From 73dfd80247ab240d2c668507f7005178c016f6cb Mon Sep 17 00:00:00 2001 From: jramos Date: Fri, 27 Feb 2026 10:13:08 -0700 Subject: [PATCH] Add course README with module table of contents and build order Co-Authored-By: Claude Opus 4.6 --- README.md | 60 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..84b9db0 --- /dev/null +++ b/README.md @@ -0,0 +1,60 @@ +# ISP Backbone Lab — A Senior Network Engineer's Course + +> **Instructor**: Garvis (your friendly neighborhood Sr. Network Engineer) +> **Platform**: Cisco Modeling Labs (CML) — 32GB RAM budget +> **Student**: Jordan +> **Goal**: Build and understand a realistic ISP backbone from the ground up, then attack it. + +--- + +## Table of Contents — Modules + +| # | Module | Topic | +|---|--------|-------| +| 1 | [Module 1: The Underlay — IS-IS](modules/01-isis.md) | Why every ISP uses IS-IS, Level 2-only design, NET addressing | +| 2 | [Module 2: MPLS — Labeling the Backbone](modules/02-mpls.md) | Label switching, LDP, Penultimate Hop Popping | +| 3 | [Module 3: iBGP — The Brain of the ISP](modules/03-ibgp.md) | Route Reflectors, full-mesh problem, loopback peering | +| 4 | [Module 4: L3VPN — Customer Isolation](modules/04-l3vpn.md) | VRFs, RD vs RT, customer isolation across the MPLS core | +| 5 | [Module 5: eBGP — Peering with the World](modules/05-ebgp.md) | IXP peering, BGP best path selection (The Big 9), route filtering | +| 6 | [Module 6: Segment Routing](modules/06-segment-routing.md) | LDP to SR migration, Prefix SIDs, why SR is the future | +| 7 | [Module 7: Traffic Engineering](modules/07-traffic-engineering.md) | SR-TE policies, SID stacks, Flex-Algo | +| 8 | [Module 8: Attack & Defense Labs](modules/08-attack-defense.md) | BGP hijacking, IS-IS poisoning, MPLS label manipulation, CoPP | + +--- + +## The Topology + +A **two-AS ISP backbone** (AS 65000 and AS 65100) with customer sites, a peering exchange, and an attacker segment. + +See the [topology diagrams](diagrams/) for visual references. + +## Build Order + +### Phase 1: Foundation (Weekend 1) +- Module 1: IS-IS on all P and PE routers +- Verify: All loopbacks reachable + +### Phase 2: MPLS Core (Weekend 2) +- Module 2: MPLS/LDP on all core links +- Module 3: iBGP with Route Reflector + +### Phase 3: Services (Weekend 3) +- Module 4: VRFs and L3VPN +- Module 5: eBGP peering at the IXP + +### Phase 4: Modern SP (Weekend 4) +- Module 6: Migrate LDP to Segment Routing +- Module 7: SR-TE policies + +### Phase 5: Break Things (Weekend 5+) +- Module 8: Attack and defense scenarios + +## Quick Reference Commands + +| What You Want | Command | +|--------------|---------| +| IS-IS neighbors | `show isis neighbors` | +| MPLS labels | `show mpls forwarding-table` | +| BGP summary | `show bgp summary` | +| VRF routes | `show ip route vrf CUST_A` | +| SR SIDs | `show isis segment-routing prefix-sid-map` |