今天完成了一个在联邦BGP下的路由控制的实验。实验的组网是5个路由器(R1到R5,如下图所示)组成一个链式局域网,全部配置命令都记录再按,拓扑图如下:
基本配置如下: R1 en conf t line con 0 logg syn exec-tim 0 0 exit no ip domain-lo ho R1 int loopback 0 ip ad 1.1.1.1 255.255.255.0 no sh int s0/0 ip ad 12.1.1.1 255.255.255.0 no sh int se0/1 ip ad 13.1.1.1 255.255.255.0 no sh exit router rip ve 2 no au net 1.1.1.0 net 12.1.1.0 net 13.1.1.0 R2 en conf t line con 0 logg syn exec-tim 0 0 exit no ip domain-lo ho R2 int loopback 0 ip ad 2.2.2.2 255.255.255.0 no sh int se0/0 ip ad 24.1.1.2 255.255.255.0 no sh int se0/1 ip ad 12.1.1.2 255.255.255.0 no sh exit router rip ve 2 no au net 12.0.0.0 net 2.2.2.0 R3 en conf t line con 0 logg syn exec-tim 0 0 exit no ip domain-lo ho R3 int loopback 0 ip ad 3.3.3.3 255.255.255.0 no sh int se0/0 ip ad 13.1.1.3 255.255.255.0 no sh int se0/1 ip ad 35.1.1.3 255.255.255.0 no sh exit router rip ve 2 no au net 3.3.3.0 net 13.1.1.0 R4 en conf t line con 0 logg syn exec-tim 0 0 exit no ip domain-lo ho R4 int loopback 0 ip ad 4.4.4.4 255.255.255.0 no sh int s0/0 ip ad 24.1.1.4 255.255.255.0 no sh R5 en conf t line con 0 logg syn exec-tim 0 0 exit no ip domain-lo ho R5 int loopback 0 ip ad 5.5.5.5 255.255.255.0 int se0/0 ip ad 35.1.1.5 255.255.255.0 no sh 各个路由器联邦配置: R1: router bgp 65012 bgp ro 1.1.1.1 no sy no au nei 2.2.2.2 remote 65012 nei 2.2.2.2 up lo 0 nei 2.2.2.2 next-hop-self nei 3.3.3.3 remote 65003 nei 3.3.3.3 up lo 0 nei 3.3.3.3 next-hop-self bgp confederation identifier 123 nei 3.3.3.3 ebgp-multihop 2 bgp confederation peers 65003 R2: router bgp 65012 no sy no au bgp rou 2.2.2.2 nei 24.1.1.4 remote 400 bgp confederation identifier 123 nei 1.1.1.1 remote 65012 nei 1.1.1.1 up lo 0 nei 1.1.1.1 next-hop-self R3: router bgp 65003 no sy no au bgp rou 3.3.3.3 nei 35.1.1.5 remote 500 nei 1.1.1.1 remote 65012 nei 1.1.1.1 up lo 0 nei 1.1.1.1 next-hop-self bgp confederation identifier 123 nei 1.1.1.1 ebgp-multihop 2 bgp confederation peers 65012 R4: router bgp 400 bgp router-id 4.4.4.4 no sy no au nei 24.1.1.2 remote 123 net 4.4.4.0 mask 255.255.255.0 end R5: router bgp 500 bgp rou 5.5.5.5 no sy no au nei 35.1.1.3 remote 123 net 5.5.5.0 mask 255.255.255.0 end R5#show ip bgp BGP table version is 3, local router ID is 5.5.5.5 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 4.4.4.0/24 35.1.1.3 0 123 400 i *> 5.5.5.0/24 0.0.0.0 0 32768 i BGP邻居成功建立。 接下来在R4建立4个环回借口,并添加到BGP路由 R4命令如下: int lo 0 ip ad 4.4.4.4 255.255.255.0 int lo 1 ip ad 172.1.12.1 255.255.255.0 int lo 2 ip ad 172.1.13.1 255.255.255.0 int lo 3 ip ad 172.1.14.1 255.255.255.0 int lo 4 ip ad 172.1.15.1 255.255.255.0 exit router bgp 400 net 172.1.12.0 mask 255.255.255.0 net 172.1.13.0 mask 255.255.255.0 net 172.1.14.0 mask 255.255.255.0 net 172.1.15.0 mask 255.255.255.0 R5#show ip bgp BGP table version is 7, local router ID is 5.5.5.5 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 4.4.4.0/24 35.1.1.3 0 123 400 i *> 5.5.5.0/24 0.0.0.0 0 32768 i *> 172.1.12.0/24 35.1.1.3 0 123 400 i *> 172.1.13.0/24 35.1.1.3 0 123 400 i *> 172.1.14.0/24 35.1.1.3 0 123 400 i *> 172.1.15.0/24 35.1.1.3 0 123 400 i 各个路由器已经学到。。 现在重点来了: 要求R1只能学到3条路由,R3只能学到2条。R5只能学到一条。 引入BGP的几个属性: Loacl AS:相当于当有联邦AS时,加上这个属性的路由不会被传出联邦AS No-export:不传出大的AS,也就是不传给EBPG邻居 No-advertise:谁也不传送。 在R4上的配置: R4(config)#ip prefix-list 12 per 172.1.12.0/24 R4(config)#ip prefix-list 13 per 172.1.13.0/24 R4(config)#ip prefix-list 14 per 172.1.14.0/24 R4(config)#ip prefix-list 15 per 172.1.15.0/24 给路由加属性,控制路由的传送 R4(config)#route-map comm per 10 R4(config-route-map)#match ip ad prefix-list 12 R4(config-route-map)#set community no-advertise 谁也不公告 R4(config)#route-map comm per 20 R4(config-route-map)#mat ip ad pre 13 R4(config-route-map)#set community local-AS 不出联邦AS R4(config-route-map)#exit R4(config)#route-map comm per 30 R4(config-route-map)#mat ip ad pre 14 R4(config-route-map)#set community no-export 不传出大的AS,也就是不传给EBGP R4(config-route-map)#exit R4(config)#route-map per 40 R4(config-route-map)#mat ip ad pre 15 R4(config-route-map)#set commun none 什么也不做 R4(config-router)#nei 24.1.1.2 route-map comm out R4(config-router)#nei 24.1.1.2 send-community 需要在每个路由器上打,因为这样才能把路由的属性传出,以达到控制路由的目的 R2(config-router)#nei 1.1.1.1send-community 。。。。。。。。 172.1.12.0/24谁也不公告 172.1.13.0/24 不出联邦AS 172.1.14.0/24 不传给EBGP 172.1.15.0/24 无限制 也就是说在R1上只能学到: 172.1.13.0/24 172.1.14.0/24 172.1.15.0/24 在R3上能学到 172.1.14.0/24 172.1.15.0/24 在R5上能学到 172.1.15.0/24 R1#show ip bgp BGP table version is 11, local router ID is 1.1.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 5.5.5.0/24 3.3.3.3 0 100 0 (65003) 500 i *>i172.1.13.0/24 2.2.2.2 0 100 0 400 i *>i172.1.14.0/24 2.2.2.2 0 100 0 400 i *>i172.1.15.0/24 2.2.2.2 0 100 0 400 i R3#show ip bgp BGP table version is 11, local router ID is 3.3.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 5.5.5.0/24 35.1.1.5 0 0 500 i *> 172.1.14.0/24 1.1.1.1 0 100 0 (65012) 400 i *> 172.1.15.0/24 1.1.1.1 0 100 0 (65012) 400 i R5#show ip bgp BGP table version is 11, local router ID is 5.5.5.5 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 5.5.5.0/24 0.0.0.0 0 32768 i *> 172.1.15.0/24 35.1.1.3 0 123 400 i OK实验成功。
|
不良信息举报Q:2000617|Archiver|ROS软路由论坛 ROSABC.com 网络方案网络工程交流
GMT+8, 2025-7-5 15:31 , Processed in 0.148847 second(s), 15 queries .
Powered by Discuz! X3.4
Copyright © 2001-2021, Tencent Cloud.
