BGP第一次实验内容
实验目的
1. 了解BGP的基本配置
2. 了解multihop,next-hop-self的配置方法
3. 了解BGP中local preference和MED的概念与配置方法
实验设备
cisco1720 ----5台
试验拓扑:
172.16.2.1/24 172.16.2.2/24 172.16.4.1/24
as100b as100c
172.16.1.2/24 172.16. 5.2 172.16.3.1/24
172.16.1.1/24 172.16.5.1/24 172.16.3.2/24 as300-d 192.168.1,2/24
as65500a 192.168.1.1/24 as300-e
10.10.1.1/24 192.168.2.1/24
基本配置路由器,并启动BGP协议
as65500-A:
hostname as65500-a
!
enable password cisco
!
interface Loopback1
ip address 10.10.1.1 255.255.255.0
!
interface Serial0
ip address 172.16.1.1 255.255.255.0
!
interface Serial1
ip address 172.16.5.1 255.255.255.0
!
router bgp 65500
no synchronization
network 10.10.1.0 mask 255.255.255.0
network 172.16.1.0 mask 255.255.255.0
network 172.16.5.0 mask 255.255.255.0
neighbor 172.16.1.2 remote-as 100
neighbor 172.16.5.2 remote-as 100
no auto-summary
!
line vty 0 4
password cisco
login
as100-B:
hostname as100-b
!
enable password cisco
!
interface Serial0
ip address 172.16.2.1 255.255.255.0
clockrate 56000
!
interface Serial1
ip address 172.16.1.2 255.255.255.0
clockrate 56000
!
router rip
version 2
network 172.16.0.0
!
router bgp 100
no synchronization
network 172.16.1.0 mask 255.255.255.0
network 172.16.2.0 mask 255.255.255.0
neighbor 172.16.1.1 remote-as 65500
neighbor 172.16.2.2 remote-as 100
!
line vty 0 4
password cisco
login
!
as100-C:
hostname AS100-C
!
enable password cisco
!
interface Loopback1
ip address 172.16.4.1 255.255.255.0
!
interface FastEthernet0/0
ip address 172.16.3.1 255.255.255.0
!
interface Serial0/0
ip address 172.16.2.2 255.255.255.0
!
interface Serial0/1
ip address 172.16.5.2 255.255.255.0
!
router rip
version 2
network 172.16.0.0
!
router bgp 100
no synchronization
network 172.16.2.0 mask 255.255.255.0
network 172.16.3.0 mask 255.255.255.0
network 172.16.4.0 mask 255.255.255.0
network 172.16.5.0 mask 255.255.255.0
neighbor 172.16.2.1 remote-as 100
neighbor 192.168.1.2 remote-as 300
neighbor 172.16.5.1 remote-as 65500
!
line vty 0 4
password cisco
login
as300-D
!
hostname AS300-D
!
enable password cisco
!
interface FastEthernet0/0
ip address 172.16.3.2 255.255.255.0
!
interface Serial0/0
ip address 192.168.1.1 255.255.255.0
!
router eigrp 300
network 192.168.1.0
!
ip route 0.0.0.0 0.0.0.0 172.16.3.1
line vty 0 4
password cisco
login
!
as300-E
hostname AS300-E
!
enable password cisco
!
interface Loopback0
ip address 192.168.2.1 255.255.255.0
!
interface Serial0/0
ip address 192.168.1.2 255.255.255.0
!
router eigrp 300
network 192.168.1.0
network 192.168.2.0
!
router bgp 300
network 192.168.1.0
network 192.168.2.0
neighbor 172.16.3.1 remote-as 100
!
line vty 0 4
password cisco
login
!
基本配置好路由器后,查看路由器运行BGP协议的情况。用show ip bgp查看bgp表,用show ip route 查看路由表
multihop
as100-C与as300-E之间不能成功建立bgp邻居关系,是因为as300中,as300-D路由器并不运行 bgp协议,所以我们需要在AS300-E与AS100-C两台路由器上附加multihop配置.静态路由的添加是为了这两台路由器之间能通过 tcp/ip协议互相访问,这样bgp协议才能正常工作.
具体配置如下:
as100-C:
router bgp 100
neighbor 192.168.1.2 remote-as 300
neighbor 192.168.1.2 ebgp-multihop 2
!
ip route 192.168.1.0 255.255.255.0 172.16.3.2
!
as300-E
router bgp 300
neighbor 172.16.3.1 remote-as 100
neighbor 172.16.3.1 ebgp-multihop 2
!
ip route 172.16.3.0 255.255.255.0 192.168.1.1
!
理解next-hop-self
通过以上配置,全部bgp邻居都建立起来了.观察bgp表,能看到全部网段的信息.但在路由表中,发现 as100-B路由器并没有192.168.1.0和192.168.2.0网段的信息.是因为,as100-B并不知道192.168.1.2在哪里, 所以不会把通过这个路由学来的bgp路由放到路由表中.我们需要通过next-hop-self配置,让as100-B获得的192.168.1.0和 192.168.2.0网段信息不再是从192.168.1.2获得,而是从172.16.2.2获得,这样as100-B就会把这条bgp路由放到路由 表中了.
配置next-hop-self前请看清楚bgp表与路由表,并与配置后的作对比
具体配置为
as100-C
router bgp 100
neighbor 172.16.2.1 next-hop-self
!
通过以上配置,我们配通了全部bgp协议,请用ping命令检查网络全部正常运行.
配置本地优先
本地优先是指as内部路由器控制自己as几个出口的优先级.比如as65500有两个出口,那么到底选择哪个作为优先呢,我们可以通过配置本地优先来控制.
as65500-a:
router bgp 65500
no synchronization
network 10.10.1.0 mask 255.255.255.0
network 172.16.1.0 mask 255.255.255.0
network 172.16.5.0 mask 255.255.255.0
neighbor 172.16.1.2 remote-as 100
neighbor 172.16.5.2 remote-as 100
neighbor 172.16.5.2 route-map setlocalpre in
!
route-map setlocalpre permit 10
set local-preference 200
!
!
line vty 0 4
password cisco
login
!
配置后,用clear ip bgp *从起bgp协议,并用show ip bgp和show ip route查看结果
配置MED
配置MED是一个as用来控制其他as从哪个入口进来本as的方法,比如as100上,能通过配置MED,使as65500优先选择其中一条路径进入as100:
在as100-C上配置
router bgp 100
neighbor 172.16.5.1 remote-as 65500
neighbor 172.16.5.1 route-map setmed out
!
route-map setmed permit 10
set metric 100
!
配置后,用clear ip bgp *从起bgp协议,并用show ip bgp和show ip route查看结果
去掉保留AS
在AS号码中65001后面的是保留AS部分,一般用作ISP内部分配用,所以在广域网上面得去掉保留得AS号码.在这里,65500是保留AS,所以as100-C发送给as300-E的时候,应该去掉这个AS,具体配置为:
as100-C
router bgp 100
neighbor 192.168.1.2 remove-private-as
配置后,用clear ip bgp *从起bgp协议,并用show ip bgp和show ip route查看结果