网络基础(十六)-------BGP实验

问题描述:

网络基础(十六)-------BGP实验_第1张图片

一.配置ip与ospf

r1:

[Huawei]sys r1
[r1-GigabitEthernet0/0/0]ip add 13.0.0.1 24
[r1-LoopBack0]ip add 1.1.1.1 24

r2:

[Huawei]sys r2
[r2-LoopBack0]ip add 2.2.2.2 24
[r2-GigabitEthernet0/0/0]ip add 24.0.0.1 24

r3:

[Huawei]sys r3
[r3-GigabitEthernet0/0/0]ip add 13.0.0.2 24
[r3-GigabitEthernet0/0/1]ip add 35.0.0.1 24
[r3-LoopBack0]ip add 3.3.3.3 24
[r3]ospf 1 router-id 3.3.3.3
[r3-ospf-1]area 0
[r3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[r3-ospf-1-area-0.0.0.0]network 35.0.0.0 0.0.0.255

r4:

[Huawei]sys r4
[r4-GigabitEthernet0/0/0]ip add 46.0.0.1 24
[r4-GigabitEthernet0/0/1]ip add 24.0.0.2 24
[r4-LoopBack0]ip add 4.4.4.4 24
[r4]ospf 1 router-id 4.4.4.4
[r4-ospf-1]area 0
[r4-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0
[r4-ospf-1-area-0.0.0.0]network 46.0.0.0 0.0.0.255

r5:

[Huawei]sys r5
[r5-GigabitEthernet0/0/0]ip add 35.0.0.2 24
[r5-GigabitEthernet0/0/1]ip add 46.0.0.2 24
[r5-LoopBack0]ip add 5.5.5.5 24
[r5]ospf 1 router-id 5.5.5.5
[r5-ospf-1]area 0
[r5-ospf-1-area-0.0.0.0]network 5.5.5.5 0.0.0.0
[r5-ospf-1-area-0.0.0.0]network 35.0.0.0 0.0.0.255
[r5-ospf-1-area-0.0.0.0]network 46.0.0.0 0.0.0.255

二.建邻-----r1-r3与r2-r4为直连建邻;r3-r4为环回建邻-----需要修改建邻跳数

r1:

[r1]bgp 100
[r1-bgp]router-id 1.1.1.1
[r1-bgp]peer 13.0.0.2 as-number 300
[r1-bgp]peer 13.0.0.2 ebgp-max-hop 2

r2:

[r2]bgp 200
[r2-bgp]router-id 2.2.2.2
[r2-bgp]peer 24.0.0.2 as-number 300

r3:

[r3]bgp 300
[r3-bgp]router-id 3.3.3.3
[r3-bgp]peer 13.0.0.1 as-number 100
[r3-bgp]peer 4.4.4.4 as-number 300
[r3-bgp]peer 4.4.4.4 connect-interface LoopBack 0

r4;

[r4]bgp 300
[r4-bgp]router-id 4.4.4.4
[r4-bgp]peer 24.0.0.1 as-number 200
[r4-bgp]peer 3.3.3.3 as-number 300
[r4-bgp]peer 3.3.3.3 connect-interface LoopBack 0

三.配置路由(使用network命令与import命令)

r1:

[r1]bgp 100
[r1-bgp]network 1.1.1.0 255.255.255.0

r2:

[r2]bgp 200
[r2-bgp]network 2.2.2.0 255.255.255.0

r3:

[r3]route-policy direct permit node 10
[r3-route-policy]if-match interface LoopBack 0
[r3-route-policy]if-match interface GigabitEthernet 0/0/0
[r3-route-policy]if-match interface GigabitEthernet 0/0/1
[r3]bgp 300
[r3-bgp]import-route direct route-policy direct
[r3-bgp]peer 4.4.4.4 next-hop-local

r4:

[r4]route-policy direct permit node 10
[r4-route-policy]if-match interface LoopBack 0
[r4-route-policy]if-match interface GigabitEthernet 0/0/0
[r4-route-policy]if-match interface GigabitEthernet 0/0/1
[r4]bgp 300
[r4-bgp]import-route direct route-policy direct
[r4-bgp]peer 3.3.3.3 next-hop-local

注意:bgp传递路由时需要将下一跳改成local,这样下一跳信息才会改变

四.全网可达

网络基础(十六)-------BGP实验_第2张图片

 因为r5路由表里没有到2.2.2.2网段信息-------重发布解决

[r3]ospf 1
[r3-ospf-1]import-route bgp 
[r3-ospf-1]import-route direct 
[r4]ospf 1
[r4-ospf-1]import-route bgp 
[r4-ospf-1]import-route direct 

除此之外,给r1、r2下发一条缺省,连通r5

[r1]ip route-static 0.0.0.0 0 13.0.0.2
[r2]ip route-static 0.0.0.0 0 24.0.0.2

五.过滤操作

r1上新增三个环回:

[r1]int LoopBack 1
[r1-LoopBack1]ip add 10.1.1.1 24
[r1]int LoopBack 2
[r1-LoopBack2]ip add 10.2.2.2 24
[r1]int LoopBack 3
[r1-LoopBack3]ip add 10.3.3.3 24
[r1]bgp 100
[r1-bgp]network 10.1.1.0 255.255.255.0
[r1-bgp]network 10.2.2.0 255.255.255.0
[r1-bgp]network 10.3.3.0 255.255.255.0

使用前缀列表进行过滤

r1:

[r1]ip ip-prefix a deny 10.3.3.3 24   //出口上过滤
[r1]ip ip-prefix a permit 0.0.0.0 0 less-equal 32
[r1-bgp]peer 13.0.0.2 ip-prefix a export 

 r3:

[r3]ip ip-prefix a deny 10.3.3.3 24    //入口上过滤
[r3]ip ip-prefix a permit 0.0.0.0 0 less-equal 32
[r3-bgp]peer 13.0.0.1 ip-prefix a import 

使用route-policy进行过滤

r4:

[r4]ip ip-prefix a permit 10.2.2.2 24   //出方向进行过滤
[r4]route-policy aa deny node 10
[r4-route-policy]if-match ip-prefix a
[r4]route-policy aa permit node 20
[r4]bgp 300
[r4-bgp]peer 24.0.0.1 route-policy aa export 

r2:

[r2]ip ip-prefix a permit 10.2.2.2 24     //出接口过滤
[r2]route-policy aa deny node 10
[r2-route-policy]if-match ip-prefix a
[r2]route-policy aa permit node 20
[r2]bgp 200
[r2-bgp]peer 24.0.0.2 route-policy aa import 

你可能感兴趣的