http://soundcloud.com/user105886481

Enjoy some real Kenyan Swahili hip-hop from the source just click on the link above and you have it

France Telecom closes door on Treasury

A man walks past an Orange Telkom shop in Nairobi’s CBD. FILE 

By MARK OKUTTAH

Posted  Monday, July 15  2013 at  20:20

In Summary

• The French multinational on Monday said it will not extend the June deadline for the government to inject Sh2.4 billion into Telkom Kenya.
• The Treasury failed to allocate the cash, part of the operator’s Sh10 billion rights issue, by the set deadline.

SHARE THIS STORY

0
inShare

France Telecom has closed the door on fresh negotiations with the Treasury that would raise the government’s stake in Telkom Kenya above 30 per cent.

The French multinational on Monday said it will not extend the June deadline for the government to inject Sh2.4 billion into Telkom Kenya, that would have raised Treasury’s stake to 40 per cent.

The Treasury failed to allocate the cash, part of the operator’s Sh10 billion rights issue, by the set deadline.

Economic secretary Geoffrey Mwau last month said Cabinet will consider the rights issue and make a final decision, but France Telecom is not keen on talks over the cash call.

“I confirm to you that there will be no negotiations. The capital structure will remain unchanged at 70:30,” Olivier Emberger, a press officer at France Telecom told the Business Daily in an e-mail.

The new structure gives the French firm bigger influence in the board and executive suite of the cash-strapped telco, as well as a bigger share of the prime land, buildings and telecommunication equipment that Telkom Kenya owns.

(Read: Treasury drags its feet on raising Telkom stake)

The government’s stake in Telkom Kenya stood at 49 per cent in November, but dropped to 40 per cent in December following a Sh34 billion balance sheet restructuring plan.

This further dropped to 30 per cent in June after the Treasury failed to raise Sh2.4 billion for the cash call.

France telecom provided its share of Sh5.1 billion in the rights issue called to address Telkom Kenya’s financial difficulties. The government offered Sh2.5 billion.

Treasury had tied the release of the cash to improved performance of the loss-making Telkom Kenya and the condition of the national Budget.

France Telecom is eyeing additional seats on the board of Telkom Kenya. It current has five seats while the Kenya government has four.

“The dilution of Treasury’s stake means that the government will have less clout in the management of the loss-making company,” Standard Investment Bank said in an earlier brief to their clients.

Reduced voting rights and smaller board representation at Telkom is expected to make it difficult for the Kenya government to push its agenda.

Advertisement

kenyan hiphop reloaded : listen and be the judge

http://wilfrednamamba.blogspot.com/2013/07/former-prime-minister-raila-odingas-aid.html

Former prime minister Raila Odinga's Aid summoned to the CID

CID summons former Raila aide Eliud Owalo

  Share Bookmark Print Rating

Former Prime Minister Raila Odinga’s aide Eliud Owalo has been summoned to the Criminal Investigations Department (CID) over allegations of a plot to destabilise the government July 16, 2013. FILE 

By ISAAC ONGIRI iongiri@ke.nationmedia.com
Posted  Tuesday, July 16   2013 at  11:48

SHARE THIS STORY

0
inShare

Former Prime Minister Raila Odinga’s aide Eliud Owalo has been summoned to the Criminal Investigations Department (CID) over allegations of a plot to destabilise the government.

Mr Owalo told the Nation he will honour the summons but raised fears the Jubilee government has hatched a plan to silence government critics.

"I am surprised about this. It is true I have been summoned to appear before the CID. I will do that today (Tuesday) at 4pm," he said.

Mr Owalo was the head of the Raila Odinga Presidential Secretariat in the run-up to the March 4 General Election.

He is still coordinating Mr Odinga’s activities including organising his local and international events.

“I am deeply perturbed to have received a call from one Mr Cheruiyot this morning summoning me to CID headquarters to “clarify certain issues”.I informed him that my lawyer, James James Orengo will get in touch with him to arrange an appropriate time for the same,” he stated.

It is unclear what the CID are investigating but sources indicated that Mr Owalo would be questioned on certain intelligence informational made available to the police.

Wangui Gitonga is miss world kenya 2013

After weeks of preparing for the beauty pageant which included a lot of pageant competition training and primping classes, 10 beautiful hopeful contestants gave their final best shot last Friday for a chance to be crowned the most beautiful girl in Kenya and 23 year old Wangui Gitonga, a Linguistics student at German school emerged the winner.

Wangui who describes herself as humble and resilient could not believe the coveted crown was all hers and she couldn’t help but shed tears of joy. She explains that with  her discipline and her newly acquired title she will  try and help change lives for young boys and girls who are facing sexual exploitation across the country. Besides the beautiful crown, which she took over from the outgoing Miss World Kenya 2012 Shamim Nabil , Ms Wangui took home a check worth Ksh1 Million.

Shamim Nabil. Miss World Kenya 2012

The 1st Runner-up was 21 year old Leah Tesfamariam, a first year International Relations student at Maseno University who took home a cash prize of Ksh100, 000 and the 2nd runner-up prize went to 21 year old Sophia Umwiza a student at Mass Communication Multimedia University who took home a cash prize of ksh50, 000.


The other contestants were Ubah Musa, Tabitha Maina, Yvonne Amondi, Purity Michael, Paynette Nyawara, Janet Tianda and Alice Mutiso. Ubah Musa was crowned Miss Congeniality.

Ubah Musa crowned Miss Congeniality

The Miss World criteria for choosing the fairest among all requires that aside from being at least 5’7 tall and slight in weight, a beauty queen should have flawless skin and a near perfect dental formula. It would seem Wangui has what it takes according to the Miss World Kenya beauty pageant judges. Wangui will represent Kenya in the 2013 Miss World competition to be held in Indonesia in September

basic configuration of MPLS VPN

Introduction

This document provides a sample configuration of a Multiprotocol Label Switching (MPLS) VPN when Border Gateway Protocol (BGP) or Routing Information Protocol (RIP) is present on the customer's site.
When used with MPLS, the VPN feature allows several sites to interconnect transparently through a service provider's network. One service provider network can support several different IP VPNs. Each of these appears to its users as a private network, separate from all other networks. Within a VPN, each site can send IP packets to any other site in the same VPN.
Each VPN is associated with one or more VPN routing or forwarding instances (VRFs). A VRF consists of an IP routing table, a derived Cisco express forwarding (CEF) table, and a set of interfaces that use this forwarding table.
The router maintains a separate routing and CEF table for each VRF. This prevents information being sent outside the VPN and allows the same subnet to be used in several VPNs without causing duplicate IP address problems.
The router using Multiprotocol BGP (MP-BGP) distributes the VPN routing information using the MP-BGP extended communities.
For more information about the propagation of updates through a VPN, refer to these documents:

• VPN Route Target Communities
  
• BGP Distribution of VPN Routing Information
  
• MPLS Forwarding
  

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

The information in this document is based on these software and hardware versions:
P and PE Routers

• Cisco IOS® Software Release 12.2(6h) includes the MPLS VPN feature.
  
• Any Cisco router from the 7200 series or higher supports P functionality. The Cisco 2691, as well as any 3640 series or higher router supports PE functionality.
  

C and CE Routers

• You can use any router that can exchange routing information with its PE router.
  

The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.

Related Products

To implement the MPLS feature, you must have a router from the range of Cisco 2600 or higher. To select the required Cisco IOS with MPLS feature, use the Software Advisor (registered customers only) . Also check for the additional RAM and Flash memory required to run the MPLS feature in the routers. WIC-1T, WIC-2T, and serial interfaces can be used.

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.
The letters below represent the different types of routers and switches used.

• P—Provider's core router.
  
• PE—Provider's edge router.
  
• CE—Customer's edge router.
  
• C—Customer's router.
  

This diagram shows a typical configuration illustrating the conventions outlined above.

Configure

In this section, you are presented with the information to configure the features described in this document.
Note: Use the Command Lookup Tool (registered customers only) to find more information on the commands used in this document.

Network Diagram

This document uses this network setup:

Configuration Procedures

Refer to MPLS Virtual Private Networks for more information.

Enabling ip cef

Use this procedure in order to enable ip cef . For improved performance, use ip cef distributed (where available). Complete these steps on the PEs after MPLS has been set up (configuring tag-switching ip on the interfaces).

1. Create one VRF for each VPN connected using the ip vrf <VPN routing/forwarding instance name> command.
   When doing this:
   
   • Specify the correct route distinguisher used for that VPN. This is used to extend the IP address so that you can identify which VPN it belongs to.
     

     
     rd <VPN route distinguisher>
     
     

   • Set up the import and export properties for the MP-BGP extended communities. These are used for filtering the import and export process.
     

     
     route-target [export|import|both] <target VPN extended community>
     
     

2. Configure the forwarding details for the respective interfaces using the ip vrf forwarding <VPN routing/forwarding instance name> command and remember to set up the IP address after doing this.
   
3. Depending on the PE-CE routing protocol you are using, you can configure static routes or routing protocols (RIP, Open Shortest Path First [OSPF], or BGP) between PE and CE. Detailed configurations are available on the MPLS over ATM Support page.
   

Configuring MP-BGP

Configure MP-BGP between the PE routers. There are several ways to configure BGP, such as using the route reflector or confederation methods. The method used here—direct neighbor configuration—is the simplest and the least scalable.

1. Declare the different neighbors.
   
2. Enter the address-family ipv4 vrf <VPN routing/forwarding instance name> command for each VPN present at this PE router.
   Carry out one or more of the following steps, as necessary:
   
   • Redistribute the static routing, RIP, or OSPF information.
     
   • Redistribute connected routing information.
     
   • Activate BGP neighboring with the CE routers.
     
3. Enter the address-family vpnv4 mode, and complete the following steps:
   
   • Activate the neighbors.
     
   • Specify that extended community must be used. This is mandatory.
     

Configurations

This document uses these configurations:

• Pescara
  
• Pesaro
  
• Pomerol
  
• Pulligny
  
• Pauillac
  

Pescara

Current configuration: ! version 12.2 ! hostname Pescara ! ip cef ! !--- Customer A commands. ip vrf Customer_A !--- Enables the VPN routing and forwarding (VRF) routing table. !--- This command can be used in global or !--- router configuration mode. rd 100:110 !--- Route distinguisher creates routing and forwarding !--- tables for a VRF. route-target export 100:1000 !--- Creates lists of import and export route-target extended !--- communities for the specified VRF. route-target import 100:1000 ! !--- Customer B commands. ip vrf Customer_B rd 100:120 route-target export 100:2000 route-target import 100:2000 ! interface Loopback0 ip address 10.10.10.4 255.255.255.255 ip router isis !--- Customer A commands. interface Loopback101 ip vrf forwarding Customer_A !--- Associates a VRF instance with an interface or subinterface. ip address 200.0.4.1 255.255.255.0 !--- Loopback101 and 102 use the same IP address, 200.0.4.1. !--- This is allowed because they belong to two !--- different customers' VRFs. no ip directed-broadcast ! !--- Customer B commands. interface Loopback102 ip vrf forwarding Customer_B ip address 200.0.4.1 255.255.255.0 !--- Loopback101 and 102 use the same IP address, 200.0.4.1. !--- This is allowed because they belong to two !--- different customers' VRFs. no ip directed-broadcast ! interface Serial2/0 no ip address no ip directed-broadcast encapsulation frame-relay no fair-queue ! interface Serial2/0.1 point-to-point description link to Pauillac bandwidth 512 ip address 10.1.1.14 255.255.255.252 no ip directed-broadcast ip router isis tag-switching ip frame-relay interface-dlci 401 ! router isis net 49.0001.0000.0000.0004.00 is-type level-1 ! router bgp 100 bgp log-neighbor-changes !--- Enables logging of BGP neighbor resets. neighbor 10.10.10.6 remote-as 100 !--- Adds an entry to the BGP or multiprotocol BGP neighbor table. neighbor 10.10.10.6 update-source Loopback0 !--- Enables BGP sessions to use a specific operational !--- interface for TCP connections. ! !--- Customer A and B commands. address-family vpnv4 !--- To enter address family configuration mode !--- for configuring routing sessions, such as BGP, !--- that use standard VPN version 4 address prefixes. neighbor 10.10.10.6 activate neighbor 10.10.10.6 send-community both !--- Sends the community attribute to a BGP neighbor. exit-address-family ! !--- Customer B commands. address-family ipv4 vrf Customer_B !--- To enter address family configuration mode !--- for configuring routing sessions, such as BGP, !--- that use standard VPN version 4 address prefixes. redistribute connected no auto-summary no synchronization exit-address-family ! !--- Customer A commands. address-family ipv4 vrf Customer_A redistribute connected no auto-summary no synchronization exit-address-family ! ip classless ! end

Pesaro

Current configuration: ! version 12.1 ! hostname Pesaro ! !--- Customer A commands. ip vrf Customer_A rd 100:110 route-target export 100:1000 route-target import 100:1000 ! !--- Customer B commands. ip vrf Customer_B rd 100:120 route-target export 100:2000 route-target import 100:2000 ! ip cef ! interface Loopback0 ip address 10.10.10.6 255.255.255.255 ip router isis !--- Customer A commands. interface Loopback101 ip vrf forwarding Customer_A ip address 200.0.6.1 255.255.255.0 ! !--- Customer B commands. interface Loopback102 ip vrf forwarding Customer_B ip address 200.0.6.1 255.255.255.0 ! !--- Customer A commands. interface Loopback111 ip vrf forwarding Customer_A ip address 200.1.6.1 255.255.255.0 ! interface Serial0/0 no ip address encapsulation frame-relay no ip mroute-cache random-detect ! interface Serial0/0.1 point-to-point description link to Pomerol bandwidth 512 ip address 10.1.1.22 255.255.255.252 ip router isis tag-switching ip frame-relay interface-dlci 603 ! router isis net 49.0001.0000.0000.0006.00 is-type level-1 ! router bgp 100 neighbor 10.10.10.4 remote-as 100 neighbor 10.10.10.4 update-source Loopback0 ! !--- Customer B commands. address-family ipv4 vrf Customer_B redistribute connected no auto-summary no synchronization exit-address-family ! !--- Customer A commands. address-family ipv4 vrf Customer_A redistribute connected no auto-summary no synchronization exit-address-family ! !--- Customer A and B commands. address-family vpnv4 neighbor 10.10.10.4 activate neighbor 10.10.10.4 send-community both exit-address-family ! ip classless ! end

Pomerol

Current configuration: ! version 12.0 ! hostname Pomerol ! ip cef ! interface Loopback0 ip address 10.10.10.3 255.255.255.255 ip router isis ! interface Serial0/1 no ip address no ip directed-broadcast encapsulation frame-relay random-detect ! interface Serial0/1.1 point-to-point description link to Pauillac ip address 10.1.1.6 255.255.255.252 no ip directed-broadcast ip router isis tag-switching mtu 1520 tag-switching ip frame-relay interface-dlci 301 ! interface Serial0/1.2 point-to-point description link to Pulligny ip address 10.1.1.9 255.255.255.252 no ip directed-broadcast ip router isis tag-switching ip frame-relay interface-dlci 303 ! interface Serial0/1.3 point-to-point description link to Pesaro ip address 10.1.1.21 255.255.255.252 no ip directed-broadcast ip router isis tag-switching ip frame-relay interface-dlci 306 ! router isis net 49.0001.0000.0000.0003.00 is-type level-1 ! ip classless ! end

Pulligny

Current configuration: ! version 12.1 ! hostname Pulligny ! ! ip cef ! ! interface Loopback0 ip address 10.10.10.2 255.255.255.255 ! interface Serial0/1 no ip address encapsulation frame-relay random-detect ! interface Serial0/1.1 point-to-point description link to Pauillac ip address 10.1.1.2 255.255.255.252 ip router isis tag-switching ip frame-relay interface-dlci 201 ! interface Serial0/1.2 point-to-point description link to Pomerol ip address 10.1.1.10 255.255.255.252 ip router isis tag-switching ip frame-relay interface-dlci 203 ! router isis passive-interface Loopback0 net 49.0001.0000.0000.0002.00 is-type level-1 ! ip classless ! end

Pauillac

! version 12.1 ! hostname pauillac ! ip cef ! interface Loopback0 ip address 10.10.10.1 255.255.255.255 ip router isis ! interface Serial0/0 no ip address encapsulation frame-relay no ip mroute-cache tag-switching ip no fair-queue ! interface Serial0/0.1 point-to-point description link to Pomerol bandwith 512 ip address 10.1.1.1 255.255.255.252 ip router isis tag-switching ip frame-relay interface-dlci 102 ! interface Serial0/0.2 point-to-point description link to Pulligny ip address 10.1.1.5 255.255.255.252 ip router isis tag-switching ip frame-relay interface-dlci 103 ! interface Serial0/0.3 point-to-point description link to Pescara bandwidth 512 ip address 10.1.1.13 255.255.255.252 ip router isis tag-switching ip frame-relay interface-dlci 104 ! router isis net 49.0001.0000.0000.0001.00 is-type level-1 ! ip classless ! end

Verify

This section provides information you can use to confirm your configuration is working properly.
The Output Interpreter Tool (registered customers only) (OIT) supports certain show commands. Use the OIT to view an analysis of show command output.

• show ip vrf —Verifies that the correct VRF exists.
  
• show ip vrf interfaces—Verifies the activated interfaces.
  
• show ip route vrf Customer_A—Verifies the routing information on the PE routers.
  
• traceroute vrf Customer_A 200.0.6.1—Verifies the routing information on the PE routers.
  
• show ip bgp vpnv4 tag—Verifies the BGP.
  
• show ip cef vrf Customer_A 200.0.6.1 detail—Verifies the routing information on the PE routers.
  

More commands are detailed in the MPLS VPN Solution Troubleshooting Guide.
The following is sample command output of the show ip vrf command.

Pescara#show ip vrf 
  Name                             Default RD          Interfaces
  Customer_A                       100:110             Loopback101
  Customer_B                       100:120             Loopback102

The following is sample command output of the show ip vrf interfaces command.

Pesaro#show ip vrf interfaces 
Interface              IP-Address      VRF                              Protocol
Loopback101            200.0.6.1       Customer_A                       up      
Loopback111            200.1.6.1       Customer_A                       up      
Loopback102            200.0.6.1       Customer_B                       up      

The following show ip route vrf commands show the same prefix 200.0.6.0/24 in both the outputs. This is because the remote PE has the same network for two customers, Customer_A and Customer_B, which is allowed in a typical MPLS VPN solution.

Pescara#show ip route vrf Customer_A
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR

Gateway of last resort is not set

C    200.0.4.0/24 is directly connected, Loopback101
B    200.0.6.0/24 [200/0] via 10.10.10.6, 05:10:11
B    200.1.6.0/24 [200/0] via 10.10.10.6, 04:48:11
 
Pescara#show ip route vrf Customer_B
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
    N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
    E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
    i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
    * - candidate default, U - per-user static route, o - ODR       
    P - periodic downloaded static route
     
Gateway of last resort is not set
C 200.0.4.0/24 is directly connected, Loopback102
 
B 200.0.6.0/24 [200/0] via 10.10.10.6, 00:03:24

By running a traceroute between two sites of Customer_A, it is possible to see the label stack used by the MPLS network (if it is configured to do so by mpls ip ttl ...).

Pescara#traceroute vrf Customer_A 200.0.6.1

Type escape sequence to abort.
Tracing the route to 200.0.6.1

  1 10.1.1.13 [MPLS: Labels 20/26 Exp 0] 400 msec 276 msec 264 msec
  2 10.1.1.6 [MPLS: Labels 18/26 Exp 0] 224 msec 460 msec 344 msec
  3 200.0.6.1 108 msec *  100 msec

Note:  Exp 0 is an experimental field used for Quality of Service (QoS).

Troubleshoot

There is currently no specific troubleshooting information available for this configuration.

INTRODUCTION TO MPLS....(for it Gurus)

Introduction

This sample configuration shows a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) when Routing Information Protocol (RIP) is present on the customer's side.
The VPN feature, when used with MPLS, allows several sites to transparently interconnect through a service provider's network. One service provider network can support several different IP VPNs. Each IP VPN appears as a private network, separate from all other networks. Each site in a VPN sends IP packets to other sites in the same VPN.
Each VPN is associated with one or more VPN routing or forwarding instances (VRFs). A VRF consists of an IP routing table, a derived Cisco express forwarding (CEF) table, and a set of interfaces that use the forwarding table.
The router maintains a separate routing and CEF table for each VRF. This prevents information from being sent outside the VPN and allows the same subnet to be used in several VPNs without causing duplicate IP address problems.
The router using Border Gateway Protocol (BGP) distributes the VPN routing information using the BGP extended communities.
For more information regarding the propagation of updates through a VPN see the VPN Route Target Communities, BGP Distribution of VPN Routing Information, and MPLS Forwarding sections in MPLS Virtual Private Networks.

Prerequisites

Requirements

There are no specific prerequisites for this document.

Components Used

We developed and tested this configuration using the software and hardware versions below:

• PE routers: The MPLS VPN functionality resides in the PE routers. Use Feature Navigator II (registered customers only) to determine which hardware and software combinations you can use.
  
• CE routers: Use any router able to exchange routing information with its PE router.
  
• P routers and switches: In this document, ATM switches such as the MSR, the BPX and the MGX were used. However, because the document focuses on the MPLS VPN feature we could also have used frame based MPLS in the core with routers, such as the Cisco 12000.
  

The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.

Network Description

We set up a standard MPLS ATM backbone using Open Shortest Path First (OSPF) area 0 as the Interior Gateway Protocol (IGP). We configured two different VPNs using this backbone. The first VPN uses RIP as its customer-edge to provider-edge (CE-PE) routing protocol; the other VPN uses BGP as its PE-CE routing protocol. We configured various loopback and static routes on the CE routers to simulate the presence of other routers and networks.
Note: BGP must be used as the VPN IGP between PE routers, since using BGP extended communities is the only way to transport routing information for the VPN between the PE routers.
Note: An ATM network was used as the backbone network to make this configuration. This configuration applies to ATM (and other) protocol(s). PE routers must be able to reach each other using the MPLS network for the VPN configuration to work.

Conventions

The letters below represent the different types of routers and switches used:

• P: Provider's core router
  
• PE: Provider's edge router
  
• CE: Customer's edge router
  
• C: Customer's router
  

A typical configuration illustrating these conventions is shown in the diagram below:

For more information on document conventions, refer to Cisco Technical Tips Conventions.

Configuration Procedure

In this section, you are presented with the information to configure the features described in this document. The Cisco IOS documentation found in MPLS Virtual Private Networks also describes this configuration procedure.
Note: To find additional information on the commands used in this document, use the IOS Command Lookup tool (registered customers only)

Network Diagram

This document uses the network setup shown in the diagram below.

Part I

The steps below will help you configure correctly.
Enable the ip cef command. If using a Cisco 7500 router, ensure that the ip cef distributed command is enabled, where available, to enhance performances on the PE, once MPLS is set up.

1. Create a VRF for each VPN using the ip vrf [VPN routing | forwarding instance name] command. While creating the VRFs, be sure to:
   
   • Specify the correct route distinguisher used for that VPN using the command below. The distinguisher is used to extend the IP address and allows you to identify to which VPN it belongs.
     

     rd [VPN route distinguisher]
     

   • Set up the import and export properties for the BGP extended communities using the command below. These properties are used for filtering the import and export process.
     

     route-target {export | import | both} [target VPN extended community] 
     

2. Configure the forwarding details for the respective interfaces using the ip vrf forwarding [table name]command and remember to set up the IP address afterwards.
   
3. Depending on the PE-CE routing protocol used, do one or more of the following:
   
   • Configure the static routes as follows:
     

     ip route vrf vrf-name prefix mask [next-hop-address] [interface {interface-number}] 
     

   • Configure the RIP using the following command:
     

     address-family ipv4 vrf [VPN routing | forwarding instance name] 
     

     Once you have completed one or both of the steps above, enter the normal RIP configuration commands.
     Note: These commands apply only to the forwarding interfaces of the current VRF. Redistribute the correct BGP into RIP and remember to specify the metric used.
     
   • Declare the BGP neighbor information.
     
   • Configure the OSPF using the new IOS command:
     

     router ospf process-id vrf [VPN routing | forwarding instance name] 
     

   Note: This command applies only to the forwarding interfaces for the current VRF. Redistribute the correct BGP routing information into OSPF and specify the metric used. Once the OSPF process to a VRF is complete, even if the OSPF process is not specified in the command line, this process ID is always used for this particular VRF.
   

Part II

Configure BGP between the PE routers. There are several ways to configure BGP, such as using the route reflector or confederation methods. The method shown here is direct neighbor configuration. It is the simplest and the least scalable.

1. Declare the different neighbors.
   
2. Enter the address-family ipv4 vrf [VPN routing | forwarding instance name] command for each VPN present at this PE router. Carry out one or more of the following steps, as necessary:
   
   • Redistribute the static routing information.
     
   • Redistribute the RIP routing information.
     
   • Redistribute the OSPF routing information.
     
   • Activate BGP neighboring with the CE routers.
     
3. Enter the address-family vpnv4 mode and:
   
   • Activate the neighbors.
     
   • Specify that extended community must be used. This is mandatory.
     

Configuration Examples

In the Alcalzaba configuration, lines specific to the VPN configuration are shown in bold.

Alcazaba

! ip vrf vrf101 rd 1:101 route-target export 1:101 route-target import 1:101 ! ip cef ! interface Loopback0 ip address 223.0.0.3 255.255.255.255 ! interface Ethernet1/1 ip vrf forwarding vrf101 ip address 150.150.0.1 255.255.255.0 ! interface ATM3/0 no ip address no ip mroute-cache no ATM ilmi-keepalive PVC qsaal 0/5 qsaal PVC ilmi 0/16 ilmi ! ! interface ATM3/0.1 tag-switching ip address 10.0.0.17 255.255.255.252 tag-switching ATM vpi 2-4 tag-switching ip ! interface ATM4/0 no ip address no ATM ilmi-keepalive ! interface ATM4/0.1 tag-switching ip address 10.0.0.13 255.255.255.252 tag-switching ATM vpi 2-4 tag-switching ip ! router ospf 1 network 10.0.0.0 0.0.0.255 area 0 network 223.0.0.3 0.0.0.0 area 0 ! router rip version 2 ! address-family ipv4 vrf vrf101 version 2 redistribute bgp 1 metric 0 network 150.150.0.0 no auto-summary exit-address-family ! router bgp 1 no synchronization neighbor 125.2.2.2 remote-as 1 neighbor 125.2.2.2 update-source Loopback0 neighbor 223.0.0.21 remote-as 1 neighbor 223.0.0.21 update-source Loopback0 no auto-summary ! address-family ipv4 vrf vrf101 redistribute rip no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 125.2.2.2 activate neighbor 125.2.2.2 send-community extended neighbor 223.0.0.21 activate neighbor 223.0.0.21 send-community extended no auto-summary exit-address-family !

Kozel

! ip vrf vrf101 rd 1:101 route-target export 1:101 route-target import 1:101 ! ip cef ! interface Loopback0 ip address 223.0.0.21 255.255.255.255 ! interface Ethernet1/1 ip vrf forwarding vrf101 ip address 200.200.0.1 255.255.255.0 ! interface ATM4/0 no ip address no ATM scrambling cell-payload no ATM ilmi-keepalive PVC qsaal 0/5 qsaal PVC ilmi 0/16 ilmi ! interface ATM4/0.1 tag-switching ip address 10.0.0.6 255.255.255.252 tag-switching ATM vpi 2-4 tag-switching ip ! router ospf 1 log-adjacency-changes network 10.0.0.0 0.0.0.255 area 0 network 223.0.0.21 0.0.0.0 area 0 ! router rip version 2 ! address-family ipv4 vrf vrf101 version 2 redistribute bgp 1 metric 1 network 200.200.0.0 no auto-summary exit-address-family ! router bgp 1 no synchronization neighbor 125.2.2.2 remote-as 1 neighbor 125.2.2.2 update-source Loopback0 neighbor 223.0.0.3 remote-as 1 neighbor 223.0.0.3 update-source Loopback0 no auto-summary ! address-family ipv4 vrf vrf101 redistribute rip no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 125.2.2.2 activate neighbor 125.2.2.2 send-community extended neighbor 223.0.0.3 activate neighbor 223.0.0.3 send-community extended no auto-summary exit-address-family !

Medina

Current configuration: ! ip vrf vrf101 rd 1:101 route-target export 1:101 route-target import 1:101 ip cef ! interface Loopback1 ip vrf forwarding vrf101 ip address 11.2.2.2 255.255.255.252 ! interface ATM2/0 no ip address no ATM ilmi-keepalive ! interface ATM2/0.66 tag-switching ip address 125.1.4.2 255.255.255.252 tag-switching ip ! interface Ethernet1/1 ip vrf forwarding vrf101 ip address 11.3.3.1 255.255.255.252 ! router ospf 1 network 125.1.4.0 0.0.0.3 area 0 network 125.2.2.2 0.0.0.0 area 0 ! router rip version 2 network 11.0.0.0 ! address-family ipv4 vrf vrf101 version 2 redistribute bgp 1 metric 1 network 11.0.0.0 no auto-summary exit-address-family ! router bgp 1 no synchronization neighbor 223.0.0.3 remote-as 1 neighbor 223.0.0.3 update-source Loopback0 neighbor 223.0.0.21 remote-as 1 neighbor 223.0.0.21 update-source Loopback0 ! address-family ipv4 vrf vrf101 redistribute connected redistribute static redistribute rip default-information originate no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 223.0.0.3 activate neighbor 223.0.0.3 send-community extended neighbor 223.0.0.21 activate neighbor 223.0.0.21 send-community extended exit-address-family !

Rapid
Current configuration: ! interface Loopback0 ip address 223.0.0.12 255.255.255.255 ! interface Loopback2 ip address 7.7.7.7 255.255.255.0 ! interface FastEthernet0/1 ip address 150.150.0.2 255.255.255.0 duplex auto speed auto ! router rip version 2 redistribute static network 7.0.0.0 network 10.0.0.0 network 150.150.0.0 no auto-summary ! ip route 158.0.0.0 255.0.0.0 Null0 !

Damme
! interface Loopback1 ip address 6.6.6.6 255.0.0.0 ! interface FastEthernet0/0 ip address 10.200.10.14 255.255.252.0 duplex auto speed autoa ! router bgp 158 no synchronization network 6.0.0.0 network 10.200.0.0 mask 255.255.252.0 neighbor 10.200.10.3 remote-as 1 no auto-summary !

Pivrnec
Current configuration: ! interface Loopback0 ip address 223.0.0.22 255.255.255.255 ! interface Loopback1 ip address 6.6.6.6 255.255.255.255 ! interface FastEthernet0/1 ip address 200.200.0.2 255.255.255.0 duplex auto speed auto ! router rip version 2 redistribute static network 6.0.0.0 network 200.200.0.0 no auto-summary ! ip route 69.0.0.0 255.0.0.0 Null0 !

Guilder
! interface Loopback2 ip address 150.150.0.1 255.255.0.0 ! interface Ethernet0/2 ip address 201.201.201.2 255.255.255.252 ! router bgp 69 no synchronization network 7.7.7.0 mask 255.255.0.0 network 150.150.0.0 network 201.201.201.0 mask 255.255.255.252 redistribute connected neighbor 201.201.201.1 remote-as 1 no auto-summary !

Purkmister
Current configuration: ! interface Loopback0 ip address 11.5.5.5 255.255.255.252 ! interface FastEthernet0/1 ip address 11.3.3.2 255.255.255.252 duplex auto speed auto ! router rip version 2 network 11.0.0.0 !

debug and show Commands

Before you use debug commands, refer to Important Information on Debug Commands. Routing-specific commands are listed here:

• show ip rip database vrf - Shows information contained in the RIP database for a particular VRF.
  
• show ip bgp vpnv4 vrf - Displays VPN address information from the BGP table.
  
• show ip route vrf - Displays the IP routing table associated with a VRF.
  
• show ip route - Displays all static IP routes, or those installed using the authentication, authorization, and accounting (AAA) route download function.
  

Certain show commands are supported by the Output Interpreter tool (registered customers only) , which allows you to view an analysis of show command output.
On a PE router, the PE-CE routing method such as RIP, BGP, or static, and the PE-PE BGP updates indicate the routing table used for a particular VRF. You can display the RIP information for a particular VRF as follows:

Alcazaba# show ip rip database vrf vrf101
 0.0.0.0/0 auto-summary  
 0.0.0.0/0
 [2] via 150.150.0.2, 00:00:12, Ethernet1/1
 6.0.0.0/8 auto-summary
 6.6.6.6/32 redistributed
 [1] via 223.0.0.21,
 7.0.0.0/8 auto-summary
 7.7.7.0/24
 [1] via 150.150.0.2, 00:00:12, Ethernet1/1 
 10.0.0.0/8 auto-summary
 10.0.0.0/8 redistributed
 [1] via 125.2.2.2,
 10.0.0.0/16
 [1] via 150.150.0.2, 00:00:12, Ethernet1/1 
 10.200.8.0/22
 [1] via 150.150.0.2, 00:00:12, Ethernet1/1 
 11.0.0.0/8 auto-summary
 11.0.0.4/30 redistributed
 [1] via 125.2.2.2,
 11.1.1.0/30 redistributed
 [1] via 125.2.2.2,
 11.3.3.0/30 redistributed
 [1] via 125.2.2.2,
 11.5.5.4/30 redistributed
 [1] via 125.2.2.2,
 69.0.0.0/8 auto-summary
 69.0.0.0/8 redistributed
 [1] via 223.0.0.21,
 150.150.0.0/16 auto-summary
 150.150.0.0/24 directly connected, Ethernet1/1
 158.0.0.0/8
 [1] via 150.150.0.2, 00:00:17, Ethernet1/1
 200.200.0.0/24 auto-summary 
 200.200.0.0/24 redistributed 
 [1] via 223.0.0.21,

You can display the BGP information for a particular VRF using the show ip bgp vpnv4 vrf command. The PE-PE results from the internal BGP (iBGP) are indicated by an i in the output below.

Alcazaba# show ip bgp vpnv4 vrf vrf101 
   BGP table version is 46, local router ID is 223.0.0.3 
   Status codes: s suppressed, d damped, h history, * valid, best, i - internal    
   Origin codes: i - IGP, e - EGP, ? - incomplete  
 Network Next Hop Metric LocPrf Weight Path 
   Route Distinguisher: 1:101 (default for vrf vrf101) 
   *i6.6.6.6/32 223.0.0.21 1 100 0 ? 
   * 7.7.7.0/24 150.150.0.2 1 32768 ? 
   * 10.0.0.0/16 150.150.0.2 1 32768 ? 
   * 10.200.8.0/22 150.150.0.2 1 32768 ? 
   *i11.2.2.0/30 125.2.2.2 0 100 0 ? 
   *i11.3.3.0/30 125.2.2.2 0 100 0 ? 
   *i11.5.5.4/30 125.2.2.2 1 100 0 ? 
   *i69.0.0.0 223.0.0.21 1 100 0 ? 
   * 150.150.0.0/24 0.0.0.0 0 32768 ? 
   * 158.0.0.0/8 150.150.0.2 1 32768 ? 
   *i200.200.0.0 223.0.0.21 0 100 0 ?

Check the global routing table for a VRF on both the PE and the CE routers. These VRFs should match. For the PE router, you have to specify the VRF using the show ip route vrf command:

Alcazaba# show ip route vrf vrf101
   Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP   
   D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
   N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
   E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
   i - ISIS, L1 - ISIS level-1, L2 - ISIS level-2, IA - ISIS inter area    
   * - candidate default, U - per-user static route, o - ODR
   P - periodic downloaded static route
    Gateway of last resort is not set
   B 69.0.0.0/8 [200/1] via 223.0.0.21, 00:11:03
   B 200.200.0.0/24 [200/0] via 223.0.0.21, 00:11:03
    6.0.0.0/32 is subnetted, 1 subnets
   B 6.6.6.6 [200/1] via 223.0.0.21, 00:11:03 
    7.0.0.0/24 is subnetted, 1 subnets
   R 7.7.7.0 [120/1] via 150.150.0.2, 00:00:05, Ethernet1/1 
    10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
   R 10.0.0.0/16 [120/1] via 150.150.0.2, 00:00:05, Ethernet1/1 
   R 10.200.8.0/22 [120/1] via 150.150.0.2, 00:00:05, Ethernet1/1 
    11.0.0.0/30 is subnetted, 3 subnets
   B 11.3.3.0 [200/0] via 125.2.2.2, 00:07:05
   B 11.2.2.0 [200/0] via 125.2.2.2, 00:07:05
   B 11.5.5.4 [200/1] via 125.2.2.2, 00:07:05
    150.150.0.0/24 is subnetted, 1 subnets
   C 150.150.0.0 is directly connected, Ethernet1/1
   R 158.0.0.0/8 [120/1] via 150.150.0.2, 00:00:06, Ethernet1/1

The equivalent command on Pivrnec is the show ip route command, since for every customer (and customer edge) router this is the standard routing table.

Pivrnec# show ip route 
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP  
  D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
  N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
  E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
  i - ISIS, L1 - ISIS level-1, L2 - ISIS level-2, IA - ISIS inter area  
  * - candidate default, U - per-user static route, o - ODR 
  P - periodic downloaded static route Gateway of last resort is not 
  set S 69.0.0.0/8 is directly connected, Null0 
  223.0.0.0/32 is subnetted, 1 subnets 
 C 223.0.0.22 is directly connected, Loopback0 
 C 200.200.0.0/24 is directly connected, FastEthernet0/1 
  6.0.0.0/32 is subnetted, 1 subnets 
 C 6.6.6.6 is directly connected, Loopback1 
  7.0.0.0/24 is subnetted, 1 subnets 
 R 7.7.7.0 [120/1] via 200.200.0.1, 00:00:23, FastEthernet0/1 
  10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks 
 R 10.0.0.0/16 [120/1] via 200.200.0.1, 00:00:23, FastEthernet0/1 
 R 10.200.8.0/22 [120/1] via 200.200.0.1, 00:00:24, FastEthernet0/1 
  11.0.0.0/30 is subnetted, 3 subnets 
 R 11.3.3.0 [120/1] via 200.200.0.1, 00:00:24, FastEthernet0/1 
 R 11.2.2.0 [120/1] via 200.200.0.1, 00:00:25, FastEthernet0/1 
 R 11.5.5.4 [120/1] via 200.200.0.1, 00:00:25, FastEthernet0/1 
  150.150.0.0/24 is subnetted, 1 subnets 
 R 150.150.0.0 [120/1] via 200.200.0.1, 00:00:25, FastEthernet0/1 
 R 158.0.0.0/8 [120/1] via 200.200.0.1, 00:00:25, FastEthernet0/1

MPLS Labels

Check the label stack used for any route as follows:

Alcazaba# show tag-switching forwarding-table vrf vrf101 11.5.5.5 detail    
   Local Outgoing Prefix Bytes tag Outgoing Next Hop
   tag tag or VC or Tunnel Id switched interface
   None 2/91 11.5.5.4/30 0 AT4/0.1 point2point
    MAC/Encaps=4/12, MTU=4466, Tag Stack{2/91(vcd=69) 37} 
    00458847 0004500000025000

You can use the normal commands for viewing the tag allocations along with the virtual path identifier and virtual channel identifier (VPI/VCI) relations as shown in How to Troubleshoot the MPLS VPN .

Address Overlapping

You can use the same address in different VPNs without interfering with other VPNs. In this example, the 6.6.6.6 address is connected twice, to Pivrnec in the VPN 101 and to Damme in the VPN 102. We can check this using the ping command on one site and the debug ip icmp command on the other site.

Guilder# ping 6.6.6.6
   Type escape sequence to abort.
   Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds:
   !!!!!
   Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

Damme# debug ip icmp
   ICMP packet debugging is on
   6d22h: ICMP: echo reply sent, src 6.6.6.6, DST 201.201.201.2
   6d22h: ICMP: echo reply sent, src 6.6.6.6, DST 201.201.201.2
   6d22h: ICMP: echo reply sent, src 6.6.6.6, DST 201.201.201.2
   6d22h: ICMP: echo reply sent, src 6.6.6.6, DST 201.201.201.2
   6d22h: ICMP: echo reply sent, src 6.6.6.6, DST 201.201.201.2

 

 

Tujus wife on Ogunda's death

Former Cabinet minister Raphael Tuju’s estranged wife Ruth Akinyi was Thursday interviewed by detectives as police held her relative in connection with the death of her lover on Tuesday.

Tony Ogunda was found dead by Mr Cosmas Okoth, who is Ms Akinyi’s nephew. Mr Okoth is now in police custody. Kilimani police commander Bernard Muli said detectives are “contemplating” charging him in connection with the death.

“We believe there is much more (information) he is not telling us. The postmortem report revealed there were injuries and he did not mention if the deceased was involved in a scuffle when he gave his statement. Yet, he was with him throughout that day,” he said.

Ogunda, who was mentioned in a divorce case filed by Mr Tuju against his wife, was found dead on a sofa at Mr Okoth’s house in Upper Hill, Nairobi on Tuesday morning.

The two had been living together for two weeks before Ogunda met his death.

Mr Muli added: “We are holding the man because he is failing to disclose very crucial information and he is required to explain.”

On the fateful day, the two arrived home at around 1 am having spent the earlier part of the night at Relax Bar off River Road.

By Thursday, police had interrogated five people and taken their statements.

The Nation learnt that the former minister’s wife told detectives to also question a woman she identified as Sabina, because she was around the home when the incident happened.

Mrs Tuju was summoned to Kilimani police station and was interrogated for close to four hours.

Responding to queries from journalists, she said: “It was fine and the officers were kind enough. It (the interview) went on well.”

Mr Okoth is expected to be taken to court Friday morning.

Police say that though the autopsy report revealed that Ogunda had head injuries, Mr Okoth never indicated anywhere in his statement of any fight or fall.

The head of criminal investigations in Nairobi, Mr Nicholas Kamwende, said that Mr Okoth had recorded a statement immediately he reported the death at Capitol Hill police station.

He was summoned for a second time to shed light on new information revealed after the postmortem was conducted.

The autopsy conducted on Wednesday afternoon by pathologists Johansen Oduor and Peter Ndegwa could not conclusively establish the cause of the injury.

The blood alcohol concentration was very high, confirming an earlier statement by the friend that they had drunk liquor for hours.

The pathologists also established that Ogunda’s brain was swollen and there was blood in his lungs, heart and pancreas.

1 | 2 Next Page»

Nelson mandela

Mandela not in pain

By AFP | July 4, 2013

Graça Machel, political activist and wife of former South African president Nelson Mandela/AFP

JOHANNESBURG, July 4 – During a nearly one month battle for his life in hospital, ailing South African icon Nelson Mandela has occasionally been uncomfortable but has seldom been in pain, his wife Graca Machel said Thursday.
“Now we are about 25 days we have been in hospital,” Machel said, giving thanks for the outpouring of well wishes from around the world for the Nobel peace laureate.
“Although Madiba sometimes may be uncomfortable, very few times he is in pain,” she said using Mandela’s clan name.
The former president, who turns 95 later this month, was rushed to hospital on June 8 with a recurring lung infection.
He has since been on life support, but during the last week his condition is said to have stabilised.
“Thank you, thank you, thank you,” said Machel, launching the latest in a series of events to mark Mandela’s life.
“The outpouring and humbling demonstrations of love, of care, of support, of hope are taken into our hearts every single day.”
“We thank you very deeply.”
Amid an increasingly bitter family feud involving allegations of adultery, grave tampering and siblings born out of wedlock Machel said Mandela’s example could serve as a beacon for unity for the country.
“While he lies in hospital, he offered an opportunity for all of us again to be united,” Machel said.

online jobs