图1 BGP基本组网示例图
如上图1所示,需要在所有Switch间运行BGP协议,SwitchA、SwitchB之间建立EBGP连接,SwitchB、SwitchC和SwitchD之间建立IBGP全连接。
2.1、在SwitchB、SwitchC和SwitchD间配置IBGP连接。
2.2、在SwitchA和SwitchB之间配置EBGP连接。
3.1、配置各接口所属的VLAN
[HUAWEI] sysname SwitchA
[SwitchA] vlan batch 10 50
[SwitchA] interface gigabitethernet 1/0/1
[SwitchA-GigabitEthernet1/0/1] port link-type trunk
[SwitchA-GigabitEthernet1/0/1] port trunk allow-pass vlan 10
[SwitchA-GigabitEthernet1/0/1] quit
[SwitchA] interface gigabitethernet 1/0/2
[SwitchA-GigabitEthernet1/0/2] port link-type trunk
[SwitchA-GigabitEthernet1/0/2] port trunk allow-pass vlan 50
[SwitchA-GigabitEthernet1/0/2] quit
SwitchB、SwitchC和SwitchD的配置同SwitchA(略)
3.2、配置各VLANIF接口的IP地址
[SwitchA] interface vlanif 10
[SwitchA-Vlanif10] ip address 192.168.1.2 24
[SwitchA-Vlanif10] quit
[SwitchA] interface vlanif 50
[SwitchA-Vlanif50] ip address 10.1.1.1 8
[SwitchA-Vlanif50] quit
SwitchB、SwitchC和SwitchD的配置同SwitchA(略)
3.3、配置IBGP连接
# 配置SwitchB。
[SwitchB] bgp 65009
[SwitchB-bgp] router-id 172.17.2.2
[SwitchB-bgp] peer 172.16.1.2 as-number 65009
[SwitchB-bgp] peer 172.16.3.2 as-number 65009
# 配置SwitchC。
[SwitchC] bgp 65009
[SwitchC-bgp] router-id 172.17.3.3
[SwitchC-bgp] peer 172.16.3.1 as-number 65009
[SwitchC-bgp] peer 172.16.2.2 as-number 65009
[SwitchC-bgp] quit
# 配置SwitchD。
[SwitchD] bgp 65009
[SwitchD-bgp] router-id 172.17.4.4
[SwitchD-bgp] peer 172.16.1.1 as-number 65009
[SwitchD-bgp] peer 172.16.2.1 as-number 65009
[SwitchD-bgp] quit
3.4、配置EBGP
# 配置SwitchA。
[SwitchA] bgp 65008
[SwitchA-bgp] router-id 172.17.1.1
[SwitchA-bgp] peer 192.168.1.1 as-number 65009
[SwitchA-bgp] quit
# 配置SwitchB。
[SwitchB] bgp 65009
[SwitchB-bgp] peer 192.168.1.2 as-number 65008
[SwitchB-bgp] quit
# 查看BGP对等体的连接状态。
[SwitchB] display bgp peer
BGP local router ID : 172.17.2.2
Local AS number : 65009
Total number of peers : 3 Peers in established state : 3
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
172.16.1.2 4 65009 49 62 0 00:44:58 Established 0
172.16.3.2 4 65009 56 56 0 00:40:54 Established 0
192.168.1.2 4 65008 49 65 0 00:44:03 Established 0
可以看出,SwitchB其它Switch的BGP连接均已建立。
3.5、配置SwitchA发布路由10.0.0.0/8
# 配置SwitchA发布路由。
[SwitchA] bgp 65008
[SwitchA-bgp] ipv4-family unicast
[SwitchA-bgp-af-ipv4] network 10.0.0.0 255.0.0.0
[SwitchA-bgp-af-ipv4] quit
[SwitchA-bgp] quit
# 查看SwitchA路由表信息。
[SwitchA] display bgp routing-table
BGP Local router ID is 172.17.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 10.0.0.0 0.0.0.0 0 0 i
# 查看SwitchB的路由表。
[SwitchB] display bgp routing-table
BGP Local router ID is 172.17.2.2
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 10.0.0.0 192.168.1.2 0 0 65008i
# 查看SwitchC的路由表。
[SwitchC] display bgp routing-table
BGP Local router ID is 172.17.3.3
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1
Network NextHop MED LocPrf PrefVal Path/Ogn
i 10.0.0.0 192.168.1.2 0 100 0 65008i
从路由表可以看出,SwitchC学到了AS65008中的10.0.0.0的路由,但因为下一跳192.168.1.2不可达,所以也不是有效路由。
3.6、配置BGP引入直连路由
# 配置SwitchB。
[SwitchB] bgp 65009
[SwitchB-bgp] ipv4-family unicast
[SwitchB-bgp-af-ipv4] import-route direct
[SwitchB-bgp-af-ipv4] quit
[SwitchB-bgp] quit
# 查看SwitchA的BGP路由表。
[SwitchA] display bgp routing-table
BGP Local router ID is 172.17.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 4
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 10.0.0.0 0.0.0.0 0 0 i
*> 172.16.1.0/24 192.168.1.1 0 0 65009?
*> 172.16.3.0/24 192.168.1.1 0 0 65009?
192.168.1.0 192.168.1.1 0 0 65009?
# 查看SwitchC的路由表。
[SwitchC] display bgp routing-table
BGP Local router ID is 172.17.3.3
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 4
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 10.0.0.0 192.168.1.2 0 100 0 65008i
*>i 172.16.1.0/24 172.16.3.1 0 100 0 ?
i 172.16.3.0/24 172.16.3.1 0 100 0 ?
*>i 192.168.1.0 172.16.3.1 0 100 0 ?
可以看出,到10.0.0.0的路由变为有效路由,下一跳为SwitchA的地址。
# 使用Ping进行验证。
[SwitchC] ping 10.1.1.1
PING 10.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 10.1.1.1: bytes=56 Sequence=1 ttl=253 time=31 ms
Reply from 10.1.1.1: bytes=56 Sequence=2 ttl=253 time=47 ms
Reply from 10.1.1.1: bytes=56 Sequence=3 ttl=253 time=31 ms
Reply from 10.1.1.1: bytes=56 Sequence=4 ttl=253 time=16 ms
Reply from 10.1.1.1: bytes=56 Sequence=5 ttl=253 time=31 ms
--- 10.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 16/31/47 ms
4.1、SwitchA的配置文件
#
sysname SwitchA
#
vlan batch 10 50
#
interface Vlanif10
ip address 192.168.1.2 255.255.255.0
#
interface Vlanif50
ip address 10.1.1.1 255.0.0.0
#
interface GigabitEthernet1/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet1/0/2
port link-type trunk
port trunk allow-pass vlan 50
#
bgp 65008
router-id 172.17.1.1
peer 192.168.1.1 as-number 65009
#
ipv4-family unicast
undo synchronization
network 10.0.0.0
peer 192.168.1.1 enable
#
return
4.2、SwitchB的配置文件
#
sysname SwitchB
#
vlan batch 10 20 30
#
interface Vlanif10
ip address 192.168.1.1 255.255.255.0
#
interface Vlanif20
ip address 172.16.3.1 255.255.255.0
#
interface Vlanif30
ip address 172.16.1.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet1/0/2
port link-type trunk
port trunk allow-pass vlan 20
#
interface GigabitEthernet1/0/3
port link-type trunk
port trunk allow-pass vlan 30
#
bgp 65009
router-id 172.17.2.2
peer 172.16.1.2 as-number 65009
peer 172.16.3.2 as-number 65009
peer 192.168.1.2 as-number 65008
#
ipv4-family unicast
undo synchronization
import-route direct
peer 172.16.1.2 enable
peer 172.16.3.2 enable
peer 192.168.1.2 enable
#
return
4.3、SwitchC的配置文件
#
sysname SwitchC
#
vlan batch 20 40
#
interface Vlanif20
ip address 172.16.3.2 255.255.255.0
#
interface Vlanif40
ip address 172.16.2.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-type trunk
port trunk allow-pass vlan 20
#
interface GigabitEthernet1/0/2
port link-type trunk
port trunk allow-pass vlan 40
#
bgp 65009
router-id 172.17.3.3
peer 172.16.2.2 as-number 65009
peer 172.16.3.1 as-number 65009
#
ipv4-family unicast
undo synchronization
peer 172.16.2.2 enable
peer 172.16.3.1 enable
#
return
4.4、SwitchD的配置文件
#
sysname SwitchD
#
vlan batch 30 40
#
interface Vlanif30
ip address 172.16.1.2 255.255.255.0
#
interface Vlanif40
ip address 172.16.2.2 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-type trunk
port trunk allow-pass vlan 30
#
interface GigabitEthernet1/0/2
port link-type trunk
port trunk allow-pass vlan 40
#
bgp 65009
router-id 172.17.4.4
peer 172.16.1.1 as-number 65009
peer 172.16.2.1 as-number 65009
#
ipv4-family unicast
undo synchronization
peer 172.16.1.1 enable
peer 172.16.2.1 enable
#
return