ospf;eigrp;bgp;验证,互联

wKiom1ZBm12Q75CIAAA7KHJUc_o270.png

拓扑如上:

要求:

R1-R3 EBGP ;R2-R3 EBGP; R3-R4 EBGP ;R4-R5 IBGP R5为反射器 R6为客户端 R10用于测试

R1-R3 ospf保证网络互通 area 0 

R1 bgp 1 

int l 1   ip 10.1.1.1 用于测试

R2-R3 ospf area 1 区域使用md5加密

R2 bgp 2 

int l 1 ip  20.1.1.1 用于测试

R3-R4 ospf area 2 使用明文加密

R3 bgp 3 

R4-R5 eigrp 使用md5验证

R5-R6 eigrp

R1 :

interface Loopback0

 ip address 1.1.1.1 255.255.255.255

 ip ospf 1 area 0

interface Loopback1

 ip address 10.1.1.1 255.255.255.0

!

interface FastEthernet0/0

 ip address 13.1.1.1 255.255.255.0

 ip ospf authentication

 ip ospf authentication-key cisco

 ip ospf priority 2

 ip ospf 1 area 0

router bgp 1

 bgp router-id 1.1.1.1

 no bgp default ipv4-unicast  //为了体现严谨,CCIE考试都要使用。因为默认就是全局模式下开                        启bgp邻居。关闭后需对不同的地址族进行activate

 bgp log-neighbor-changes

 neighbor 3.3.3.3 remote-as 3

 neighbor 3.3.3.3 ebgp-multihop 255

 neighbor 3.3.3.3 update-source Loopback0

 !

 address-family ipv4

  neighbor 3.3.3.3 activate

  no auto-summary

  no synchronization                          

  network 10.1.1.0 mask 255.255.255.0

 exit-address-family

R2:

interface Loopback0

 ip address 2.2.2.2 255.255.255.255

 ip ospf 1 area 1

!

interface Loopback1

 ip address 20.1.1.1 255.255.255.0

!

interface FastEthernet0/0

 ip address 23.1.1.2 255.255.255.0

 ip ospf authentication message-digest

 ip ospf message-digest-key 1 md5 cisco

 ip ospf 1 area 1

router bgp 2

 bgp router-id 2.2.2.2

 no bgp default ipv4-unicast

 bgp log-neighbor-changes

 neighbor 23.1.1.3 remote-as 3

 !

 address-family ipv4

  neighbor 23.1.1.3 activate

  no auto-summary

  no synchronization

  network 20.1.1.0 mask 255.255.255.0

 exit-address-family

R3:

interface Loopback0

 ip address 3.3.3.3 255.255.255.255

 ip ospf 1 area 0

!

interface FastEthernet0/0

 ip address 13.1.1.3 255.255.255.0

 ip ospf authentication

 ip ospf authentication-key cisco

 ip ospf priority 0

 ip ospf 1 area 0

 duplex auto

 speed auto

!

interface FastEthernet0/1

 ip address 23.1.1.3 255.255.255.0

 ip ospf authentication message-digest

 ip ospf message-digest-key 1 md5 cisco

 ip ospf priority 0

 ip ospf 1 area 1

 duplex auto

 speed auto

!

interface FastEthernet1/0

 ip address 34.1.1.3 255.255.255.0

 ip ospf authentication

 ip ospf authentication-key cisco

 ip ospf 1 area 2

 duplex auto

 speed auto

router ospf 1

 log-adjacency-changes

!

router bgp 3

 bgp router-id 3.3.3.3

 no bgp default ipv4-unicast

 bgp log-neighbor-changes

 neighbor 1.1.1.1 remote-as 1

 neighbor 1.1.1.1 ebgp-multihop 255

 neighbor 1.1.1.1 update-source Loopback0

 neighbor 4.4.4.4 remote-as 4

 neighbor 4.4.4.4 ebgp-multihop 255

 neighbor 4.4.4.4 password cisco

 neighbor 4.4.4.4 update-source Loopback0

 neighbor 23.1.1.2 remote-as 2

 !

 address-family ipv4

  neighbor 1.1.1.1 activate

  neighbor 4.4.4.4 activate

  neighbor 23.1.1.2 activate

  no auto-summary

  no synchronization

 exit-address-family

R4:

interface Loopback0

 ip address 4.4.4.4 255.255.255.255

 ip ospf 1 area 2

!

interface FastEthernet0/0

 ip address 34.1.1.4 255.255.255.0

 ip ospf authentication

 ip ospf authentication-key cisco

 ip ospf 1 area 2

 duplex auto

 speed auto

!

interface FastEthernet0/1

 ip address 45.1.1.4 255.255.255.0

 ip authentication mode eigrp 90 md5

 ip authentication key-chain eigrp 90 1

 duplex auto

 speed auto

!

router eigrp 90

 redistribute ospf 1 metric 1 1 1 1 1  //因为上面是ospf下面是eigrp所以有做重分布,                                注意点在eigrp中重分布需要metric值

 network 4.4.4.4 0.0.0.0            

 network 45.1.1.4 0.0.0.0

 no auto-summary

!

router ospf 1

 log-adjacency-changes

 redistribute eigrp 90 subnets

router bgp 4

 no bgp default ipv4-unicast

 bgp log-neighbor-changes

 neighbor 3.3.3.3 remote-as 3

 neighbor 3.3.3.3 ebgp-multihop 255

 neighbor 3.3.3.3 password cisco

 neighbor 3.3.3.3 update-source Loopback0

 neighbor 5.5.5.5 remote-as 4

 neighbor 5.5.5.5 ebgp-multihop 255

 neighbor 5.5.5.5 update-source Loopback0

 !

 address-family ipv4

  neighbor 3.3.3.3 activate

  neighbor 5.5.5.5 activate

  no auto-summary

  no synchronization

 exit-address-family

key chain 1

 key 1

   key-string cisco

R5:

key chain 1

 key 1

   key-string cisco     //用于eigrp认证

interface Loopback0

 ip address 5.5.5.5 255.255.255.255

!

interface FastEthernet0/0

 ip address 45.1.1.5 255.255.255.0

 ip authentication mode eigrp 90 md5     //开启eigrp认证

 ip authentication key-chain eigrp 90 1   //接口使用key 1 对eig 90 认证

 duplex auto

 speed auto

!

interface FastEthernet0/1

 ip address 56.1.1.5 255.255.255.0

 ip authentication mode eigrp 90 md5

 ip authentication key-chain eigrp 90 1

 duplex auto

 speed auto

!

router eigrp 90

 network 5.5.5.5 0.0.0.0

 network 45.1.1.5 0.0.0.0

 network 56.1.1.5 0.0.0.0

 no auto-summary

!

router bgp 4

 no bgp default ipv4-unicast

 bgp log-neighbor-changes

 neighbor 4.4.4.4 remote-as 4

 neighbor 4.4.4.4 update-source Loopback0

 neighbor 6.6.6.6 remote-as 4

 neighbor 6.6.6.6 update-source Loopback0

 !        

 address-family ipv4

  no auto-summary

  neighbor 4.4.4.4 activate

  neighbor 6.6.6.6 activate

  neighbor 6.6.6.6 route-reflector-client                                    //加了这条命令R5直接变成反射器,R6则为客户 端。注意点

   反射器会将从ebgp邻居学到的路由发送客户端和非客户端,从客户端学到                  路由会发送给Ebgp邻居,客户端和非客户端,从非客户端学习到的路由只

    发送给EBGP邻居,客户端,不发送给非客户端。


  no synchronization             

 exit-address-family              

R6:

key chain 1

 key 1

   key-string cisco

interface Loopback0

 ip address 6.6.6.6 255.255.255.255

!

interface Loopback1

 ip address 60.1.1.1 255.255.255.0

!

interface FastEthernet0/0

 ip address 56.1.1.6 255.255.255.0

 ip authentication mode eigrp 90 md5

 ip authentication key-chain eigrp 90 1

 duplex auto

 speed auto

!

interface FastEthernet0/1

 ip address 61.1.1.6 255.255.255.0

 duplex auto

 speed auto

!

router eigrp 90

 network 6.6.6.6 0.0.0.0

 network 56.1.1.6 0.0.0.0

 network 61.1.1.6 0.0.0.0

 no auto-summary

router bgp 4

 no synchronization

 bgp log-neighbor-changes

 network 60.1.1.0 mask 255.255.255.0

 neighbor 5.5.5.5 remote-as 4

 neighbor 5.5.5.5 update-source Loopback0

 neighbor 61.1.1.1 remote-as 4

 no auto-summary

R10:

interface FastEthernet0/0

 ip address 61.1.1.1 255.255.255.0

 duplex auto

 speed auto

router eigrp 90

 network 61.1.1.1 0.0.0.0

 auto-summary

!

router bgp 4

 bgp router-id 10.1.1.1

 no bgp default ipv4-unicast

 bgp log-neighbor-changes

 neighbor 61.1.1.6 remote-as 4

 !

 address-family ipv4

  neighbor 61.1.1.6 activate

  no auto-summary

  no synchronization

 exit-address-family

结果:

R6 能学习到R1 和R2 的l 1 口的路由信息。R10只能学习到R6的l 1 的路由信息。

其实也是表面,bgp路由中,从ebgp学习到的路由会发送给ebgp邻居和ibgp邻居,但是从ibgp邻居学习到的路由只会发送给ebgp邻居,不会发送给ibgp邻居,也叫做bgp水平分割

R6#sh ip b 

BGP table version is 8, local router ID is 6.6.6.6

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete


   Network          Next Hop            Metric LocPrf Weight Path

*>i10.1.1.0/24      3.3.3.3                  0    100      0 3 1 i

*>i20.1.1.0/24      3.3.3.3                  0    100      0 3 2 i

*> 60.1.1.0/24      0.0.0.0                  0         32768 i

R10# sh ip b

BGP table version is 2, local router ID is 10.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete


   Network          Next Hop            Metric LocPrf Weight Path

*>i60.1.1.0/24      61.1.1.6                 0    100      0 i



也是自己学习笔记,闲来无事,练练手感以及熟练度。有些理论也顺带在实验过程中又看了一遍。如有错误的地方,请指正。

本文出自 “王大锤” 博客,谢绝转载!

你可能感兴趣的:(客户端,MD5加密,BGP,ospf,EIGRP,反射器)