目录
AS 64512内运行OSPF,在互联接口(不包括连接外部AS的接口)、Loopback0接口上激活OSPF
EBGP对等体关系基于直连接口建立,IBGP对等体关系基于Loopback 0接口建立。在AR1、AR5上存在相同的网段172.16.1.0/24、172.16.2.0/24、172.16.3.0/24、172.16.4.0/24,在AR1、AR5上将其发布到BGP,以用于BGP路由优选
实验任务
- 设备IP地址配置
- 配置AS 64512内的OSPF,在互联接口(不包括连接外部AS的接口)、Loopback0接口上激活OSPF
- 按照规划配置BGP对等体,在AR1、AR5上将路由发布到BGP中
- 在AR1上通过路由策略修改BGP路由172.16.1.0//24的AS_Path值,使得AR3优选AR5发布的BGP路由172.16.1.0/24
- 在AR4上通过路由策略修改BGP路由172.16.2.0//24的Local_Preference值,使得AR3优选AR4通告的BGP路由172.16.2.0/24
- 在AR2上通过路由策略修改BGP路由172.16.3.0//24的MED值,使得AR3优选AR5发布的BGP路由172.16.3.0/24
- 在AR3上通过路由策略修改BGP路由172.16.4.0//24的preferred-value值,使得AR3优选AR4通告的BGP路由172.16.4.0/24
实验步骤
(1)互联接口、环回口IP地址配置
互联接口IP地址配置
展开代码[AR1]interface GigabitEthernet 0/0/0 [AR1-GigabitEthernet0/0/0]ip address 10.0.12.1 24 [AR1-GigabitEthernet0/0/0]q [AR1]interface LoopBack 0 [AR1-LoopBack0]ip address 10.0.1.1 32 [AR1-LoopBack0]q [AR2]interface GigabitEthernet 0/0/0 [AR2-GigabitEthernet0/0/0]ip address 10.0.12.2 24 [AR2-GigabitEthernet0/0/0]q [AR2]interface GigabitEthernet 0/0/1 [AR2-GigabitEthernet0/0/1]ip address 10.0.23.2 24 [AR2-GigabitEthernet0/0/1]q [AR2]interface LoopBack 0 [AR2-LoopBack0]ip address 10.0.2.2 32 [AR2-LoopBack0]q [AR3]interface GigabitEthernet 0/0/0 [AR3-GigabitEthernet0/0/0]ip address 10.0.23.3 24 [AR3-GigabitEthernet0/0/0]q [AR3]interface GigabitEthernet 0/0/1 [AR3-GigabitEthernet0/0/1]ip address 10.0.34.3 24 [AR3-GigabitEthernet0/0/1]q [AR3]interface LoopBack 0 [AR3-LoopBack0]ip address 10.0.3.3 32 [AR3-LoopBack0]q [AR4]interface GigabitEthernet 0/0/0 [AR4-GigabitEthernet0/0/0]ip address 10.0.34.4 24 [AR4-GigabitEthernet0/0/0]q [AR4]interface GigabitEthernet 0/0/1 [AR4-GigabitEthernet0/0/1]ip address 10.0.45.4 24 [AR4-GigabitEthernet0/0/1]q [AR4]interface LoopBack 0 [AR4-LoopBack0]ip address 10.0.4.4 32 [AR4-LoopBack0]q [AR5]interface LoopBack 0 [AR5-LoopBack0]ip address 10.0.5.5 32 [AR5-LoopBack0]q [AR5]interface GigabitEthernet 0/0/0 [AR5-GigabitEthernet0/0/0]ip address 10.0.45.5 24 [AR5-GigabitEthernet0/0/0]q
在AR1、AR5上创建多个环回口,用于发布到BGP上
展开代码[AR1]interface LoopBack 1 [AR1-LoopBack1]ip address 172.16.1.1 24 [AR1-LoopBack1]q [AR1]interface LoopBack 2 [AR1-LoopBack2]ip address 172.16.2.1 24 [AR1-LoopBack2]q [AR1]interface LoopBack 3 [AR1-LoopBack3]ip address 172.16.3.1 24 [AR1-LoopBack3]q [AR1]interface LoopBack 4 [AR1-LoopBack4]ip address 172.16.4.1 24 [AR1-LoopBack4]q [AR1] [AR5]interface LoopBack 1 [AR5-LoopBack1]ip address 172.16.1.1 24 [AR5-LoopBack1]q [AR5]interface LoopBack 2 [AR5-LoopBack2]ip address 172.16.2.1 24 [AR5-LoopBack2]q [AR5]interface LoopBack 3 [AR5-LoopBack3]ip address 172.16.3.1 24 [AR5-LoopBack3]q [AR5]interface LoopBack 4 [AR5-LoopBack4]ip address 172.16.4.1 24 [AR5-LoopBack4]q [AR5]
(2)配置AS 64512的OSPF
AR2、AR3、AR4使用Loopback 0接口地址作为Router ID,在互联接口(不包括连接外部AS的接口)、Loopback 0接口上激活OSPF
展开代码[AR2]ospf 1 router-id 10.0.2.2 [AR2-ospf-1]area 0.0.0.0 [AR2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0 [AR2-ospf-1-area-0.0.0.0]network 10.0.23.2 0.0.0.0 [AR2-ospf-1-area-0.0.0.0]q [AR2-ospf-1]q [AR2] [AR3]ospf 1 router-id 10.0.3.3 [AR3-ospf-1]area 0.0.0.0 [AR3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0 [AR3-ospf-1-area-0.0.0.0]network 10.0.23.3 0.0.0.0 [AR3-ospf-1-area-0.0.0.0]network 10.0.34.3 0.0.0.0 [AR3-ospf-1-area-0.0.0.0]q [AR3-ospf-1]q [AR3] [AR4]ospf 1 router-id 10.0.4.4 [AR4-ospf-1]area 0.0.0.0 [AR4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0 [AR4-ospf-1-area-0.0.0.0]network 10.0.34.4 0.0.0.0 [AR4-ospf-1-area-0.0.0.0]q [AR4-ospf-1]q [AR4]
在AR3上查看OSPF邻居的概要信息
展开代码<AR3>display ospf peer brief
AR3已经与AR2、AR4成功建立邻居关系
在AR3查看OSPF路由表
展开代码c<AR3>display ospf routing
AR3已经学到AR2、AR4的Loopback 0接口路由
(3)配置BGP对等体
配置AS内、AS之间的对等体关系,AS内部使用环回口地址建立IBGP对等体关系,AS之间使用互联接口地址建立EBGP对等体关系
展开代码# AR1配置 [AR1]bgp 100 [AR1-bgp]router-id 10.0.1.1 [AR1-bgp]peer 10.0.12.2 as-number 64512 [AR1-bgp]q [AR1] # AR2配置 [AR2]bgp 64512 [AR2-bgp]router-id 10.0.2.2 [AR2-bgp]peer 10.0.3.3 as-number 64512 [AR2-bgp]peer 10.0.3.3 connect-interface LoopBack 0 [AR2-bgp]peer 10.0.12.1 as-number 100 [AR2-bgp]q [AR2] [AR3]bgp 64512 [AR3-bgp]router-id 10.0.3.3 [AR3-bgp]peer 10.0.2.2 as-number 64512 [AR3-bgp]peer 10.0.2.2 connect-interface LoopBack 0 [AR3-bgp]peer 10.0.4.4 as-number 64512 [AR3-bgp]peer 10.0.4.4 connect-interface LoopBack 0 [AR3-bgp]q [AR3] [AR4]bgp 64512 [AR4-bgp]router-id 10.0.4.4 [AR4-bgp]peer 10.0.3.3 as-number 64512 [AR4-bgp]peer 10.0.3.3 connect-interface LoopBack 0 [AR4-bgp]peer 10.0.45.5 as-number 200 [AR4-bgp]q [AR4] [AR5]bgp 200 [AR5-bgp]router-id 10.0.5.5 [AR5-bgp]peer 10.0.45.4 as-number 64512 [AR5-bgp]q [AR5]
未在AS之间互联接口上激活OSPF,所以要在AR2、AR4上需要设置向IBGP对等体AR3通告路由时,把下一跳属性设置为自身的更新源地址
展开代码[AR2-bgp]peer 10.0.3.3 next-hop-local [AR4-bgp]peer 10.0.3.3 next-hop-local
在AR2、AR4上检查BGP对等体状态
展开代码<AR2>display bgp peer
可以看到BGP对等体关系已经全部建立成功
在AR1、AR5上将Loopback 1、Loopback 2、Loopback 3、Loopback 4接口路由发布到BGP中
展开代码[AR1]bgp 100 [AR1-bgp]network 172.16.1.0 24 [AR1-bgp]network 172.16.2.0 24 [AR1-bgp]network 172.16.3.0 24 [AR1-bgp]network 172.16.4.0 24 [AR1-bgp]q [AR1] [AR5]bgp 200 [AR5-bgp]network 172.16.1.0 24 [AR5-bgp]network 172.16.2.0 24 [AR5-bgp]network 172.16.3.0 24 [AR5-bgp]network 172.16.4.0 24 [AR5-bgp]q [AR5]
在AR3上查看BGP路由表,检查BGP路由是否成功学习
展开代码<AR3>display bgp routing-table
AR3已经成功学到AR1、AR5发布的路由,现在所有路由都优选由AR2通告
(4)修改AS_Path属性
在AR1上通过路由策略修改BGP路由172.16.1.0/24的AS_Path属性值,使得AR3优选AR5发布的BGP路由172.16.1.0/24
展开代码# 创建IP前缀列表,匹配Loopback 1接口路由 [AR1]ip ip-prefix 1 permit 172.16.1.0 24 greater-equal 24 less-equal 24 # 创建Router-Policy ren,并创建节点10,在其中调用IP前缀列表1,修改AS_Path属性值 [AR1]route-policy ren permit node 10 Info: New Sequence of this List. [AR1-route-policy]if-match ip-prefix 1 [AR1-route-policy]apply as-path 300 400 additive [AR1-route-policy]q [AR1]route-policy ren permit node 20 Info: New Sequence of this List. [AR1-route-policy]q [AR1] # 对向BGP对等体AR2通告的BGP路由应用Router-Policy [AR1]bgp 100 [AR1-bgp]peer 10.0.12.2 route-policy ren export [AR1-bgp]q [AR1]
在AR1上触发出方向的软复位,刷新对外通告的BGP路由
展开代码<AR1>refresh bgp all export
在AR3查看BGP路由172.16.1.0/24的明细信息
展开代码<AR3>display bgp routing-table 172.16.1.0 24
此时AR3优选AR4通告的BGP路由172.16.1.0/24,AR2通告的未被优选的原因是AS_Path长度
(5)修改Local_Preference属性
在AR4上通告路由策略修改BGP路由172.16.2.0/24的Local_Prefernece属性值,使得AR3优选AR4通告的BGP路由172.16.2.0/24
展开代码# 创建IP前缀列表1,匹配BGP路由172.16.2.0/24 [AR4]ip ip-prefix 1 permit 172.16.2.0 24 greater-equal 24 less-equal 24 # 创建Router-Policy ren,并创建节点10,在其中调用IP前缀列表1,修改Local_Prefernece [AR4]route-policy ren permit node 10 Info: New Sequence of this List. [AR4-route-policy]if-match ip-prefix 1 [AR4-route-policy]apply local-preference 200 [AR4-route-policy]q [AR4]route-policy ren permit node 20 Info: New Sequence of this List. [AR4-route-policy]q # 对向BGP对等体AR3通告的BGP路由应用Router-Policy [AR4]bgp 64512 [AR4-bgp]peer 10.0.3.3 route-policy ren export [AR4-bgp]q [AR4]
在AR4上触发出方向的软复位,刷新对外通告的BGP路由
展开代码<AR4>refresh bgp all export
在AR3上查看BGP路由172.16.2.0/24的明细信息
展开代码<AR3>display bgp routing-table 172.16.2.0 24
此时AR3优选AR4通告的BGP路由172.16.2.0/24,AR2通告的BGP路由其Local_Preference值为100,小于AR3通告的BGP路由Local_Preference值200,因此AR2通告的BGP路由未被优选
(6)修改MED属性
AR2上通过路由策略修改BGP路由172.16.3.0/24的MED值,使得AR3优选AR5发布的BGP路由172.16.3.0/24
展开代码# 创建IP前缀列表1,匹配BGP路由172.16.3.0/24 [AR2]ip ip-prefix 1 permit 172.16.3.0 24 greater-equal 24 less-equal 24 # 创建Route-Policy ren,并创建节点10,在其中调用IP前缀列表1,修改MED属性值 [AR2]route-policy ren permit node 10 Info: New Sequence of this List. [AR2-route-policy]if-match ip-prefix 1 [AR2-route-policy]apply cost 200 [AR2-route-policy]q [AR2]route-policy ren permit node 20 Info: New Sequence of this List. [AR2-route-policy]q # 对来自BGP对等体AR1的BGP路由应用Route-Policy [AR2]bgp 64512 [AR2-bgp]peer 10.0.12.1 route-policy ren import [AR2-bgp]q [AR2]
在AR2上触发入方向的软复位,刷新接收到的BGP路由
展开代码<AR2>refresh bgp all import
在AR3上配置允许比较来自不同AS的BGP路由的MED值
展开代码[AR3]bgp 64512 [AR3-bgp]compare-different-as-med [AR3-bgp]q [AR3]
缺省情况下,不比较来自不同AS邻居的BGP的MED值
在AR3上查看BGP路由172.16.3.0/24的明细信息
展开代码<AR3>display bgp routing-table 172.16.3.0 24
AR2通告的BGP路由172.16.3.0/24其MED值为200,而AR4通告BGP路由MED值为0,AR3优选MED值较小的BGP路由,因此AR2通告的BGP路由未被优选
(7)修改prefered-value属性
在AR3上通过路由策略修改BGP路由172.16.4.0/24的prefered-value属性值,使得AR3优选AR4通告的BGP路由172.16.4.0/24
展开代码# 创建IP前缀列表1,匹配BGP路由172.16.4.0/24 [AR3]ip ip-prefix 1 permit 172.16.4.0 24 greater-equal 24 less-equal 24 # 创建Router-Policy ren,并创建节点10,在其中调用IP前缀列表1,修改preferred-value属性值 [AR3]route-policy ren permit node 10 Info: New Sequence of this List. [AR3-route-policy]if-match ip-prefix 1 [AR3-route-policy]apply preferred-value 300 [AR3-route-policy]q [AR3]route-policy ren permit node 20 Info: New Sequence of this List. [AR3-route-policy]q # 对来自BGP对等体AR4的BGP路由应用Router-Policy [AR3]bgp 64512 [AR3-bgp]peer 10.0.4.4 route-policy ren import [AR3-bgp]q [AR3]
在AR3上触发入方向的软复位,刷新收到的BGP路由
展开代码<AR3>refresh bgp all import
在AR3上查看BGP路由172.16.4.0/24的明细信息
展开代码<AR3>display bgp routing-table 172.16.4.0 24
AR4通告的BGP路由172.16.4.0/24其preferred-value值为300 ,而AR2通告的preferred-value值为0,AR3优选preferred-value值较大的BGP路由,因此AR3优选AR4通告的BGP路由
(8 可选)验证本地始发的BGP路由优于从对等体学习到的路由
在AR2上创建Loopback 1接口,将Loopback 1接口路由发布到OSPF中,之后再AR2、AR3上将该接口路由发布到BGP中,AR的BGP路由表中将会存在两条关于AR2的Loopback 1接口的BGP路由
展开代码# 在AR2上创建Loopback 1接口,配置IP地址为10.2.2.2/32 [AR2]interface LoopBack 1 [AR2-LoopBack1]ip address 10.2.2.2 32 [AR2-LoopBack1]q # 在Loopback 1接口上激活OSPF [AR2]ospf 1 [AR2-ospf-1]area 0.0.0.0 [AR2-ospf-1-area-0.0.0.0]network 10.2.2.2 0.0.0.0 [AR2-ospf-1-area-0.0.0.0]q [AR2-ospf-1]q [AR2]
在AR3查看OSPF路由10.2.2.2/32
展开代码<AR3>display ospf routing 10.2.2.2
AR3此时已经学习到AR2的Loopback 1接口路由
在AR2、AR3上将Loopback 1接口路由发布到BGP
展开代码[AR2]bgp 64512 [AR2-bgp]network 10.2.2.2 32 [AR2-bgp]q [AR2] [AR3]bgp 64512 [AR3-bgp]network 10.2.2.2 32 [AR3-bgp]q [AR3]
在R3上查看BGP路由10.2.2.2/32的明细信息
展开代码<AR3>display bgp routing-table 10.2.2.2 32
AR3上优选本地发布的BGP路由10.2.2.2/32,而AR2通告的BGP路由10.2.2.2/32未被优选的原因是 “ not preferred for route type ” ,由于路由类型原因(本地始发由于从BGP对等体学习到的)
(9可选)修改Origin属性
在AR1、AR5上创建Loopback 5接口,将接口路由发布到BGP上,验证Origin属性为IGP的BGP路由优于Origin属性为Incomplete的BGP路由
展开代码# AR1、AR5创建Loopback 5接口,IP地址为172.16.5.1/24 [AR1]interface LoopBack 5 [AR1-LoopBack5]ip address 172.16.5.1 24 [AR1-LoopBack5]q [AR1] [AR5]interface LoopBack 5 [AR5-LoopBack5]ip address 172.16.5.1 24 [AR5-LoopBack5]q [AR5] # 将AR1、AR5发布到BGP上 [AR1]bgp 100 [AR1-bgp]network 172.16.5.0 24 [AR1-bgp]q [AR1] [AR5]bgp 200 [AR5-bgp]network 172.16.5.0 24 [AR5-bgp]q [AR5]
在AR3上查看BGP路由表
展开代码<AR3>display bgp routing-table
此时AR3上优选AR2通告(由AR1发布)的BGP路由172.16.5.0/24,此时AR2、AR4通告的BGP路由Origin属性值都为IGP
在AR1上取消将Loopback 5接口路由发布到BGP
展开代码[AR1]bgp 100 [AR1-bgp]undo network 172.16.5.0 24 [AR1-bgp]q [AR1] # 创建IP前缀列表2,匹配AR1 Loopback5接口路由172.16.5.0/24 [AR1]ip ip-prefix 2 permit 172.16.5.0 24 greater-equal 24 less-equal 24 # 创建Route-Policy origin,并创建节点10,在其中调用IP前缀列表2 [AR1]route-policy origin permit node 10 Info: New Sequence of this List. [AR1-route-policy]if-match ip-prefix 2 [AR1-route-policy]q # AR调用route-policy origin限制只引入Loopback 5接口路由 [AR1]bgp 100 [AR1-bgp]import-route direct route-policy origin [AR1-bgp]q [AR1]
在AR3上查看BGP路由172.16.5.0/24的明细信息
展开代码<AR3>display bgp routing-table 172.16.5.0 24
此时AR3优选AR4通告的BGP路由172.16.5.0/24
AR2通告(AR1发布)的BGP路由172.16.5.0/24,此时Origin属性值为incomplete(通过 import-route方式发布到BGP),由于Origin属性值原因,该条路由未被优选
(10可选)验证EBGP路由的优先级高于IBGP路由
在AR1、AR3上创建Loopback 6接口,将Loopback 6接口路由发布到BGP中,在AR2上观察优选结果
展开代码# AR1、AR3创建Loopback 6接口并发布到BGP [AR1]interface LoopBack 6 [AR1-LoopBack6]ip address 172.16.6.1 24 [AR1-LoopBack6]q [AR1]bgp 100 [AR1-bgp]network 172.16.6.0 24 [AR1-bgp]q [AR1] [AR3]interface LoopBack 6 [AR3-LoopBack6]ip address 172.16.6.1 24 [AR3-LoopBack6]q [AR3]bgp 64512 [AR3-bgp]network 172.16.6.0 24 [AR3-bgp]q [AR3]
在AR2查看BGP路由172.16.6.0/24的明细信息
展开代码<AR2>display bgp routing-table 172.16.6.0 24
此时AR2优选AR3发布的BGP路由172.16.6.0/24,为优选AR1的原因是AS-Path
在AR3上通过路由策略为BGP路由172.16.6.0/24添加AS-Path属性值
展开代码[AR3]ip ip-prefix 2 permit 172.16.6.0 24 greater-equal 24 less-equal 24 [AR3]route-policy as_path permit node 10 Info: New Sequence of this List. [AR3-route-policy]if-match ip-prefix 2 [AR3-route-policy]apply as-path 300 additive [AR3-route-policy]q [AR3]route-policy as_path permit node 20 Info: New Sequence of this List. [AR3-route-policy]q [AR3]bgp 64512 [AR3-bgp]peer 10.0.2.2 route-policy as_path export [AR3-bgp]q [AR3]
在AR3上触发出方向的软复位,刷新对外通告的BGP路由
展开代码<AR3>refresh bgp all export
再次在AR2上查看BGP路由172.16.6.0/24的明细信息
展开代码<AR2>display bgp routing-table 172.16.6.0 24
此时来自AR3的BGP路由未被优选,原因是 “ not preferred for peer type ”,在其他条件相同的情况下BGP优选来自EBGP对等体的路由
(11可选)验证BGP优选到Nex_Hop的IGP度量值最小的路由
AR2、AR4之间基于环回口建立IBGP对等体关系,在AR2、AR3上建立Loopback7接口并将接口 路由发布到BGP中,在AR4上观察BGP路由优选情况
在AR2、AR4之间建立IBGP对等体关系
展开代码[AR2]bgp 64512 [AR2-bgp]peer 10.0.4.4 as-number 64512 [AR2-bgp]peer 10.0.4.4 connect-interface LoopBack 0 [AR2-bgp]q [AR2] [AR4]bgp 64512 [AR4-bgp]peer 10.0.2.2 as-number 64512 [AR4-bgp]peer 10.0.2.2 connect-interface LoopBack 0 [AR4-bgp]q [AR4]
检查IBGP对等体关系状态
展开代码<AR4>display bgp peer
IBGP对等体关系已经成功建立
在AR2、AR3上创建Loopback 7接口,并将接口路由发布到BGP
展开代码[AR2]interface LoopBack 7 [AR2-LoopBack7]ip address 172.16.7.1 24 [AR2-LoopBack7]q [AR2]bgp 64512 [AR2-bgp]network 172.16.7.0 24 [AR2-bgp]q [AR2] [AR3]interface LoopBack 7 [AR3-LoopBack7]ip address 172.16.7.1 24 [AR3-LoopBack7]q [AR3]bgp 64512 [AR3-bgp]network 172.16.7.0 24 [AR3-bgp]q [AR3]
在AR4上查看BGP路由172.16.7.0/24的明细信息
展开代码<AR4>display bgp routing-table 172.16.7.0 24
AR4优选AR3发布的BGP路由,其IGP cost为1,小于AR2发布的BGP路由IGP cost 2。 AR2发布的BGP路由未被优选的原因为IGP cost
实验包
https://www.alipan.com/s/Ywpu1fm4w2y本文作者:zzz
本文链接:
版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!