BGP实验

BGP实验_第1张图片

要求:

1.AS1中192.168.1.0/24不宣告,AS2中192.168.2.0/24不宣告,但可以互相访问
2.AS1除一个环回为192.168.1.0/24外,其他为10.1.1.0/24。AS1除一个环回为192.168.1.0/24外,其他为10.1.1.0/24
3.AS2为172.16.0.0/16,AS起ospf,AS间地址任意规划
4.R3为R4的RR,R6为R7的RR
5.不得出现环路,所有设备环回均可互访

 

地址规划:

AS2骨干网段

172.16.1.0/30    172.16.1.4/30    172.16.1.8/30    172.16.1.12/30    172.16.1.16/30    172.16.1.20/30

环回网段

172.16.2.1/24    172.16.3.1/24    172.16.4.1/24    172.16.5.1/24    172.16.6.1/24    172.16.7.1/24分别为R2-R7环回  

AS间为12网段和78网段

R1环回为10.1.1.1/25和10.1.1.129/25和192.168.1.1/24

R8环回为10.1.2.1/25和10.1.2.129/25和192.168.2.1/24

 

配置:

1.配置ip地址

2.起ospf协议

R2

router ospf 1

router-id 2.2.2.2

network 172.16.0.0 0.0.255.255 a 0

R3

router ospf 1

router-id 3.3.3.3

network 172.16.0.0 0.0.255.255 a 0

R4

router ospf 1

router-id 4.4.4.4

network 172.16.0.0 0.0.255.255 a 0

R5

router ospf 1

router-id 5.5.5.5

network 172.16.0.0 0.0.255.255 a 0

R6

router ospf 1

router-id 6.6.6.6

network 172.16.0.0 0.0.255.255 a 0

R7

router ospf 1

router-id 7.7.7.7

network 172.16.0.0 0.0.255.255 a 0

3.建立bgp邻居

R1

router bgp 1

b router-id 1.1.1.1

neighbor 12.1.1.2 remote-as 2

R2

router bgp 64512

b router-id 172.16.2.1

neighbor 12.1.1.1 remote-as 1

neighbor 172.16.3.1 remote-as 64512

neighbor 172.16.3.1 update-source lo0

neighbor 172.16.5.1 remote-as 64513

neighbor 172.16.5.1 update-source lo0

neighbor 172.16.5.1 ebgp-multihop       和EBGP邻居用环回建邻时要修改ttl

bgp confederation peers 64513

bgp confederation identifier 2

R3

router bgp 64512

b router-id 172.16.3.1

neighbor 172.16.2.1 remote-as 64512

neighbor 172.16.2.1 update-source lo0

neighbor 172.16.4.1 remote-as 64512

neighbor 172.16.4.1 update-source lo0

bgp confederation identifier 2

R4

router bgp 64512

b router-id 172.16.4.1

neighbor 172.16.3.1 remote-as 64512

neighbor 172.16.3.1 update-source lo0

neighbor 172.16.7.1 remote-as 64513

neighbor 172.16.7.1 update-source lo0

neighbor 172.16.7.1 ebgp-multihop      

bgp confederation peers 64513

bgp confederation identifier 2

R5

router bgp 64513

b router-id 172.16.5.1

neighbor 172.16.6.1 remote-as 64513

neighbor 172.16.6.1 update-source lo0

neighbor 172.16.2.1 remote-as 64512

neighbor 172.16.2.1 update-source lo0

neighbor 172.16.2.1 ebgp-multihop      

bgp confederation peers 64512

bgp confederation identifier 2

R6

router bgp 64513

b router-id 172.16.6.1

neighbor 172.16.5.1 remote-as 64513

neighbor 172.16.5.1 update-source lo0

neighbor 172.16.7.1 remote-as 64513

neighbor 172.16.7.1 update-source lo0

bgp confederation identifier 2

R7

router bgp 64513

b router-id 172.16.7.1

neighbor 172.16.6.1 remote-as 64513

neighbor 172.16.6.1 update-source lo0

neighbor 78.1.1.8 remote-as 3

bgp confederation peers 64513

bgp confederation identifier 2

R8

router bgp 3

b router-id 8.8.8.8

neighbor 78.1.1.7 remote-as 2

4.宣告

R1

ip route 10.1.1.0 255.255.255.0 null 0                        先写空接口路由,再宣告汇总路由

router bgp 1

network 10.1.1.0 mask 255.255.255.0

R8

router bgp 3

network 10.1.2.0 mask 255.255.255.128

network 10.1.2.128 mask 255.255.255.128

aggregate-address 10.1.2.0 255.255.255.0 summary-only           可以先宣告明细,再宣告汇总后的路由,明细路由将被抑制

BGP实验_第2张图片

所有设备环回互访

R2

ip route 172.16.0.0 255.255.248.0 null 0

router bgp 64512

network 172.16.0.0 mask 255.255.248.0

R7

ip route 172.16.0.0 255.255.248.0 null 0

router bgp 64512

network 172.16.0.0 mask 255.255.248.0

5.路由不优,改下一跳(R2把路由传给R3和R5的时候路由不优)

R2

route-map next permit 10

set ip next-hop peer-address        这里不做match表示匹配所有路由,把所有路由都改下一跳

router bgp 64512

neigubor 172.16.3.1 route-map next out

neigubor 172.16.5.1 route-map next out

R7

route-map next permit 10

set ip next-hop peer-address

router bgp 64513

neigubor 172.16.4.1 route-map next out

neigubor 172.16.6.1 route-map next out

BGP实验_第3张图片

route-map生效后

BGP实验_第4张图片

6.反射器

R3

router bgp 64512

neighbor 172.16.4.1 route-reflector-client

R6

router bgp 64513

neighbor 172.16.7.1 route-reflector-client

 

此时测试,发现不通

BGP实验_第5张图片

检查路由表,发现R6访问R1环回的下一跳是R7,出现环路

BGP实验_第6张图片

分析是更改下一跳的原因。需要在route-map里只匹配10.1.1.0/24的路由更改下一跳

R2

ip prefix-list next permit 10.1.1.0/24

route-map next permit 10

match ip address prefix-list next

set ip next-hop peer-address

R7

ip prefix-list next permit 10.1.2.0/24

route-map next permit 10

match ip address prefix-list next

set ip next-hop peer-address

测试:

192.168.1.0访问192.168.2.0配置tunnel

R1

int t0

ip add 10.1.3.1 255.255.255.0

tunnel source 10.1.1.1

tunnel destination 10.1.2.1

ip route 192.168.2.0 255.255.255.0 t0

R8

int t0

ip add 10.1.3.2 255.255.255.0

tunnel source 10.1.2.1

tunnel destination 10.1.1.1

ip route 192.168.2.0 255.255.255.0 10.1.3.2

测试:

你可能感兴趣的:(网络)