首页 > 代码库 > BGP实验

BGP实验

实验拓扑:

wKioL1Ov4qCAtka5AAIiMEA0tvc905.jpg

实验目的:

  1. R1访问外网的流量分别通过R2、R3实现负载分担;

  2. R1访问AS400的流量仅通过R2,其他的流量通过R3;

  3. R4不向R2通告113.59.69.4/30段的路由;

  4. R6只通告202.100.192.0/24的聚合路由;

实验过程:

  1. 如图所示,配置各路由器的接口地址;

   ⑴ R1的接口配置:

  • <Huawei>system-view 

  • Enter system view, return user view with Ctrl+Z.

  • [Huawei]undo info-center enable 

  • Info: Information center is disabled.

  • [Huawei]sysname R1

  • [R1]inter LoopBack 0

  • [R1-LoopBack0]ip address 10.10.10.10 32

  • [R1-LoopBack0]quit

  • [R1]inter g0/0/1

  • [R1-GigabitEthernet0/0/1]ip address 10.147.140.1 30

  • [R1-GigabitEthernet0/0/1]quit

  • [R1]inter g0/0/2

  • [R1-GigabitEthernet0/0/2]ip address 10.147.140.5 30

  • [R1-GigabitEthernet0/0/2]quit

   ⑵ R2的接口配置:

  • <Huawei>system-view 

  • Enter system view, return user view with Ctrl+Z.

  • [Huawei]undo info-center enable 

  • Info: Information center is disabled.

  • [Huawei]sysname R2

  • [R2]inter LoopBack 0

  • [R2-LoopBack0]ip address 1.1.1.1 32

  • [R2-LoopBack0]quit

  • [R2]inter g0/0/1

  • [R2-GigabitEthernet0/0/1]ip address 10.147.140.2 30

  • [R2-GigabitEthernet0/0/1]quit

  • [R2]inter g0/0/0

  • [R2-GigabitEthernet0/0/0]ip address 10.147.140.9 30

  • [R2-GigabitEthernet0/0/0]quit

  • [R2]interface serial 0/0/0

  • [R2-Serial0/0/0]link-protocol ppp

  • [R2-Serial0/0/0]ip address 59.49.241.1 30

  • [R2-Serial0/0/0]quit

   ⑶ R3的接口配置:

  • <Huawei>system-view 

  • Enter system view, return user view with Ctrl+Z.

  • [Huawei]undo info-center enable 

  • Info: Information center is disabled.

  • [Huawei]sysname R3

  • [R3]inter LoopBack 0

  • [R3-LoopBack0]ip address 2.2.2.2 32

  • [R3-LoopBack0]quit

  • [R3]inter g0/0/2

  • [R3-GigabitEthernet0/0/2]ip address 10.147.140.6 30

  • [R3-GigabitEthernet0/0/2]quit

  • [R3]inter g0/0/0

  • [R3-GigabitEthernet0/0/0]ip address 10.147.140.10 30

  • [R3-GigabitEthernet0/0/0]quit

  • [R3]interface serial 0/0/0

  • [R3-Serial0/0/0]link-protocol ppp

  • [R3-Serial0/0/0]ip address 113.59.60.1 30

  • [R3-Serial0/0/0]quit

  ⑷ R4的接口配置:

  • <Huawei>system-view 

  • Enter system view, return user view with Ctrl+Z.

  • [Huawei]undo info-center enable 

  • Info: Information center is disabled.

  • [Huawei]sysname R4

  • [R4]inter LoopBack 0

  • [R4-LoopBack0]ip address 59.59.59.59 32

  • [R4-LoopBack0]quit

  • [R4]inter g0/0/0

  • [R4-GigabitEthernet0/0/0]ip address 59.49.241.5 30

  • [R4-GigabitEthernet0/0/0]quit

  • [R4]interface serial 0/0/0

  • [R4-Serial0/0/0]link-protocol ppp

  • [R4-Serial0/0/0]ip address 59.49.241.2 30

  • [R4-Serial0/0/0]quit

   ⑸ R5的接口配置:

  • <Huawei>system-view 

  • Enter system view, return user view with Ctrl+Z.

  • [Huawei]undo info-center enable 

  • Info: Information center is disabled.

  • [Huawei]sysname R5

  • [R5]inter LoopBack 0

  • [R5-LoopBack0]ip address 113.113.113.113 32

  • [R5-LoopBack0]quit

  • [R5]inter g0/0/0

  • [R5-GigabitEthernet0/0/0]ip address 113.59.69.5 30

  • [R5-GigabitEthernet0/0/0]quit

  • [R5]interface serial 0/0/0

  • [R5-Serial0/0/0]link-protocol ppp

  • [R5-Serial0/0/0]ip address 113.59.60.2 30

  • [R5-Serial0/0/0]quit

   ⑹ R6的接口配置:

  • <Huawei>system-view 

  • Enter system view, return user view with Ctrl+Z.

  • [Huawei]undo info-center enable 

  • Info: Information center is disabled.

  • [Huawei]sysname R6

  • [R6]inter LoopBack 0

  • [R6-LoopBack0]ip address 100.100.100.100 32

  • [R6-LoopBack0]quit

  • [R6]inter LoopBack 1

  • [R6-LoopBack1]ip address 202.100.192.68 32

  • [R6-LoopBack1]quit

  • [R6]inter g0/0/0

  • [R6-GigabitEthernet0/0/0]ip address 59.49.241.6 30

  • [R6-GigabitEthernet0/0/0]quit

  • [R6]inter g0/0/1

  • [R6-GigabitEthernet0/0/1]ip address 113.59.69.6 30

  • [R6-GigabitEthernet0/0/1]quit

2.内网路由器的OSPF配置

  ⑴ R1的OSPF配置:

  • [R1]OSPF 1 router-id 10.10.10.10

  • [R1-ospf-1]area 0

  • [R1-ospf-1-area-0.0.0.0]network 10.10.10.10 0.0.0.0

  • [R1-ospf-1-area-0.0.0.0]network 10.147.140.0 0.0.0.3

  • [R1-ospf-1-area-0.0.0.0]network 10.147.140.4 0.0.0.3

  • [R1-ospf-1-area-0.0.0.0]return

  • <R1>save

  ⑵ R2的OSPF配置:

  • [R2]OSPF 1 router-id 10.10.10.10

  • [R2-ospf-1]area 0

  • [R2-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0

  • [R2-ospf-1-area-0.0.0.0]network 10.147.140.0 0.0.0.3

  • [R2-ospf-1-area-0.0.0.0]network 10.147.140.8 0.0.0.3

  • [R2-ospf-1-area-0.0.0.0]return

  • <R2>save

  ⑶ R3的OSPF配置:

  • [R3]OSPF 1 router-id 10.10.10.10

  • [R3-ospf-1]area 0

  • [R3-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0

  • [R3-ospf-1-area-0.0.0.0]network 10.147.140.4 0.0.0.3

  • [R3-ospf-1-area-0.0.0.0]network 10.147.140.8 0.0.0.3

  • [R3-ospf-1-area-0.0.0.0]return

  • <R3>save

3.路由器的BGP配置

  ⑴ R2的BGP配置:

  • [R2]BGP 65510

  • [R2-bgp]undo synchronization

  • [R2-bgp]PEER 2.2.2.2 as-number 65510

  • [R2-bgp]peer 2.2.2.2 connect-interface LoopBack 0

  • [R2-bgp]peer 2.2.2.2 next-hop-local

  • [R2-bgp]peer 59.49.241.2 as-number 400

  • [R2-bgp]network 10.10.10.10 255.255.255.255

  • [R2-bgp]network 1.1.1.1 255.255.255.255

  • [R2-bgp]network 10.147.140.0 255.255.255.252

  • [R2-bgp]network 10.147.140.8 255.255.255.252

  • [R2-bgp]network 59.49.241.0 255.255.255.252

  • [R2-bgp]quit

  ⑵ R3的BGP配置:

  • [R3]BGP 65510

  • [R3-bgp]undo synchronization

  • [R3-bgp]PEER 1.1.1.1 as-number 65510

  • [R3-bgp]peer 1.1.1.1 connect-interface LoopBack 0

  • [R3-bgp]peer 1.1.1.1 next-hop-local

  • [R3-bgp]peer 113.59.60.2 as-number 500

  • [R3-bgp]network 2.2.2.2 255.255.255.255

  • [R3-bgp]network 1.1.1.1 255.255.255.255

  • [R3-bgp]network 10.147.140.4 255.255.255.252

  • [R3-bgp]network 10.147.140.8 255.255.255.252

  • [R3-bgp]network 113.59.60.0 255.255.255.252

  • [R3-bgp]quit

  ⑶ R4的BGP配置:

  • [R4]BGP 400

  • [R4-bgp]undo synchronization

  • [R4-bgp]PEER 59.49.241.1 as-number 65510

  • [R4-bgp]peer 59.49.241.6 as-number 600

  • [R4-bgp]network 59.59.59.59 255.255.255.255

  • [R4-bgp]network 59.49.241.0 255.255.255.252

  • [R4-bgp]network 59.49.241.4 255.255.255.252

  • [R4-bgp]quit

  ⑷ R5的BGP配置:

  • [R5]BGP 500

  • [R5-bgp]undo synchronization

  • [R5-bgp]PEER 113.59.60.1 as-number 65510

  • [R5-bgp]peer 113.59.69.6 as-number 600

  • [R5-bgp]network 113.113.113.113 255.255.255.255

  • [R5-bgp]network 113.59.60.0 255.255.255.252

  • [R5-bgp]network 113.59.69.4 255.255.255.252

  • [R5-bgp]quit

  ⑸ R6的BGP配置:

  • [R6]BGP 600

  • [R6-bgp]undo synchronization

  • [R6-bgp]PEER 59.49.241.5 as-number 400

  • [R6-bgp]peer 113.59.69.5 as-number 500

  • [R6-bgp]network 100.100.100.100 255.255.255.255

  • [R6-bgp]network 202.100.192.68 255.255.255.255

  • [R6-bgp]network 59.49.241.4 255.255.255.252

  • [R6-bgp]network 113.59.69.4 255.255.255.252

  • [R6-bgp]quit

4.查看各路由器的BGP路由情况

  ⑴ R2的BGP路由信息:                 ⑵ R3的BGP路由信息: 


wKioL1OxKnTxHD4eAAPT0D3i8fE761.jpg       wKioL1OxKuizNqcTAAMPjmjoosQ404.jpg

  ⑶ R4的BGP路由信息:                 ⑷ R5的BGP路由信息:

wKiom1OxK4KR1DQzAAODNvKJLCQ269.jpg      wKiom1OxK9TTym3ZAAP0mSUC5xY366.jpg

  ⑸ R6的BGP路由信息:

wKioL1OxK-3xGrpsAAPRVfjT2Tw806.jpg

● R1访问外网的流量分别通过R2、R3实现负载分担

  • 如果内网路由器都运行BGP协议,都建立了IBGP关系,可以使用路由策略设置local-preference值来实现;

  • R2、R3通过发布缺省路由,设置相同的OSPF COST值来实现。

  在R2上设置:

  • [R2]ospf 1

  • [R2-ospf-1]default-route-advertise always

  在R3上设置:

  • [R3]ospf 1

  • [R3-ospf-1]default-route-advertise always

  在R1上查看IP路由表:

wKioL1OxOgqSg2z3AAQceKjPzm8511.jpg

可以发现,在R1上有两条去往外部的等价默认路由。

● R1访问AS400的流量仅通过R2,其他的流量通过R3

  • 流量离开同一个AS的不同IBGP路由器时,可以通过设置不同的local-pref值来实现路由选择,local-pref默认值是100.值越大越优。

  • 在R2上配置route-policy,设置去往AS400的local-pref值为300,去往其他网段的值为默认值;在R3上配置默认local-pref值为200。

   在R2上配置:

  • [R2]ip as-path-filter 1 permit ^400$   ///使用ACL可以达到同样的效果\\\

  • [R2]route-policy only_as400 permit node 10

  • [R2-route-policy]if-match as-path-filter 1

  • [R2-route-policy]apply local-preference 300

  • [R2]route-policy only_as400 permit node 20

  • [R2-route-policy]quit

  • [R2]bgp 65510

  • [R2-bgp]peer 59.49.241.2 route-policy only_as400 import 

  • [R2-bgp]quit

   在R3上配置:

  • [R3]bgp 65510

  • [R3-bgp]default local-preference 200

  • [R3-bgp]quit

  在R2上检验结果:

  • 未配置route-policy之前:路由跟踪显示经过R4→R6wKiom1OyEAKQnYNmAAC8fLVC92Q637.jpg

  • 配置route-policy之后:路由跟踪显示经过R3→R5→R6wKiom1OyEDbwjzd_AAFkZkaZR4s497.jpg

  • R2上的BGP路由表:

wKiom1OyE1XzA4ciAALMkFCYFnA622.jpg

● R4不向R2通告113.59.69.4/30段的路由

  • 在R6上配置route-policy+community实现

  在R6配置:

  • [R6]acl number 2001

  • [R6-acl-basic-2001]rule 0 permit source 113.59.69.4 255.255.255.252

  • [R6-acl-basic-2001]quit

  • [R6]route-policy 1 permit node 10

  • Info: New Sequence of this List.

  • [R6-route-policy]if-match acl 2001

  • [R6-route-policy]apply community no-export

  • [R6-route-policy]quit

  • [R6]route-policy 1 permit node 20

  • Info: New Sequence of this List.

  • [R6]bgp 600

  • [R6-bgp]peer 59.49.241.5 route-policy 1 export

  • [R6-bgp]peer 59.49.241.5 advertise-community  

  • [R6-bgp]quit

  在R2检测结果:发现R2仅能从其IBGP对等体收到113.59.69.4/30的路由通告。

wKiom1OyI7ex90d7AAOQXqzRqMo902.jpg

● R6只通告202.100.192.0/24的聚合路由;

  • 使用命令aggregate手动聚合

  在R6配置:

  • [R6]bgp 600

  • [R6-bgp]aggregate 202.100.192.0 24 detail-suppressed 

  • [R6-bgp]quit

  在R2检测结果:发现R2上存在202.100.192.0的聚合路由信息,无详细路由信息。

wKiom1OyJYHBP4GCAAM5MRcESOE731.jpg

本文出自 “每天进步一点点” 博客,请务必保留此出处http://pthahnil.blog.51cto.com/814988/1432974