cisco router
Pim van Pelt
pim@wise-guys.nl
Fri, 22 Dec 2000 19:12:54 +0100 (CET)
Johan,
Below is (a large part of) my Cisco IOS 12.0 configuration set for
a Cisco 3640 in Amsterdam.
> I read there are several people working with Cisco 2500 series routers.
> Can any of you give me a sample of a "show running config" I can't seem to
> get my tunnel up and running.
It configures an interface of type Tunnel.
It configures an interface of type FastEthernet.
It configures a dot1q (vlan compatible with NON-Cisco) subinterface
It sets up a BGP router subsystem under AS8954.
It peers full transit with some native IPv6 people at AMS-IX (hi folks :)
It then has (this is very important) some prefix-list to make sure the
router does not relay bogus routes (larger than prefixlen 35).
It then breaks this rule horribly by allowing to propagate several /48s
that were delegated to me (seq 1,2,3)
It routes statically some /64 over Tunnel1 we created.
It does other misc stuff which you might or might not be interested in.
Kind regards, Good luck.
Pim van Pelt / Intouch
version 12.0
service timestamps debug uptime
service timestamps log uptime
!
hostname router-nikhef
!
!
ipv6 unicast-routing
!
interface Tunnel1
description WiseGuys Tilburg
no ip address
no ip directed-broadcast
ipv6 enable
ipv6 address 3FFE:8110:1000::2/127
tunnel source FastEthernet0/0
tunnel destination 192.87.170.242
tunnel mode ipv6ip
!
interface FastEthernet0/0
description Fiber-Intouch IPv4 IPv6
ip address 212.19.192.218 255.255.255.224
no ip redirects
no ip directed-broadcast
no ip route-cache
no ip mroute-cache
full-duplex
ipv6 enable
ipv6 address 3FFE:3001:6::1/64
ipv6 address 2001:658:205::1/64
ipv6 address 3FFE:8110::1/64
!
interface FastEthernet0/0.501
description Native IPv6 to WideXS
encapsulation dot1Q 501
no ip directed-broadcast
no ip route-cache
no ip mroute-cache
ipv6 enable
ipv6 address 2001:658:200::1/64
!
interface FastEthernet1/0
description UTP-Sara IPv6
no ip address
no ip redirects
no ip directed-broadcast
speed 10
full-duplex
ipv6 enable
ipv6 address 3FFE:3000::A500:8954:1/64
no cdp enable
!
router bgp 8954
no synchronization
no bgp default ipv4-unicast
neighbor AMS-IX-TRANSIT peer-group
neighbor PEERING-ONLY peer-group
[snip]
neighbor 3FFE:3000::A500:1103:1 remote-as 1103
neighbor 3FFE:3000::A500:1103:1 description SURFnet
neighbor 3FFE:3000::A500:1200:1 remote-as 1200
neighbor 3FFE:3000::A500:1200:1 description ams/ix
neighbor 3FFE:3000::A500:1890:1 remote-as 1890
neighbor 3FFE:3000::A500:1890:1 description UUNet
neighbor 3FFE:3000::A500:3333:1 remote-as 3333
neighbor 3FFE:3000::A500:3333:1 description RIPE
neighbor 3FFE:3000::A500:5623:1 remote-as 5623
neighbor 3FFE:3000::A500:5623:1 description AT&T
neighbor 3FFE:3000::A500:8251:1 remote-as 8251
neighbor 3FFE:3000::A500:8251:1 description Cistron
!
address-family ipv6
neighbor AMS-IX-TRANSIT activate
neighbor AMS-IX-TRANSIT next-hop-self
neighbor AMS-IX-TRANSIT soft-reconfiguration inbound
neighbor AMS-IX-TRANSIT prefix-list 6bone-out out
neighbor AMS-IX-TRANSIT route-map 6bone-out out
neighbor PEERING-ONLY activate
neighbor PEERING-ONLY next-hop-self
neighbor PEERING-ONLY soft-reconfiguration inbound
neighbor PEERING-ONLY filter-list 2 out
neighbor 3FFE:3000::A500:1103:1 peer-group AMS-IX-TRANSIT
neighbor 3FFE:3000::A500:1200:1 peer-group AMS-IX-TRANSIT
neighbor 3FFE:3000::A500:1890:1 peer-group AMS-IX-TRANSIT
neighbor 3FFE:3000::A500:3333:1 peer-group AMS-IX-TRANSIT
neighbor 3FFE:3000::A500:5623:1 peer-group AMS-IX-TRANSIT
neighbor 3FFE:3000::A500:8251:1 peer-group AMS-IX-TRANSIT
network 2001:658:200::/48
network 2001:658:205::/48
network 3FFE:3001:6::/48
network 3FFE:8110::/28
exit-address-family
!
ip default-gateway 212.19.192.217
ip classless
ip route 0.0.0.0 0.0.0.0 212.19.192.217
no ip http server
ip http access-class 1
ip as-path access-list 2 permit ^$
!
!
ip prefix-list 6bone-out seq 1 permit 3FFE:3001:6::/48
ip prefix-list 6bone-out seq 2 permit 2001:658:205::/48
ip prefix-list 6bone-out seq 3 permit 2001:658:200::/48
ip prefix-list 6bone-out seq 5 permit 3FFE::/17 le 24
ip prefix-list 6bone-out seq 10 permit 3FFE:8000::/17 le 28
ip prefix-list 6bone-out seq 15 permit 2001::/16 le 35
ip prefix-list 6bone-out seq 17 deny 2002::/16 ge 17
ip prefix-list 6bone-out seq 18 permit 2002::/16 le 17
ip prefix-list 6bone-out seq 20 deny ::/0
ip prefix-list 6bone-out seq 25 deny ::/0 le 128
!
ipv6 auto-tunnel
ipv6 route 3FFE:3001:6:1001::/64 Tunnel1
ipv6 route 3FFE:3001:6::/48 Null0
ipv6 route 3FFE:8110::/28 Null0
!
ipv6 access-list 6bone-in permit 3FFE::/16 *
ipv6 access-list 6bone-in permit 2001::/16 *
ipv6 access-list 6bone-in permit 2002::/16 *
ipv6 access-list 6bone-in permit 2010::/16 *
ipv6 access-list 6bone-in deny any
!
ipv6 access-list telnet permit 3FFE:3001:6::/64 *
ipv6 access-list telnet permit 3FFE:3001:205::/64 *
ipv6 access-list telnet deny any
!
ipv6 access-list 6bone-out permit 3FFE:3001:6::/48
ipv6 access-list 6bone-out deny 3FFE:3001:6::/48 *
ipv6 access-list 6bone-out permit 2001:658:200::/48
ipv6 access-list 6bone-out deny 2001:658:200::/48 *
ipv6 access-list 6bone-out permit 2001:658:205::/48
ipv6 access-list 6bone-out deny 2001:658:205::/48 *
ipv6 access-list 6bone-out permit 3FFE::/16 *
ipv6 access-list 6bone-out permit 2001::/16 *
ipv6 access-list 6bone-out permit 2002::/16 *
ipv6 access-list 6bone-out permit 2010::/16 *
route-map 6bone-in permit 10
match ipv6 address 6bone-in
!
route-map 6bone-out permit 10
match ipv6 address 6bone-out
!
banner motd �
Welcome to the Intouch IPv6 router at the AMS-IX.
�
!
ntp clock-period 17179673
ntp server 194.109.86.132
end
--
---------- - - - - -+- - - - - ----------
Pim van Pelt Email: pvanpelt@wise-guys.nl
http://www.wise-guys.nl/ GSM: +31629064049
-----------------------------------------------