This configuration is for a cisco 4700 router. First we start out with some standard router stuff:
version 11.3
no service passWord-encryption
!
hostname gotolab.com
!
boot host elab-4700-confg 129.173.1.10
boot system flash
enable secret xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
ip name-server 129.173.1.10
ipv6 unicast-routing
!
BGP statements sort to the top of the config in IPv6. Our only peer is the CA*net2 router. Several route redistribution filters have been applied. We are the source for network 3FFE:B00:1800:0/40, so we insert a "bgp network" statement for it. Since we have only one BGP peer, there is no need to accept the routing table. Filter it out, and we will set a default route later. Likewise make sure we do not insert transit routes by mistake (should never happen with this topology, but make doubly sure) (actually I have not been able to get this to work, so it is commented out).
ipv6 bgp neighbor 3FFE:B00:1802:100::2 remote-as 6509
ipv6 bgp neighbor 3FFE:B00:1802:100::2 route-map Accept_none in
! ipv6 bgp neighbor 3FFE:B00:1802:100::2 route-map Local_only out
ipv6 bgp network 3FFE:B00:1800::0/40 summary
Set the timezone.
clock timezone AST -4
clock summer-time ADT recurring
The ethernet interface is used to connect to a test bench at the moment. It has an IPv4 address for management.
interface Ethernet0
ip address 129.173.2.253 255.255.255.0
ipv6 address 3FFE:B00:1802:2::0/64 eui-64
The physical ATM interface does the signalling, but we will define subinterfaces to carry the actual data. PVC 1 is the standard 0/5 signalling circuit (UNI). PVC 2 is the standard ILMI 0/16 PVC which picks up the NSAP prefix from the local switch among other things.
interface ATM0
no ip address
atm uni-version 3.1
atm pvc 1 0 5 qsaal
atm pvc 2 0 16 ilmi
An ATM subinterface is used to connect to the CA*net2 IPv6 router:
interface ATM0.1 point-to-point
description CA*net2 IPv6 link
atm pvc 3 0 100 aal5snap
ipv6 enable
ipv6 address 3FFE:B00:1802:100::3/127
Turn on BGP. This is an IPv4 statement, but is necessary to start BGP and to define our AS.
router bgp 8111
More standard router configs, including a static default for IPv4 since we do not run any IPv4 routing protocols.
ip classless
ip route 0.0.0.0 0.0.0.0 129.173.2.1
logging trap debugging
logging 129.173.1.10
Here are some useful BGP filters: 1) permit all, 2) deny all, 3) permit only local routes.
ip as-path Access-list 1 permit .*
ip as-path access-list 2 deny .*
ip as-path access-list 3 permit ^$
ip as-path access-list 3 deny .*
Define an IPv6 static default route since we do not accept any BGP routes.
ipv6 route 0::0/0 3FFE:B00:1802:100::2
Set up the BGP filters. We define route maps which make use of the as-path access-lists to deny all incoming, and to send only local routes. The route maps were used earlier in the ipv6 bgp statements.
route-map Accept_none permit 10
match as-path 2
!
route-map Local_only permit 10
match as-path 3
And, to finsh things off, yet more standard router stuff.
snmp-server community public RO
!
line con 0
line aux 0
line vty 0 4
session-timeout 60
exec-timeout 60 0
password xxxxx
login
!
ntp server 129.173.2.1
end
