POE1#sh ip route Default gateway is 25.60.16.250 ************************************************************ ISP2#sh ip route static Gateway of last resort is 25.60.16.251 to network 0.0.0.0 ISP2#sh run Building configuration... Current configuration : 8342 bytes ! hostname ISP2 ! boot-start-marker boot-end-marker ! ! vrf definition Mgmt-intf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family aaa authentication login default group tacacs+ local aaa authentication enable default group tacacs+ none aaa authorization exec default group tacacs+ local aaa authorization commands 15 default group tacacs+ none aaa accounting exec default action-type start-stop group tacacs+ ! track 1 interface GigabitEthernet0/0/1 line-protocol ! interface Loopback1 ip address 10.60.198.11 255.255.255.255 ! interface GigabitEthernet0/0/0 description *** LAN *** no ip address negotiation auto ! interface GigabitEthernet0/0/0.2 description DATA VLAN encapsulation dot1Q 2 ip address 25.60.16.252 255.255.255.0 ip helper-address 10.60.31.220 ip helper-address 10.60.47.221 standby 2 ip 25.60.16.250 standby 2 priority 95 standby 2 preempt standby 2 track 1 decrement 10 no cdp enable ! interface GigabitEthernet0/0/1 description no ip address negotiation auto ! interface GigabitEthernet0/0/1.801 description encapsulation dot1Q 801 ip address 193.120.177.7 255.255.255.254 no cdp enable ! interface GigabitEthernet0/0/2 no ip address shutdown negotiation auto ! interface Service-Engine0/1/0 ! interface Serial0/1/0:15 no ip address encapsulation hdlc isdn switch-type primary-net5 no cdp enable ! interface Serial0/1/1:15 no ip address encapsulation hdlc isdn switch-type primary-net5 no cdp enable ! interface Service-Engine0/4/0 ! interface GigabitEthernet0 vrf forwarding Mgmt-intf no ip address shutdown negotiation auto ! router bgp 65500 bgp router-id 10.60.198.11 bgp log-neighbor-changes network 10.60.198.11 mask 255.255.255.255 network 25.60.16.0 mask 255.255.255.0 redistribute connected redistribute static neighbor 25.60.16.251 remote-as 65500 neighbor 25.60.16.251 next-hop-self neighbor 25.60.16.251 soft-reconfiguration inbound neighbor 193.120.177.6 remote-as 3286 neighbor 193.120.177.6 soft-reconfiguration inbound neighbor 193.120.177.6 route-map LocalPref-Secondary in neighbor 193.120.177.6 route-map MED-Secondary out ! ip forward-protocol nd no ip http server no ip http secure-server ip tacacs source-interface GigabitEthernet0/0/0.2 ! ip as-path access-list 5 permit ^$ ! ! ip prefix-list LOCAL_PREFIXES seq 5 permit 10.60.197.11/32 ip prefix-list LOCAL_PREFIXES seq 10 permit 10.60.198.11/32 ip prefix-list LOCAL_PREFIXES seq 15 permit 193.120.65.176/30 ip prefix-list LOCAL_PREFIXES seq 20 permit 25.60.16.0/24 ! ip prefix-list LOOPBACK seq 5 permit 10.60.198.11/32 logging facility local6 ! route-map LocalPref-Secondary deny 5 match ip address prefix-list LOCAL_PREFIXES ! route-map LocalPref-Secondary permit 10 set local-preference 150 ! route-map MED-Secondary permit 5 match ip address prefix-list LOOPBACK set metric 1 ! route-map MED-Secondary permit 10 match as-path 5 set metric 5 ! route-map MED-Secondary deny 999 ! ! control-plane ! ! gateway timer receive-rtp 1200 ^C ! line con 0 stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 30 0 transport input all line vty 5 exec-timeout 30 0 transport input all line vty 6 15 exec-timeout 30 0 transport input ssh ************************************************************ ISP1#sh ip route static Gateway of last resort is 83.70.12.53 to network 0.0.0.0 ISP1#sh run Building configuration... aaa authentication login default group tacacs+ local aaa authentication enable default group tacacs+ none aaa authorization exec default group tacacs+ local aaa authorization commands 15 default group tacacs+ none aaa accounting exec default start-stop group tacacs+ ! ! track 1 interface GigabitEthernet0/1 line-protocol ! policy-map 1.0 class UDP police 8000 conform-action transmit exceed-action drop ! interface Loopback1 ip address 10.60.197.11 255.255.255.255 ! interface GigabitEthernet0/0 description no ip address duplex auto speed auto no keepalive ! interface GigabitEthernet0/0.1 ! interface GigabitEthernet0/0.2 description DATA VLAN encapsulation dot1Q 2 ip address 25.60.16.251 255.255.255.0 ip helper-address 10.60.31.220 ip helper-address 10.60.47.221 standby 2 ip 25.60.16.250 standby 2 priority 110 standby 2 preempt standby 2 track 1 decrement 20 ! interface GigabitEthernet0/0.31 ! interface GigabitEthernet0/1 description Circuit no ip address duplex full speed 100 service-policy output 10mbs-shaped ! interface GigabitEthernet0/1.10 encapsulation dot1Q 10 ip address 83.70.12.54 255.255.255.252 ! interface Serial0/1/0 no ip address shutdown no fair-queue ! router bgp 65500 bgp router-id 10.60.197.11 bgp log-neighbor-changes network 10.60.197.11 mask 255.255.255.255 redistribute connected redistribute static neighbor 25.60.16.252 remote-as 65500 neighbor 25.60.16.252 next-hop-self neighbor 25.60.16.252 soft-reconfiguration inbound neighbor 83.70.12.53 remote-as 5466 neighbor 83.70.12.53 soft-reconfiguration inbound neighbor 83.70.12.53 route-map LocalPref-Primary in neighbor 83.70.12.53 route-map MED-Primary out ! ip as-path access-list 5 permit ^$ ! ! ip access-list standard ROUTES-IN permit 0.0.0.0 permit 25.0.0.0 0.255.255.255 permit 10.0.0.0 0.255.255.255 ! ip access-list extended UDP-DOS permit udp any any eq 18999 ! ! ip prefix-list LOCAL_PREFIXES seq 5 permit 10.60.197.11/32 ip prefix-list LOCAL_PREFIXES seq 10 permit 10.60.198.11/32 ip prefix-list LOCAL_PREFIXES seq 15 permit 83.70.12.52/30 ip prefix-list LOCAL_PREFIXES seq 20 permit 25.60.16.0/24 ! ip prefix-list LOOPBACK seq 5 permit 10.60.197.11/32 no logging trap access-list 123 permit ip any host 25.60.35.13 access-list 123 permit ip host 25.60.35.13 any ! ! ! ! route-map LocalPref-Primary deny 5 match ip address prefix-list LOCAL_PREFIXES ! route-map LocalPref-Primary permit 10 set local-preference 150 ! route-map LessFavourable permit 10 set metric 10 set local-preference 0 ! route-map MED-Primary permit 5 match ip address prefix-list LOOPBACK set metric 1 ! route-map MED-Primary permit 10 match as-path 5 set metric 5 ! route-map MED-Primary deny 999 ^C ! line con 0 line aux 0 line vty 0 4 exec-timeout 30 0 transport input ssh line vty 5 15 exec-timeout 30 0 transport input ssh