!! IOS XR Configuration !! Last configuration change at Wed Feb 19 12:00:00 2025 ! hostname R1-IOSXR ! vrf CUSTOMER_A address-family ipv4 unicast import route-target 65000:100 65000:200 ! export route-target 65000:100 ! export route-policy EXPORT_FILTER import route-policy IMPORT_FILTER ! address-family ipv6 unicast ! ! vrf CUSTOMER_B address-family ipv4 unicast import route-target 65000:200 ! export route-target 65000:200 ! ! ! interface Loopback0 description Router ID and Management ipv4 address 10.0.0.1 255.255.255.255 ipv6 address 2001:db8::1/128 ! interface Loopback100 description BGP Update Source ipv4 address 192.168.1.1 255.255.255.255 ! interface GigabitEthernet0/0/0/0 description Core Link to R2 ipv4 address 10.1.1.1 255.255.255.252 no shutdown ! interface GigabitEthernet0/0/0/1 description NSSA Area Link ipv4 address 10.1.2.1 255.255.255.252 no shutdown ! interface GigabitEthernet0/0/0/3 description ISP Uplink ipv4 address 10.100.1.2 255.255.255.252 no shutdown ! interface TenGigE0/0/0/10 description 10G Core Link ipv4 address 10.2.1.1 255.255.255.252 carrier-delay up 0 down 0 load-interval 30 no shutdown ! interface Bundle-Ether10 description Port-channel to Distribution ipv4 address 10.3.1.1 255.255.255.252 bundle minimum-active links 1 no shutdown ! interface TenGigE0/0/0/11 description Bundle member bundle id 10 mode active no shutdown ! interface TenGigE0/0/0/12 description Bundle member bundle id 10 mode active no shutdown ! interface tunnel-ip1 description GRE Tunnel to Branch ipv4 address 172.31.10.1 255.255.255.252 tunnel mode gre ipv4 tunnel source Loopback0 tunnel destination 10.0.0.10 ! interface BVI10 description Bridge Virtual Interface VLAN 10 ipv4 address 192.168.10.1 255.255.255.0 no shutdown ! ! router ospf 1 router-id 10.0.0.1 log adjacency changes detail auto-cost reference-bandwidth 100000 area 0 interface Loopback0 passive enable ! interface Loopback100 passive enable ! interface GigabitEthernet0/0/0/0 cost 10 network point-to-point bfd fast-detect ! interface TenGigE0/0/0/10 cost 5 network point-to-point ! interface Bundle-Ether10 network point-to-point ! interface tunnel-ip1 cost 100 network point-to-point ! ! area 1 nssa no-redistribution no-summary authentication message-digest interface GigabitEthernet0/0/0/1 cost 50 priority 100 message-digest-key 1 md5 encrypted 121A0C041104 ! range 10.1.0.0/16 ! redistribute bgp 65000 route-policy BGP_TO_OSPF metric 100 metric-type 1 redistribute connected route-policy CONNECTED_TO_OSPF default-information originate always metric 10 metric-type 1 route-policy DEFAULT_ROUTE_CHECK max-lsa 12000 ! ! router bgp 65000 bgp router-id 192.168.1.1 bgp graceful-restart bgp bestpath med missing-as-worst bgp bestpath as-path multipath-relax bgp bestpath compare-routerid address-family ipv4 unicast network 10.0.0.0/16 network 192.168.1.0/24 aggregate-address 10.0.0.0/16 summary-only redistribute ospf 1 route-policy OSPF_TO_BGP redistribute connected route-policy CONNECTED_TO_BGP maximum-paths ebgp 8 maximum-paths ibgp 8 ! address-family ipv6 unicast network 2001:db8::/32 ! neighbor-group RR_CLIENTS remote-as 65000 update-source Loopback100 password encrypted 094F471A1A0A address-family ipv4 unicast route-reflector-client next-hop-self send-community-ebgp soft-reconfiguration inbound always ! ! neighbor 192.168.1.2 use neighbor-group RR_CLIENTS description R2-RR-Client ! neighbor 192.168.1.3 use neighbor-group RR_CLIENTS description R3-RR-Client ! neighbor 192.168.1.4 use neighbor-group RR_CLIENTS description R4-RR-Client ! neighbor 10.100.1.1 remote-as 65001 description ISP1-Primary-EBGP ebgp-multihop 2 update-source GigabitEthernet0/0/0/3 password encrypted 110A1016141D timers 10 30 address-family ipv4 unicast route-policy ISP1_IN in route-policy ISP1_OUT out maximum-prefix 500000 85 send-community-ebgp ! ! neighbor 10.100.2.1 remote-as 65002 description ISP2-Backup-EBGP ebgp-multihop 2 address-family ipv4 unicast route-policy ISP2_IN in route-policy ISP2_OUT out ! ! vrf CUSTOMER_A rd 65000:100 address-family ipv4 unicast redistribute connected redistribute static ! neighbor 172.16.1.10 remote-as 65100 description Customer-A-CE-Router address-family ipv4 unicast as-override route-policy CUSTOMER_A_IN in route-policy CUSTOMER_A_OUT out maximum-prefix 10000 ! ! ! ! ! route-policy ISP1_IN if destination in ISP1_PREFIX_IN then set local-preference 250 set med 50 set community (65000:100) additive pass else drop endif end-policy ! route-policy ISP1_OUT if destination in ISP1_PREFIX_OUT then prepend as-path 65000 1 set community (65000:200) set med 100 pass else drop endif end-policy ! route-policy ISP2_IN set local-preference 150 set med 100 set community (65000:101) additive pass end-policy ! route-policy ISP2_OUT if destination in ISP1_PREFIX_OUT then prepend as-path 65000 3 set community (65000:201) pass else drop endif end-policy ! route-policy OSPF_TO_BGP if destination in CONNECTED_LOOPBACKS then set med 500 set origin igp set community (no-export) pass else drop endif end-policy ! route-policy BGP_TO_OSPF set tag 65000 pass end-policy ! route-policy CONNECTED_TO_BGP if destination in CONNECTED_LOOPBACKS then set origin igp set community (65000:300) pass else drop endif end-policy ! route-policy CONNECTED_TO_OSPF if destination in CONNECTED_LOOPBACKS then pass else drop endif end-policy ! route-policy DEFAULT_ROUTE_CHECK pass end-policy ! route-policy IMPORT_FILTER set community (65000:100) additive pass end-policy ! route-policy EXPORT_FILTER set community (65000:200) additive pass end-policy ! route-policy CUSTOMER_A_IN if destination in CUSTOMER_A_ALLOWED then set local-preference 180 set community (65000:400) additive pass else drop endif end-policy ! route-policy CUSTOMER_A_OUT set community (65000:500) pass end-policy ! ! prefix-set ISP1_PREFIX_IN 0.0.0.0/0 end-set ! prefix-set ISP1_PREFIX_OUT 10.0.0.0/16 le 24, 192.168.0.0/16 le 24 end-set ! prefix-set CONNECTED_LOOPBACKS 10.0.0.0/24 le 32, 192.168.1.0/24 le 32 end-set ! prefix-set CUSTOMER_A_ALLOWED 172.16.0.0/16 le 24, 192.168.0.0/16 le 32 end-set ! ! end