vPC Initial Configuration on Nexus 5500

Enable vPC&LACP Globally
feature lacp
feature vpc

Create vPC Domain & Define peer-keepalive address
vpc domain 1
peer-keepalive destination 192.168.0.52
show vpc
sh run int e1/1-3(ensure any mismatch)

Create port-channel for vPC peer link
int e1/1 - 3
channel-group 50 mode active
int po50
switchport mode trunk
vpc peer-link

Notes: port type will change to "Network"

sh run int po 50
show port-channel summary
show vpc
show vpc peer-keepalive

 Verify vPC consistency Parameters
sh vpc consistency-parameters global

Assign Member port
int e1/24
shutdown
channel-group 51 mode on
switchport mode access
switchport access vlan 10
vpc 51
no shut

:Reference INE(Brian)

MPLS L3 VPN

1. The problem with VRFs is that you have to create them everywhere. When our goal is to have connectivity between CE1 and CE3 then we will have to add a VRF on the PE1, P and PE2 router. Also, all the service provider routes will have to participate with routing.

2. We will use MP-BGP between the PE routers so that they can share information from the VRFs without run VRF at P routers.

The PE2 router will learn 192.168.1.0 /24 from the PE1 router but it has no clue to what customer it will belong. There is no way to differentiate if something belongs to customer A or B.

RD (Route Distinguisher)
To fix this issue, we will use a RD (Route Distinguisher). We will add something to the prefix of the customer so that it will become unique: The RD and the prefix combined is what we call a VPNv4 route. We now have a method to differentiate between the different prefixes of our customers.

RT (Route Target)
We use something called a RT (Route Target) to decide in which VRF we import and export VPNv4 routes.

Steps to Configure MPLS L3 VPN

02. MPLS LDP (Label Distribution Protocol)

Performing Neighbor Adjacency

(1) - First we send UDP multicast hello packets to discover other neighbors and used
multicast address 224.0.0.2 using source/destination UDP port 646. Each router has
a unique ID called the LSR (Label Switch Router) ID. This is similar to how most
protocols select an ID.

(2) - Once two routers decide to become neighbors, they build the neighbor adjacency using a TCP connection.

Key Notes:
LDP will only form a single neighbor adjacency, no matter how many interfaces you have in between your routers:

Verify 
show mpls interfaces
show mpls ldp neighbor
mpls label range 100 199 (assign label manually)
show mpls ldp bindings
show mpls forwarding-table
show mpls ldp discovery detail
show mpls ldp parameters
mpls ldp discovery hello interval 20
mpls ldp discovery hello holdtime 60

When you use traceroute on your MPLS devices then you can see the labels that we use. The path that we use here is called the LSP (Label Switched Path).

01. MPLS Labels and Devices

MPLS header is in between the Ethernet and IP header. That’s why we call it a “layer 2.5” protocol.
CE (Customer Edge) = Customer network device
PE (Provider Edge) = LER (Label Edge Router)
P (Provider) = LSR (Label Switch Router) or transit router

There are three actions we can perform with labels:

Label push: when we add a label to a packet, we call it a label push.
Label swap: replacing a label with another value is called a label swap.
Label pop: removing the label is called a label pop. ( penultimate hop popping)

Reference : Network Lessons

Building peer sessions

:A neighbor connection (also referred to as a peer connection) between two routers can be established within the same AS, in which case BGP is called internal BGP (IBGP). Likewise, a peer connection between routers in different ASs is referred to as external BGP (EBGP).

:The neighbor negotiation process is mainly the same for internal and external neighbors as far as building the TCP connection at the transport level. 

:Neighbors can reach one another via some Interior Gateway Protocol (IGP), the BGP session is established, and BGP messages are exchanged.

:Generally, for external BGP sessions, a route through a directly connected interface establishes IP reachability. Indirectly connected external neighbors require extra configuration.

:A BGP session formed between external BGP peers that are not physically connected is  referred  to as multihop EBGP. 

:The current authentication features available in BGP-4 use the message-digest version 5 (MD5) algorithm.

:it is important to maintain a full IBGP mesh within the AS.

:By definition, the default behavior of BGP requires that it must be synchronized with the IGP before BGP may advertise transit routes to external ASs. The consequence of injecting BGP routes inside an IGP is costly. Redistributing routes from BGP into the IGP will result in major overhead on the internal routers, primarily from an IGP scalability perspective, because (as discussed earlier) IGPs are not designed to handle that many routes. That said, by far the most common configuration in Internet-connected networks is to disable BGP synchronization and rely on a full mesh of IBGP routers.

reference :: Internet Routing Architecture

BGP Concepts and attribute

BGP Path Vector Characteristics 
BGP routers exchange network reachability information, called path vectors, made up of path attributes.

Why should BGP use
- AS has multiple connections to other AS.
- AS allows packets to transit through it to reach other AS.
- To manipulate the traffic entering and leaving the AS.

Why should not BGP use
- a single connection to internet or another AS.
- if border router can't handle bgp updates. eg,.lack of memory and cpu power
- don't much familier about route filtering.
In these case, use static or default routes.

BGP Synchronization 
- is disabled by default in Cisco IOS Software Release  12.2(8)T and later.

BGP Table
- keeps it own table for storing BGP information.
- give best path of BGP table to routing table.

BGP Message Types
open, update, notification, keepalive

BGP Message Header
All messages begin with the same 3 field headers.

Path Attribute
- are a set of BGP metrics.
- BGP uses the path attributes to determine the best path to the networks.
Some attributes are mandatory and auto included in update messages while others are manually configurable.
- use to enforce routing policy.

A BGP update message includes a variable-length sequence of path attributes describing the route. Each path attribute is a triple -
1. attribute type
2. attribute length
3. attribute value

Attribute Types
Four different attribute types -
1. well-known Mandatory (AS_PATH, NEXT_HOP, ORIGIN)
2. well-known Discretionary (LOCAL_PREF, ATOMIC_AGGREGATE)
3. Optional Transitive (community)
4. Optional Nontransitive (MED)

Cisco Weight Attribute
- cisco proprietary attribute.
- similar to the local preference.
- locally configured on a router and is not propagated to any other routers.
- use 16 bit (0-65535)
- default is 32768.

BGP Route Selection Process

reference :: cisco networking academy

BGP Terminology

Autonomous System
An AS is a group of routers that share similar routing policies and operate within a single AD. Unique AS number is managed by IANA.
- use 16 bit(1-65535)
- public AS number is 1-64511.
- private AS number is 64512-65535.

Internet Assigned Numbers Authority
- Divided into five RIRs(Regional Internet Registry). AFRINIC, APNIC, ARIN, LACNIC, RIPE NCC.
- assigned unique AS number and IP Address.

BGP
Internet is a collection of AS that are interconnected to allow communication among them. BGP provides the routing between these AS.
- is a path vector protocol.
- use TCP.
- latest version is BGPv4.

Later, I will discuss Comparison of BGP and IGPS.

EBGP - run between routers in different AS.
IBGP - run between routers in the same AS.

EBGP neighbors need to be directly connected.
- need TCP session (three way handshake)
- different AS numbers , AD - 20.
IBGP neighbors must be reachable usually by using an IGP. Loopback IP are used to identify IBGP neighbors.
- must be established TCP session.
- same AS number, AD - 200.

Transit AS
A transit AS is an AS that routes traffic from one external AS to another external AS.
IBGP in a transit AS - fully meshed BGP internetwork and BGP runs on all internal routers                                    and all routers establish IBGP sessions.
IBGP in a Non-transit AS - To avoid routing loop within an AS, BGP specifies that routes                                             learned through IBGP are never propagated to other IBGP                                                 peers.