5.19 BGP实验
实验拓扑
实验要求:
1、在R4上配置preval策略,确保R4通过R2到达5.5.5.5/32
2、在R4上配置AS Path策略,确保R4通过R3到达9.9.9.9/32
3、在R2和R3上配置MED策略,确保R4通过R3到达6.6.6.6/32
4、在R2上配置Local Preference策略,确保R1通过R2到达4.4.4.4/32
5、在R1上配置Local Preference策略,确保R1通过R2到达8.8.8.8/32
6、配置负载均衡,确保R4通过R2和R3到达55.55.55.55/32
7、在R5上配置As策略,AS 5不接受任何始发于AS 123的路由
8、在R4上配置自定义Community策略,确保7.7.7.7/24路由不会被发布到AS 5
9、IBGP使用环回接口建邻,EBGP使用物理接口建邻
10、BGP宣告路由时,仅宣告24网段的用户路由
三、具体配置
配置IP和环回地址
interface GigabitEthernet0/0/0
ip address 15.0.0.1 255.255.255.0
interface GigabitEthernet0/0/1
ip address 12.0.0.1 255.255.255.0
interface GigabitEthernet0/0/2
ip address 13.0.0.1 255.255.255.0
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
interface LoopBack1
ip address 192.168.100.1 255.255.255.0
ospf network-type broadcast
R2
interface GigabitEthernet0/0/0
ip address 12.0.0.2 255.255.255.0
interface GigabitEthernet0/0/1
ip address 24.0.0.2 255.255.255.0
interface LoopBack0ip address 2.2.2.2 255.255.255.255
interface LoopBack1
ip address 192.168.20.1 255.255.255.0
ospf network-type broadcast
R3
interface GigabitEthernet0/0/0
ip address 13.0.0.3 255.255.255.0
interface GigabitEthernet0/0/1
ip address 34.0.0.3 255.255.255.0
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
interface LoopBack1
ip address 192.168.30.1 255.255.255.0
ospf network-type broadcast
R4
interface GigabitEthernet0/0/0
ip address 24.0.0.4 255.255.255.0
interface GigabitEthernet0/0/1
ip address 34.0.0.4 255.255.255.0
interface LoopBack1
ip address 192.168.1.1 255.255.255.0
interface LoopBack2
ip address 192.168.2.1 255.255.255.0
interface LoopBack3
ip address 192.168.3.1 255.255.255.0
R5
interface GigabitEthernet0/0/0
ip address 15.0.0.5 255.255.255.0
interface LoopBack0
ip address 192.168.10.1 255.255.255.0
interface LoopBack1
ip address 192.168.11.1 255.255.255.0
interface LoopBack2
ip address 192.168.12.1 255.255.255.0
配置结果:
<r1>display ip interface brief
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 15.0.0.1/24 up up
GigabitEthernet0/0/1 12.0.0.1/24 up up
GigabitEthernet0/0/2 13.0.0.1/24 up up
LoopBack0 1.1.1.1/32 up up(s)
LoopBack1 192.168.100.1/24 up up(s)
R2
<R2>display IP interface brief
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.0.0.2/24 up up
GigabitEthernet0/0/1 24.0.0.2/24 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 2.2.2.2/32 up up(s)
LoopBack1 192.168.20.1/24 up up(s)
R3
<R3>display ip interface brief
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 13.0.0.3/24 up up
GigabitEthernet0/0/1 34.0.0.3/24 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 3.3.3.3/32 up up(s)
LoopBack1 192.168.30.1/24 up up(s)
R4
<R4>display ip interface brief
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 24.0.0.4/24 up up
GigabitEthernet0/0/1 34.0.0.4/24 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack1 192.168.1.1/24 up up(s)
LoopBack2 192.168.2.1/24 up up(s)
LoopBack3 192.168.3.1/24 up up(s)
R5
<R5>display ip interface brief
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 15.0.0.5/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
LoopBack0 192.168.10.1/24 up up(s)
LoopBack1 192.168.11.1/24 up up(s)
LoopBack2 192.168.12.1/24 up up(s)
AS 123内部IGP搭建
OSPF配置
R1
[r1-ospf-1]display this
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 12.0.0.1 0.0.0.0
network 13.0.0.1 0.0.0.0
network 15.0.0.1 0.0.0.0
network 192.168.100.0 0.0.0.255
R2
[R2-ospf-1]display this
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.2 0.0.0.0network 12.0.0.2 0.0.0.0
network 24.0.0.2 0.0.0.0
network 192.168.20.0 0.0.0.255
R3
[R3-ospf-1]display this
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 13.0.0.3 0.0.0.0network 34.0.0.3 0.0.0.0
network 192.168.30.0 0.0.0.255
配置结果检查
<r1>display ospf routing
OSPF Process 1 with Router ID 1.1.1.1
Routing TablesRouting for Network
Destination Cost Type NextHop AdvRouter Area
1.1.1.1/32 0 Stub 1.1.1.1 1.1.1.1 0.0.0.0
12.0.0.0/24 1 Transit 12.0.0.1 1.1.1.1 0.0.0.0
13.0.0.0/24 1 Transit 13.0.0.1 1.1.1.1 0.0.0.0
15.0.0.0/24 1 Stub 15.0.0.1 1.1.1.1 0.0.0.0
192.168.100.0/24 0 Stub 192.168.100.1 1.1.1.1 0.0.0.0
2.2.2.2/32 1 Stub 12.0.0.2 2.2.2.2 0.0.0.0
3.3.3.3/32 1 Stub 13.0.0.3 3.3.3.3 0.0.0.0
24.0.0.0/24 2 Stub 12.0.0.2 2.2.2.2 0.0.0.0
34.0.0.0/24 2 Stub 13.0.0.3 3.3.3.3 0.0.0.0
192.168.20.0/24 1 Stub 12.0.0.2 2.2.2.2 0.0.0.0
192.168.30.0/24 1 Stub 13.0.0.3 3.3.3.3 0.0.0.0Total Nets: 11
Intra Area: 11 Inter Area: 0 ASE: 0 NSSA: 0
BGP建立邻居环节
BGP建邻配置及注意事项
R1与R2、R3是IBGP对等体关系,要求使用环回地址建立邻居关系,需要修改数据包的元IP地址为环回地址(对等体关系双方均需要修改)
R1
bgp 123
router-id 1.1.1.1
peer 2.2.2.2 as-number 123
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 123
peer 3.3.3.3 connect-interface LoopBack0
peer 15.0.0.5 as-number 500
R2
bgp 123
router-id 2.2.2.2
peer 1.1.1.1 as-number 123
peer 1.1.1.1 connect-interface LoopBack0
peer 24.0.0.4 as-number 400
R3
bgp 123
router-id 3.3.3.3
peer 1.1.1.1 as-number 123
peer 1.1.1.1 connect-interface LoopBack0
peer 34.0.0.4 as-number 400
R4
bgp 400
router-id 4.4.4.4
peer 24.0.0.2 as-number 123
peer 34.0.0.3 as-number 123
R5
bgp 500
router-id 5.5.5.5
peer 15.0.0.1 as-number 123
建邻结果检查
<r1>display bgp peer
BGP local router ID : 1.1.1.1
Local AS number : 123
Total number of peers : 3 Peers in established state : 3Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv2.2.2.2 4 123 20 19 0 00:15:59 Established
4
3.3.3.3 4 123 20 19 0 00:15:59 Established
4
15.0.0.5 4 500 21 22 0 00:16:28 Established
BGP宣告
进入BGP进程:
[r1]bgp 123
宣告网段:
[r1-bgp]network 192.168.100.0 24
R1
network 192.168.100.0 24
R2
network 192.168.20.0 24
R3
network 192.168.30.0 24
R4
network 192.168.1.0
network 192.168.2.0
network 192.168.3.0
R5
network 192.168.10.0
network 192.168.11.0
network 192.168.12.0
BGP宣告结果检查
R2
<R2>display bgp routing-table
Total Number of Routes: 8
Network NextHop MED LocPrf PrefVal Path/Ogn*> 192.168.1.0 24.0.0.4 0 0 400i
*> 192.168.2.0 24.0.0.4 0 0 400i
*> 192.168.3.0 24.0.0.4 0 0 400i
*>i 192.168.10.0 15.0.0.5 0 100 0 500i
*>i 192.168.11.0 15.0.0.5 0 100 0 500i
*>i 192.168.12.0 15.0.0.5 0 100 0 500i
*> 192.168.20.0 0.0.0.0 0 0 i
*>i 192.168.100.0 1.1.1.1 0 100 0 i
R3
<R3>display bgp routing-table
Total Number of Routes: 8
Network NextHop MED LocPrf PrefVal Path/Ogn*> 192.168.1.0 34.0.0.4 0 0 400i
*> 192.168.2.0 34.0.0.4 0 0 400i
*> 192.168.3.0 34.0.0.4 0 0 400i
*>i 192.168.10.0 15.0.0.5 0 100 0 500i
*>i 192.168.11.0 15.0.0.5 0 100 0 500i
*>i 192.168.12.0 15.0.0.5 0 100 0 500i
*> 192.168.30.0 0.0.0.0 0 0 i
*>i 192.168.100.0 1.1.1.1 0 100 0 i
PreVal策略:
R4
ip ip-prefix Preval permit 192.168.10.0 24 greater-equal 24 less-equal 24
route-policy Preval permit node 10
if-match ip-prefix Preval
apply preferred-value 100
route-policy Preval permit node 20bgp 400
peer 24.0.0.2 route-policy Preval import
修改结果:
[R4]display bg routing-table
Total Number of Routes: 13
Network NextHop MED LocPrf PrefVal Path/Ogn*> 192.168.10.0 24.0.0.2 100 123 500i
* 34.0.0.3 0 123 500i
AS_Path策略:
R3
ip ip-prefix AS_Path permit 192.168.11.0 24 greater-equal 24 less-equal 24
route-policy AS_Path permit node 10
if-match ip-prefix AS_Path
apply as-path none overwrite
Y
route-policy AS_Path permit node 20
bgp 123
peer 34.0.0.4 route-policy AS_Path export
查看修改结果:
R4
<R4>display bgp routing-table 192.168.11.0 24
From: 34.0.0.3 (3.3.3.3)
AS-path 123
From: 24.0.0.2 (2.2.2.2)
AS-path 123 500
MED策略:
R4
ip ip-prefix MED permit 192.168.12.0 24 greater-equal 24 less-equal 24
route-policy MED permit node 10
if-match ip-prefix MED
apply cost 500
route-policy MED permit node 20
bgp 400
peer 24.0.0.2 route-policy MED import
Local Preference策略
R1
ip ip-prefix LP permit 192.168.1.0 24 greater-equal 24 less-equal 24
route-policy LP permit node 10
if-match ip-prefix LP
apply local-preference 200
route-policy LP permit node 20
bgp 123
peer 2.2.2.2 route-policy LP import
R1
ip ip-prefix LP2 permit 192.168.2.0 24 greater-equal 24 less-equal 24
route-policy LP2 permit node 10
if-match ip-prefix LP2
apply local-preference 200
route-policy LP2 permit node 20
bgp 123
peer 3.3.3.3 route-policy LP2 import
负载均衡:
[r1-bgp]maximum load-balancing ibgp 2
AS路径过滤器:
R1
ip as-path-filter 1 deny ^$
ip as-path-filter 1 permit .*
bgp 123
peer 15.0.0.5 as-path-filter 1 export
COMMUNITY策略
R1
ip ip-prefix com permit 192.168.3.0 24 greater-equal 24 less-equal 24
route-policy com permit node 10
if-match ip-prefix com
apply community no-export
route-policy com permit node 20bgp 123
peer 24.0.0.2 advertise-community
peer 34.0.0.3 advertise-community
peer 24.0.0.2 route-policy com export
peer 34.0.0.3 route-policy com export
R2/R3
peer 1.1.1.1 advertise-community