1. When influencing route AD in BGP, the syntax is:
distance NUMBER "NEXT-HOP OF THE ROUTE(subnet+wildcard)" ROUTE-MAP (that matches routes to be modified)
2. BGP backdoor command is used to increase the AD of the recieved eBGP route (the easiest way to do it). Even though network statement is used, it doesn't advertise anything. Only changes AD of recieved route locally.
network x.x.x.x mask y.y.y.y backdoor
3. To filter BGP network with extended ACL, use source field as prefix, wildcard to match different prefixes and destination HOST as prefix mask.
4. To create tunnel in vrf default that will use source interface in diff. vrf, "tun vrf NAME" command must be used.
5. NHRP mappings do not start working without specifying NETWORK-ID
6. When configuring tunnel protection, the steps are:
- isakmp policy
- isakmp key
- ipsec transform set
- ipsec profile
- tunnel protection ipsec profile
7. ipv6 EIGRP is enabled via "ipv6 router eigrp AS"
8. Redistribution is done under address-family in ospfv3
9. If filtering has to be done with route-maps in EIGRP, it is possible to match a source-protocol. For example, It means that if connected route was redistributed to EIGRP, we can match it as "source-protocol connected" on any other router (dist-list X in).
10. Sham-links must be used in MPLS VPN environment when backdoor exists between customer sites that should be used as backup only. Sham-links allows two PE routers to form an OSPF adjacency that makes it possible to exchange LSA directly so routes between sites are seen as intra-area routes. Otherwise backdoor is always preferred regardless of the cost because OSPF always prefers intra-area in favor of inter-area routes.
Important to note here is that sham-link must be created between loopback IP's that are redistributed to MP-BGP customer VRF. Adjacency will not be formed if loopbacks are advertised to OSPF because in this case recursive routing lookup might occur.
Not sure what IOS exactly checks before bringing sham-link UP, but it seems that next hop for the sham-link destination IP must be learned from BGP (show ip route vrf VPN on PE must show BGP learned route). If loopback is redistributed to OSPF only and next hop for sham-link destination is learned via OSPF then link doesn't come up.
11. In order for BGP Synchronization to work, iBGP route must not only be known via IGP but, in case of OSPF, RID of iBGP peer must match OSPF RID of the router that advertises this prefix.
