno 90

fake_fw_hvn#sh ip route

Gateway of last resort is 73.144.247.1 to network 0.0.0.0

     5.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

D       5.5.0.0/16 is a summary, 01:57:53, Null0

C       5.5.5.0/24 is directly connected, FastEthernet1/0.5

D EX   5.0.0.0/16

           [170/25602816] via 10.5.208.131, 00:43:43, FastEthernet0/0.601

     172.16.0.0/24 is subnetted, 1 subnets

S       172.16.1.0 [1/0] via 10.5.208.140

     10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks

D EX   10.3.0.0/16

           [170/25602816] via 10.5.208.131, 00:43:43, FastEthernet0/0.601

D EX   10.0.0.0/16

           [170/25602816] via 10.5.208.131, 00:43:45, FastEthernet0/0.601

D       10.1.0.0/16 is a summary, 01:57:55, Null0

D       10.5.0.0/16 is a summary, 01:57:56, Null0

C       10.5.61.0/24 is directly connected, FastEthernet1/0.99

C       10.1.51.0/24 is directly connected, FastEthernet1/0.702

D EX   10.3.208.128/25

           [170/25628160] via 10.5.208.140, 01:57:56, FastEthernet0/0.601

C       10.5.208.128/25 is directly connected, FastEthernet0/0.601

     73.0.0.0/24 is subnetted, 1 subnets

C       73.144.247.0 is directly connected, FastEthernet0/0.602

S*   0.0.0.0/0 [1/0] via 63.144.247.1

#####################

## MPLS GOES DOWN ###

#####################

############################# ATL01 #############################

ATL01#sh ip bgp vpnv4 all

BGP table version is 41, local router ID is 10.3.255.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop           Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf EL_WWW)

*> 108.47.84.0     0.0.0.0                 0         32768 i

Route Distinguisher: 65000:2 (default for vrf EL_MPLS)

*> 5.0.0.0/16       10.3.208.129         30720         32768 i

*> 5.5.0.0/16       10.3.208.140     25628160         32768 ?

*> 10.0.0.0/16     10.3.208.129         30720         32768 i

*> 10.1.0.0/16     10.3.208.140     25628160         32768 ?

*> 10.3.0.0/16     10.3.208.129         30720         32768 i

*> 10.3.208.128/25 0.0.0.0                 0         32768 ?

*> 10.5.0.0/16     10.3.208.140     25628160         32768 ?

*> 10.5.208.128/25 10.3.208.140     25628160         32768 ?

*> 172.16.1.0/24   10.3.208.140    25628160         32768 ?

ATL01#sh ip route vrf EL_MPLS

Routing Table: EL_MPLS

Gateway of last resort is not set

     5.0.0.0/16 is subnetted, 2 subnets

D EX   5.5.0.0 [170/25628160] via 10.3.208.140, 00:01:10, FastEthernet1/0.601

D       5.0.0.0 [90/30720] via 10.3.208.129, 00:49:29, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

D EX   172.16.1.0

           [170/25628160] via 10.3.208.140, 00:01:10, FastEthernet1/0.601

     10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks

D       10.3.0.0/16 [90/30720] via 10.3.208.129, 00:49:29, FastEthernet1/0.601

C       10.247.247.0/29 is directly connected, FastEthernet0/0.601

D       10.0.0.0/16 [90/30720] via 10.3.208.129, 00:49:31, FastEthernet1/0.601

D EX   10.1.0.0/16

           [170/25628160] via 10.3.208.140, 00:01:12, FastEthernet1/0.601

D EX   10.5.0.0/16

           [170/25628160] via 10.3.208.140, 00:01:13, FastEthernet1/0.601

C       10.3.208.128/25 is directly connected, FastEthernet1/0.601

D EX   10.5.208.128/25

           [170/25628160] via 10.3.208.140, 00:01:13, FastEthernet1/0.601

################# ATL02 #################################

ATL02#sh ip bgp vpnv4 all

BGP table version is 4, local router ID is 10.3.255.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop           Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf QWEST_WWW)

*> 0.0.0.0         57.129.165.41           0             0 7600 i

*> 108.47.84.0     0.0.0.0                 0         32768 i

ATL02#sh ip route vrf QWEST_WWW

Routing Table: QWEST_WWW

Gateway of last resort is 67.129.165.41 to network 0.0.0.0

     5.0.0.0/16 is subnetted, 2 subnets

O E2   5.5.0.0 [110/1000] via 172.16.1.1, 05:54:33, Tunnel1

D       5.0.0.0 [90/30720] via 10.3.208.129, 00:51:31, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Tunnel1

     57.0.0.0/30 is subnetted, 1 subnets

C       57.129.165.40 is directly connected, FastEthernet0/0

     10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

D       10.3.0.0/16 [90/30720] via 10.3.208.129, 00:51:33, FastEthernet1/0.601

D      10.0.0.0/16 [90/30720] via 10.3.208.129, 00:51:33, FastEthernet1/0.601

O E2   10.1.0.0/16 [110/1000] via 172.16.1.1, 05:54:35, Tunnel1

O E2   10.5.0.0/16 [110/1000] via 172.16.1.1, 05:54:36, Tunnel1

C       10.3.208.128/25 is directly connected, FastEthernet1/0.601

O E2   10.5.208.128/25 [110/1000] via 172.16.1.1, 05:54:36, Tunnel1

C   108.47.84.0/24 is directly connected, FastEthernet1/0.602

B*   0.0.0.0/0 [20/0] via 67.129.165.41, 05:06:26

###################### ATL FAKE_FW #############################

ATL_FAKE_FW#sh ip eigrp topology

IP-EIGRP Topology Table for AS(1)/ID(10.3.208.129)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

       r - reply Status, s - sia Status

P 5.5.0.0/16, 1 successors, FD is 25628160

       via 10.3.208.140 (25628160/25625600), FastEthernet0/0.601

P 5.0.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 5.0.0.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.5

P 10.3.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 10.0.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 10.1.0.0/16, 1 successors, FD is 25628160

       via 10.3.208.140 (25628160/25625600), FastEthernet0/0.601

P 10.5.0.0/16, 1 successors, FD is 25628160

       via 10.3.208.140 (25628160/25625600), FastEthernet0/0.601

P 10.0.56.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.702

P 10.5.208.128/25, 1 successors, FD is 25628160

       via 10.3.208.140 (25628160/25625600), FastEthernet0/0.601

P 172.16.1.0/24, 0 successors, FD is Inaccessible

       via 10.3.208.140 (25628160/25625600), FastEthernet0/0.601

P 10.3.208.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet0/0.601

ATL_FAKE_FW#sh ip route

Gateway of last resort is 108.47.84.1 to network 0.0.0.0

     5.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

D EX   5.5.0.0/16

           [170/25628160] via 10.3.208.140, 00:06:05, FastEthernet0/0.601

C       5.0.0.0/24 is directly connected, FastEthernet1/0.5

D       5.0.0.0/16 is a summary, 00:56:06, Null0

     172.16.0.0/24 is subnetted, 1 subnets

S       172.16.1.0 [1/0] via 10.3.208.140

     10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks

D      10.3.0.0/16 is a summary, 00:56:06, Null0

D       10.0.0.0/16 is a summary, 00:56:08, Null0

D EX   10.1.0.0/16

           [170/25628160] via 10.3.208.140, 00:06:07, FastEthernet0/0.601

D EX   10.5.0.0/16

           [170/25628160] via 10.3.208.140, 00:06:07, FastEthernet0/0.601

C       10.0.56.0/24 is directly connected, FastEthernet1/0.702

C       10.3.61.0/24 is directly connected, FastEthernet1/0.99

D EX   10.5.208.128/25

           [170/25628160] via 10.3.208.140, 00:06:07, FastEthernet0/0.601

C      10.3.208.0/24 is directly connected, FastEthernet0/0.601

C   108.47.84.0/24 is directly connected, FastEthernet0/0.602

S*   0.0.0.0/0 [1/0] via 208.47.84.1

################## ISP01 (MPLS Provider) ##################

earthlink_rt#sh ip route vrf EL_MPLS

Routing Table: EL_MPLS

Gateway of last resort is not set

######################### HVN01 ############################

HVN1_01#sh ip bgp vpnv4 all

BGP table version is 109, local router ID is 10.147.147.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop           Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf EL_MPLS)

*> 5.0.0.0/16       10.5.208.140     25628160         32768 ?

*> 5.5.0.0/16       10.5.208.129         30720         32768 i

*> 10.0.0.0/16     10.5.208.140     25628160         32768 ?

*> 10.1.0.0/16     10.5.208.129        30720         32768 i

*> 10.3.0.0/16     10.5.208.140     25628160         32768 ?

*> 10.3.208.128/25 10.5.208.140     25628160         32768 ?

*> 10.5.0.0/16     10.5.208.129         30720         32768 i

*> 10.5.208.128/25 0.0.0.0                0         32768 ?

*> 172.16.1.0/24   10.5.208.140     25628160         32768 ?

HVN1_01#sh ip route vrf EL_MPLS

Routing Table: EL_MPLS

Gateway of last resort is not set

     5.0.0.0/16 is subnetted, 2 subnets

D       5.5.0.0 [90/30720] via 10.5.208.129, 02:12:56, FastEthernet1/0.601

D EX   5.0.0.0 [170/25628160] via 10.5.208.140, 00:13:09, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

D EX   172.16.1.0

           [170/25628160] via 10.5.208.140, 02:12:55, FastEthernet1/0.601

     10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks

D EX   10.3.0.0/16

           [170/25628160] via 10.5.208.140, 00:13:09, FastEthernet1/0.601

C       10.147.147.0/29 is directly connected, FastEthernet0/0.601

D EX   10.0.0.0/16

           [170/25628160] via 10.5.208.140, 00:13:11, FastEthernet1/0.601

D       10.1.0.0/16 [90/30720] via 10.5.208.129, 02:12:58, FastEthernet1/0.601

D       10.5.0.0/16 [90/30720] via 10.5.208.129, 02:12:58, FastEthernet1/0.601

D EX    10.3.208.128/25

           [170/25628160] via 10.5.208.140, 02:12:57, FastEthernet1/0.601

C       10.5.208.128/25 is directly connected, FastEthernet1/0.601

##################### HVN02 #############################3

HVN02#sh ip bgp vpnv4 all

BGP table version is 4, local router ID is 10.5.255.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop           Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf QWEST_WWW)

*> 0.0.0.0         65.124.198.173           0             0 7600 i

*> 73.144.247.0/24 0.0.0.0                 0         32768 i

HVN02#sh ip route vrf QWEST_WWW

Routing Table: QWEST_WWW

Gateway of last resort is 65.124.198.173 to network 0.0.0.0

     65.0.0.0/30 is subnetted, 1 subnets

C       65.124.198.172 is directly connected, FastEthernet0/0

     5.0.0.0/16 is subnetted, 2 subnets

D       5.5.0.0 [90/30720] via 10.5.208.129, 02:14:52, FastEthernet1/0.601

O E2   5.0.0.0 [110/1000] via 172.16.1.2, 01:00:43, Tunnel1

     172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Tunnel1

     10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

O E2   10.3.0.0/16 [110/1000] via 172.16.1.2, 01:00:45, Tunnel1

O E2   10.0.0.0/16 [110/1000] via 172.16.1.2, 01:00:45, Tunnel1

D       10.1.0.0/16 [90/30720] via 10.5.208.129, 02:14:54, FastEthernet1/0.601

D       10.5.0.0/16 [90/30720] via 10.5.208.129, 02:14:56, FastEthernet1/0.601

O E2   10.3.208.128/25 [110/1000] via 172.16.1.2, 05:15:34, Tunnel1

C       10.5.208.128/25 is directly connected, FastEthernet1/0.601

     73.0.0.0/24 is subnetted, 1 subnets

C       73.144.247.0 is directly connected, FastEthernet1/0.602

B*   0.0.0.0/0 [20/0] via 65.124.198.173, 06:04:20

################# HVN FAKE FW ##############################

fake_fw_hvn#sh ip eigrp topology

IP-EIGRP Topology Table for AS(1)/ID(10.5.208.129)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

       r - reply Status, s - sia Status

P 5.5.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 5.0.0.0/16, 1 successors, FD is 25628160

       via 10.5.208.140 (25628160/25625600), FastEthernet0/0.601

P 5.5.5.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.5

P 10.3.0.0/16, 1 successors, FD is 25628160

       via 10.5.208.140 (25628160/25625600), FastEthernet0/0.601

P 10.0.0.0/16, 1 successors, FD is 25628160

       via 10.5.208.140 (25628160/25625600), FastEthernet0/0.601

P 10.1.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 10.5.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 10.5.61.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.99

P 10.1.51.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.702

P 10.3.208.128/25, 1 successors, FD is 25628160

       via 10.5.208.140 (25628160/25625600), FastEthernet0/0.601, serno 72

P 10.5.208.128/25, 1 successors, FD is 28160

       via Connected, FastEthernet0/0.601

P 172.16.1.0/24, 0 successors, FD is Inaccessible

       via 10.5.208.140 (25628160/25625600), FastEthernet0/0.601, serno 90

fake_fw_hvn#sh ip route

Gateway of last resort is 73.144.247.1 to network 0.0.0.0

     5.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

D       5.5.0.0/16 is a summary, 02:17:25, Null0

C       5.5.5.0/24 is directly connected, FastEthernet1/0.5

D EX   5.0.0.0/16

           [170/25628160] via 10.5.208.140, 00:17:39, FastEthernet0/0.601

     172.16.0.0/24 is subnetted, 1 subnets

S       172.16.1.0 [1/0] via 10.5.208.140

     10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks

D EX   10.3.0.0/16

           [170/25628160] via 10.5.208.140, 00:17:39, FastEthernet0/0.601

D EX   10.0.0.0/16

           [170/25628160] via 10.5.208.140, 00:17:41, FastEthernet0/0.601

D       10.1.0.0/16 is a summary, 02:17:27, Null0

D       10.5.0.0/16 is a summary, 02:17:28, Null0

C       10.5.61.0/24 is directly connected, FastEthernet1/0.99

C       10.1.51.0/24 is directly connected, FastEthernet1/0.702

D EX   10.3.208.128/25

           [170/25628160] via 10.5.208.140, 02:17:28, FastEthernet0/0.601

C       10.5.208.128/25 is directly connected, FastEthernet0/0.601

     73.0.0.0/24 is subnetted, 1 subnets

C       73.144.247.0 is directly connected, FastEthernet0/0.602

S*   0.0.0.0/0 [1/0] via 73.144.247.1

###########################

#### MPLS COMES BACK UP ###

###########################

#################### ATL01 ############################

ATL01#sh ip bgp vpnv4 all

BGP table version is 42, local router ID is 10.3.255.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Route Distinguisher: 65000:2 (default for vrf EL_MPLS)

*> 5.0.0.0/16       10.3.208.129        30720         32768 i

* 5.5.0.0/16       10.247.247.5                 500     0 8600 8600 i

*>                 10.3.208.140     25628160         32768 ?

*> 10.0.0.0/16     10.3.208.129         30720         32768 i

* 10.1.0.0/16     10.247.247.5                 500     0 8600 8600 i

*>                 10.3.208.140     25628160         32768 ?

*> 10.3.0.0/16     10.3.208.129         30720         32768 i

*> 10.3.208.128/25 0.0.0.0                 0         32768 ?

* 10.5.0.0/16     10.247.247.5                 500     0 8600 8600 i

*>                 10.3.208.140     25628160         32768 ?

* 10.5.208.128/25 10.247.247.5                 500     0 8600 8600 ?

*>                 10.3.208.140     25628160        32768 ?

*> 172.16.1.0/24   10.3.208.140     25628160         32768 ?

ATL01# sh ip route vrf EL_MPLS

Routing Table: EL_MPLS

Gateway of last resort is not set

     5.0.0.0/16 is subnetted, 2 subnets

D EX   5.5.0.0 [170/25628160] via 10.3.208.140, 00:21:19, FastEthernet1/0.601

D       5.0.0.0 [90/30720] via 10.3.208.129, 01:09:37, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

D EX   172.16.1.0

           [170/25628160] via 10.3.208.140, 00:21:19, FastEthernet1/0.601

     10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks

D       10.3.0.0/16 [90/30720] via 10.3.208.129, 01:09:37, FastEthernet1/0.601

C       10.247.247.0/29 is directly connected, FastEthernet0/0.601

D       10.0.0.0/16 [90/30720] via 10.3.208.129, 01:09:39, FastEthernet1/0.601

D EX   10.1.0.0/16

           [170/25628160] via 10.3.208.140, 00:21:21, FastEthernet1/0.601

D EX   10.5.0.0/16

################### ATL02 ################################

sh ip bgp vpnv4 all

BGP table version is 4, local router ID is 10.3.255.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf QWEST_WWW)

*> 0.0.0.0         67.129.165.41           0             0 7600 i

*> 108.47.84.0     0.0.0.0                 0         32768 i

ATL02#sh ip route vrf QWEST_WWW

Routing Table: QWEST_WWW

Gateway of last resort is 67.129.165.41 to network 0.0.0.0

     5.0.0.0/16 is subnetted, 2 subnets

O E2   5.5.0.0 [110/1000] via 172.16.1.1, 06:18:21, Tunnel1

D       5.0.0.0 [90/30720] via 10.3.208.129, 01:15:19, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Tunnel1

     67.0.0.0/30 is subnetted, 1 subnets

C       67.129.165.40 is directly connected, FastEthernet0/0

     10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

D      10.3.0.0/16 [90/30720] via 10.3.208.129, 01:15:21, FastEthernet1/0.601

D       10.0.0.0/16 [90/30720] via 10.3.208.129, 01:15:21, FastEthernet1/0.601

O E2   10.1.0.0/16 [110/1000] via 172.16.1.1, 06:18:23, Tunnel1

O E2   10.5.0.0/16 [110/1000] via 172.16.1.1, 06:18:23, Tunnel1

C       10.3.208.128/25 is directly connected, FastEthernet1/0.601

O E2   10.5.208.128/25 [110/1000] via 172.16.1.1, 06:18:23, Tunnel1

C   108.47.84.0/24 is directly connected, FastEthernet1/0.602

B*   0.0.0.0/0 [20/0] via 67.129.165.41, 05:30:13

           [170/25628160] via 10.3.208.140, 00:21:21, FastEthernet1/0.601

C       10.3.208.128/25 is directly connected, FastEthernet1/0.601

D EX   10.5.208.128/25

           [170/25628160] via 10.3.208.140, 00:21:21, FastEthernet1/0.601

###################### ATL FAKE_FW #################################

ATL_FAKE_FW#sh ip eigrp topology

IP-EIGRP Topology Table for AS(1)/ID(10.3.208.129)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

       r - reply Status, s - sia Status

P 5.5.0.0/16, 1 successors, FD is 25628160

       via 10.3.208.140 (25628160/25625600), FastEthernet0/0.601

P 5.0.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 5.0.0.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.5

P 10.3.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 10.0.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 10.1.0.0/16, 1 successors, FD is 25628160

       via 10.3.208.140 (25628160/25625600), FastEthernet0/0.601

P 10.5.0.0/16, 1 successors, FD is 25628160

       via 10.3.208.140 (25628160/25625600), FastEthernet0/0.601

P 10.0.56.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.702

P 10.5.208.128/25, 1 successors, FD is 25628160

       via 10.3.208.140 (25628160/25625600), FastEthernet0/0.601

P 172.16.1.0/24, 0 successors, FD is Inaccessible

       via 10.3.208.140 (25628160/25625600), FastEthernet0/0.601

P 10.3.208.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet0/0.601

ATL_FAKE_FW#sh ip route

Gateway of last resort is 108.47.84.1 to network 0.0.0.0

     5.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

D EX  5.5.0.0/16

           [170/25628160] via 10.3.208.140, 00:29:22, FastEthernet0/0.601

C       5.0.0.0/24 is directly connected, FastEthernet1/0.5

D       5.0.0.0/16 is a summary, 01:19:24, Null0

     172.16.0.0/24 is subnetted, 1 subnets

S       172.16.1.0 [1/0] via 10.3.208.140

     10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks

D       10.3.0.0/16 is a summary, 01:19:24, Null0

D       10.0.0.0/16 is a summary, 01:19:26, Null0

D EX   10.1.0.0/16

           [170/25628160] via 10.3.208.140, 00:29:24, FastEthernet0/0.601

D EX   10.5.0.0/16

           [170/25628160] via 10.3.208.140, 00:29:24, FastEthernet0/0.601

C       10.0.56.0/24 is directly connected, FastEthernet1/0.702

C       10.3.61.0/24 is directly connected, FastEthernet1/0.99

D EX   10.5.208.128/25

           [170/25628160] via 10.3.208.140, 00:29:27, FastEthernet0/0.601

C       10.3.208.0/24 is directly connected, FastEthernet0/0.601

C   108.47.84.0/24 is directly connected, FastEthernet0/0.602

S*   0.0.0.0/0 [1/0] via 108.47.84.1

####################### ISP01 (MPLS Provider) ##################

earthlink_rt#sh ip bgp vpnv4 all

BGP table version is 106, local router ID is 1.1.1.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop           Metric LocPrf Weight Path

Route Distinguisher: 8600:2 (default for vrf EL_MPLS)

* 5.0.0.0/16       10.147.147.4     25628160             0 65000 ?

*>                 10.247.247.6         30720             0 65000 i

*> 5.5.0.0/16       10.147.147.4         30720             0 65000 i

*                   10.247.247.6     25628160             0 65000 ?

* 10.0.0.0/16     10.147.147.4     25628160             0 65000 ?

*>                 10.247.247.6         30720             0 65000 i

*> 10.1.0.0/16     10.147.147.4         30720             0 65000 i

*                   10.247.247.6     25628160            0 65000 ?

   Network         Next Hop           Metric LocPrf Weight Path

* 10.3.0.0/16     10.147.147.4     25628160             0 65000 ?

*>                 10.247.247.6         30720             0 65000 i

* 10.3.208.128/25 10.147.147.4     25628160             0 65000 ?

*>                 10.247.247.6             0             0 65000 ?

*> 10.5.0.0/16     10.147.147.4         30720             0 65000 i

*                   10.247.247.6     25628160             0 65000 ?

*> 10.5.208.128/25 10.147.147.4             0             0 65000 ?

*                   10.247.247.6     25628160             0 65000 ?

* 172.16.1.0/24   10.147.147.4     25628160             0 65000 ?

*>                 10.247.247.6     25628160             0 65000 ?

earthlink_rt#sh ip route vrf EL_MPLS

Routing Table: EL_MPLS

Gateway of last resort is not set

     5.0.0.0/16 is subnetted, 2 subnets

B       5.5.0.0 [20/30720] via 10.147.147.4, 00:17:04

B       5.0.0.0 [20/30720] via 10.247.247.6, 00:17:29

    172.16.0.0/24 is subnetted, 1 subnets

B       172.16.1.0 [20/25628160] via 10.247.247.6, 00:17:29

     10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks

B       10.3.0.0/16 [20/30720] via 10.247.247.6, 00:17:29

C       10.247.247.0/29 is directly connected, FastEthernet0/0.601

C       10.147.147.0/29 is directly connected, FastEthernet2/0.601

B       10.0.0.0/16 [20/30720] via 10.247.247.6, 00:17:31

B       10.1.0.0/16 [20/30720] via 10.147.147.4, 00:17:06

B      10.5.0.0/16 [20/30720] via 10.147.147.4, 00:17:06

B       10.3.208.128/25 [20/0] via 10.247.247.6, 00:17:31

B       10.5.208.128/25 [20/0] via 10.147.147.4, 00:17:06

######################### HVN01 #########################

HVN1_01#sh ip bgp vpnv4 all

BGP table version is 110, local router ID is 10.147.147.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop          Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf EL_MPLS)

* 5.0.0.0/16       10.147.147.5                 500     0 8600 8600 i

*>                 10.5.208.140     25628160         32768 ?

*> 5.5.0.0/16       10.5.208.129         30720         32768 i

* 10.0.0.0/16     10.147.147.5                 500     0 8600 8600 i

*>                 10.5.208.140     25628160         32768 ?

*> 10.1.0.0/16     10.5.208.129         30720         32768 i

* 10.3.0.0/16     10.147.147.5                 500     0 8600 8600 i

*>                 10.5.208.140     25628160         32768 ?

* 10.3.208.128/25 10.147.147.5                 500     0 8600 8600 ?

*>                 10.5.208.140     25628160         32768 ?

*> 10.5.0.0/16     10.5.208.129         30720         32768 i

*> 10.5.208.128/25 0.0.0.0                 0         32768 ?

* 172.16.1.0/24   10.147.147.5                 500     0 8600 8600 ?

*>                 10.5.208.140     25628160         32768 ?

HVN1_01#sh ip route vrf EL_MPLS

Routing Table: EL_MPLS

Gateway of last resort is not set

     5.0.0.0/16 is subnetted, 2 subnets

D       5.5.0.0 [90/30720] via 10.5.208.129, 02:39:35, FastEthernet1/0.601

D EX   5.0.0.0 [170/25628160] via 10.5.208.140, 00:39:49, FastEthernet1/0.601

     172.16.0.0/24 is subnetted, 1 subnets

D EX   172.16.1.0

           [170/25628160] via 10.5.208.140, 02:39:35, FastEthernet1/0.601

     10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks

D EX   10.3.0.0/16

          [170/25628160] via 10.5.208.140, 00:39:49, FastEthernet1/0.601

C       10.147.147.0/29 is directly connected, FastEthernet0/0.601

D EX   10.0.0.0/16

           [170/25628160] via 10.5.208.140, 00:39:51, FastEthernet1/0.601

D       10.1.0.0/16 [90/30720] via 10.5.208.129, 02:39:37, FastEthernet1/0.601

D       10.5.0.0/16 [90/30720] via 10.5.208.129, 02:39:37, FastEthernet1/0.601

D EX   10.3.208.128/25

           [170/25628160] via 10.5.208.140, 02:39:37, FastEthernet1/0.601

C       10.5.208.128/25 is directly connected, FastEthernet1/0.601

########################## HVN02 ###########################

HVN02#sh ip bgp vpnv4 all

BGP table version is 4, local router ID is 10.5.255.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

             r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network         Next Hop           Metric LocPrf Weight Path

Route Distinguisher: 65000:1 (default for vrf QWEST_WWW)

*> 0.0.0.0         65.124.198.173           0             0 7600 i

*> 73.144.247.0/24 0.0.0.0                 0         32768 i

HVN02#sh ip route vrf QWEST_WWW

Routing Table: QWEST_WWW

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 65.124.198.173 to network 0.0.0.0

     65.0.0.0/30 is subnetted, 1 subnets

C       65.124.198.172 is directly connected, FastEthernet0/0

     5.0.0.0/16 is subnetted, 2 subnets

D       5.5.0.0 [90/30720] via 10.5.208.129, 02:41:38, FastEthernet1/0.601

O E2   5.0.0.0 [110/1000] via 172.16.1.2, 01:27:29, Tunnel1

     172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Tunnel1

     10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks

O E2   10.3.0.0/16 [110/1000] via 172.16.1.2, 01:27:31, Tunnel1

O E2   10.0.0.0/16 [110/1000] via 172.16.1.2, 01:27:31, Tunnel1

D       10.1.0.0/16 [90/30720] via 10.5.208.129, 02:41:40, FastEthernet1/0.601

D       10.5.0.0/16 [90/30720] via 10.5.208.129, 02:41:40, FastEthernet1/0.601

O E2   10.3.208.128/25 [110/1000] via 172.16.1.2, 05:42:18, Tunnel1

C       10.5.208.128/25 is directly connected, FastEthernet1/0.601

     73.0.0.0/24 is subnetted, 1 subnets

C       73.144.247.0 is directly connected, FastEthernet1/0.602

B*   0.0.0.0/0 [20/0] via 65.124.198.173, 06:31:04

####################### HVN fake_fw ####################

fake_fw_hvn#sh ip eigrp topology

IP-EIGRP Topology Table for AS(1)/ID(10.5.208.129)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

       r - reply Status, s - sia Status

P 5.5.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 5.0.0.0/16, 1 successors, FD is 25628160

       via 10.5.208.140 (25628160/25625600), FastEthernet0/0.601

P 5.5.5.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.5

P 10.3.0.0/16, 1 successors, FD is 25628160

       via 10.5.208.140 (25628160/25625600), FastEthernet0/0.601

P 10.0.0.0/16, 1 successors, FD is 25628160

       via 10.5.208.140 (25628160/25625600), FastEthernet0/0.601

P 10.1.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 10.5.0.0/16, 1 successors, FD is 28160

       via Summary (28160/0), Null0

P 10.5.61.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.99

P 10.1.51.0/24, 1 successors, FD is 28160

       via Connected, FastEthernet1/0.702

P 10.3.208.128/25, 1 successors, FD is 25628160

       via 10.5.208.140 (25628160/25625600), FastEthernet0/0.601, serno 72

P 10.5.208.128/25, 1 successors, FD is 28160

       via Connected, FastEthernet0/0.601

P 172.16.1.0/24, 0 successors, FD is Inaccessible

       via 10.5.208.140 (25628160/25625600), FastEthernet0/0.601, serno 90

fake_fw_hvn#sh ip route

Gateway of last resort is 73.144.247.1 to network 0.0.0.0

     5.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

D       5.5.0.0/16 is a summary, 02:43:31, Null0

C       5.5.5.0/24 is directly connected, FastEthernet1/0.5

D EX   5.0.0.0/16

           [170/25628160] via 10.5.208.140, 00:43:44, FastEthernet0/0.601

     172.16.0.0/24 is subnetted, 1 subnets

S       172.16.1.0 [1/0] via 10.5.208.140

     10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks

D EX   10.3.0.0/16

           [170/25628160] via 10.5.208.140, 00:43:44, FastEthernet0/0.601

D EX   10.0.0.0/16

           [170/25628160] via 10.5.208.140, 00:43:46, FastEthernet0/0.601

D       10.1.0.0/16 is a summary, 02:43:33, Null0

D       10.5.0.0/16 is a summary, 02:43:33, Null0

C       10.5.61.0/24 is directly connected, FastEthernet1/0.99

C       10.1.51.0/24 is directly connected, FastEthernet1/0.702

D EX   10.3.208.128/25

           [170/25628160] via 10.5.208.140, 02:43:33, FastEthernet0/0.601

C       10.5.208.128/25 is directly connected, FastEthernet0/0.601

     73.0.0.0/24 is subnetted, 1 subnets

C       73.144.247.0 is directly connected, FastEthernet0/0.602

S*   0.0.0.0/0 [1/0] via 63.144.247.1

Hall of Fame Super Bronze

Using GRE/IPSEC tunnel as backup to MPLS

Thanks for posting all the information. I see the problem.

Selecting the 10.5.0.0/16 subnet again here is the behavior:

While MPLS is up on R01 is learned via BGP:

*> 10.5.0.0/16     10.247.247.5                 500     0 8600 8600 i

When MPLS is down, R01 learns this subnet via EIGRP from R02. I assumed it was via iBGP but there isn't any BGP between R01 and R02. This is in fact a local originated route

> 10.5.0.0/16     10.3.208.140     25628160         32768 ?

If you want this done correctly, you must implement route tagging during redistribution. When you redistribute from BGP into EIGRP on either site, you must tag the route. You must also do the same during OSPF to EIGRP redistribution.

Now, during EIGRP to BGP or during EIGRP to OSPF, you must deny those routes based on the tag.

R01 should never advertise 10.5.0.0/16 as a local subnet as it belongs to HVN.

Regards,

New Member

Re: Using GRE/IPSEC tunnel as backup to MPLS

Edison,

That did the trick I applied tags on the routes and failback started working just fine.

Thank you so much for you help and patience on this. I am a newbie to routing protocols in general and this was a tall order for my first stab at it.

I will publish the entire solution after I do some cleanup of the configs. That will also give people the chance to see if we have any unnessary or potencially dangerous commands.

Again, thank you!!!

Adding the configs of all the routers except ISP02 (www provider)

Please keep in mind this was all done in GNS3 0.8.4 and we wish to deploy in production after we hit it with a hammer a little longer. If anyone sees something they think is wrong please let me know.

Hall of Fame Super Bronze

Using GRE/IPSEC tunnel as backup to MPLS

Excellent and thanks for the post. One additional ask from me is to mark this thread as resolved.

Best of luck on the real network deployment and don't hesitate to post back if you run into issues.

Regards,

Edison.

1918
Views
5
Helpful
14
Replies
CreatePlease to create content