NAT is a confusing technology. Many people have difficulties understanding it. Myself included. This causes problems during configuration and troubleshooting. This post is for me to put everything in order and help myself understand NAT. Terminology When using NAT you work with several terms: Inside Local Inside Global Outside Local Outside Global Inside Local The inside local address is an address on the inside of your network. Most of the time these are RFC1918 addresses and are not routable on the internet.

BGP route reflector challenge answer

This will be a short post. This post is just to supply a somewhat detailed answer to a tweet I sent out earlier this evening. When you have 3 iBGP routers. One of them is a route reflector. The other two are clients. If the cluster-id of the route reflector is the same as the router-id of one of the clients. What will happen when the client receives an update from the route reflector?

BGP peer group vs. BGP templates

Most people who have done a little more than basic BGP configuration have encountered BGP peer groups. These groups help you manage larger configurations, or at least that is what you’ve been told. BGP peer groups are not designed to manage large BGP configurations. That’s what BGP templates are for. But if that’s the case what are the peer groups used for? And what’s the difference between the two? This post will answer exactly those questions.

OSPF / BGP path selection challenge

Today I’ve created a nice path selection challenge for everybody. Let’s start with the topology: IP addressing is simple. The subnets used are 10.0.xx.y/24 where xx are the numbers of the two routers on the link (lowest router first). Y is the router number. The situation is as follows: R2 has an eBGP peering with R1. It receives tge default route from R1. R2 advertises this default route to R3 R2 and R3 also form an OSPF network with area 0 R2 forms an OSPF NSSA area 50 with R4 R2 redistributes the connected route to R1 into OSPF R3 forms an OSPF NSSA area 50 with R5 R4 redistributes OSPF NSSA 50 into BGP (including NSSA external routes) R5 redistributes (i)BGP routes into OSPF So the questions are:

IPSec for DMVPN with Front Door VRFs

When you look at the blueprint for the CCIE lab exam you’ll notice a lot of separate items. These often appear as disparate things. When you study them you think you understand them and are able to apply them during a test. However, they don’t test your ability to configure separate technologies in isolated environments. They will test whether you understand the technologies and are able to combine them to make a solution work.

BGP Conditional Advertisements

One of the seemingly complicated things to do in BGP is conditional advertisements. This can be used to apply policy to routes and only advertise specific routes when you (don’t) have another route. For example, you only advertise a default route when you have specific routes from a peer. Another example is when you’re connected to two ISPs, but you prefer data to traverse just one of the two links. Maybe because one link is more expensive than the other or less reliable.