练习:BGP联邦和发射试验

于 2025-05-15 01:29:17 发布
阅读量268 收藏 2
点赞数 6
CC 4.0 BY-SA版权
文章标签: 网络
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/Timememory829/article/details/147966279

一.要求拓扑图

二.要求

三.需求分析

1.   AS1:环回`16.1.1.0/24`需宣告,`192.168.1.0/24`不宣告。  
AS3:环回`11.1.1.0/24`需宣告,`192.168.2.0/24`不宣告。  
AS2:使用`172.16.0.0/16`划分子网。   

2. AS内部:AS1/AS3用OSPF/EIGRP,过滤未宣告环回;AS2用OSPF全网可达。  
AS间:通过BGP互联(AS1-AS2-AS3),宣告`16.1.1.0/24`和`11.1.1.0/24`。  

3. 路由汇总:BGP边界汇总路由,减少条目。  
防环机制:BGP通过`AS_PATH`检测环路,IGP过滤未宣告网段。  

4.  配置环回接口,仅宣告指定网段;AS间链路启用BGP,建立eBGP邻居并宣告合法路由;AS内启用IGP(如OSPF),通过前缀列表过滤敏感路由。  

5.   测试`16.1.1.0/24`与`11.1.1.0/24`互通性;检查路由表中无未宣告的`192.168.x.0/24`网段;确认BGP表无重复AS_PATH。  

四.配置

ar1

interface GigabitEthernet 0/0/0
 ip address 12.0.0.1 24
 
interface LoopBack0
 ip address 10.1.1.1 24
 
interface LoopBack1
 ip address 192.168.1.1 24
 
bgp 1
 router-id 1.1.1.1
 peer 12.0.0.2 as-number 2
 network 10.1.1.0 24
 
interface Tunnel 0/0/0
 ip address 18.1.1.1 24
 tunnel-protocol gre
 source 10.1.1.1
 destination 11.1.1.1
 
ip route-static 192.168.2.0 24 18.1.1.2

ar2

interface GigabitEthernet 0/0/0
 ip address 12.0.0.2 24
 
interface GigabitEthernet 0/0/1
 ip address 172.16.0.1 30
 
interface GigabitEthernet 0/0/2
 ip address 172.16.0.21 30
 
interface LoopBack0
 ip address 2.2.2.2 32
 
interface LoopBack1
 ip address 172.16.2.1 24
 
ospf 1 router-id 2.2.2.2
 area 0
  network 172.16.0.0 0.0.0.255
  network 2.2.2.2 0.0.0.0
 
bgp 64512
 router-id 2.2.2.2
 confederation id 2
 peer 12.0.0.1 as-number 1
 peer 3.3.3.3 as-number 64512
 peer 3.3.3.3 connect-interface LoopBack 0
 peer 3.3.3.3 next-hop-local
 peer 5.5.5.5 as-number 64513
 peer 5.5.5.5 connect-interface LoopBack 0
 peer 5.5.5.5 next-hop-local
 peer 5.5.5.5 ebgp-max-hop 255
 confederation peer-as 64513
 network 172.16.0.0 24
 network 172.16.0.0 16
 
ip route-static 172.16.0.0 16 NULL 0

ar3

interface GigabitEthernet 0/0/0
 ip address 172.16.0.2 30
 
interface GigabitEthernet 0/0/1
 ip address 172.16.0.5 30
 
interface LoopBack0
 ip address 3.3.3.3 32
 
interface LoopBack1
 ip address 172.16.3.1 24
 
ospf 1 router-id 3.3.3.3
 area 0
  network 172.16.0.0 0.0.0.255
  network 3.3.3.3 0.0.0.0
 
bgp 64512
 confederation id 2
 router-id 3.3.3.3
 peer 2.2.2.2 as-number 64512
 peer 2.2.2.2 connect-interface LoopBack 0
 peer 4.4.4.4 as-number 64512
 peer 4.4.4.4 connect-interface LoopBack 0
 peer 2.2.2.2 reflect-client 
 peer 4.4.4.4 reflect-client

ar4

interface GigabitEthernet 0/0/0
 ip address 172.16.0.6 30
 
interface GigabitEthernet 0/0/1
 ip address 172.16.0.9 30
 
interface LoopBack0
 ip address 4.4.4.4 32
 
interface LoopBack1
 ip address 172.16.4.1 24
 
ospf 1 router-id 4.4.4.4
 area 0
  network 172.16.0.0 0.0.0.255
  network 4.4.4.4 0.0.0.0
 
bgp 64512
 confederation id 2
 router-id 4.4.4.4
 peer 3.3.3.3 as-number 64512
 peer 3.3.3.3 connect-interface LoopBack 0
 peer 3.3.3.3 next-hop-local
 confederation peer-as 64513
 peer 7.7.7.7 as-number 64513
 peer 7.7.7.7 connect-interface LoopBack 0
 peer 7.7.7.7 next-hop-local
 peer 7.7.7.7 ebgp-max-hop 255

ar5

interface GigabitEthernet 0/0/0
 ip address 172.16.0.22 30
 
interface GigabitEthernet 0/0/1
 ip address 172.16.0.17 30
 
interface LoopBack0
 ip address 5.5.5.5 32
 
interface LoopBack1
 ip address 172.16.5.1 24
 
ospf 1 router-id 5.5.5.5
 area 0
  network 172.16.0.0 0.0.0.255
  network 5.5.5.5 0.0.0.0
 
bgp 64513
 confederation id 2
 router-id 5.5.5.5
 peer 6.6.6.6 as-number 64513
 peer 6.6.6.6 connect-interface LoopBack 0
 peer 6.6.6.6 next-hop-local
 confederation peer-as 64512
 peer 2.2.2.2 as-number 64512
 peer 2.2.2.2 connect-interface LoopBack 0
 peer 2.2.2.2 next-hop-local
 peer 2.2.2.2 ebgp-max-hop 255

ar6

interface GigabitEthernet 0/0/0
 ip address 172.16.0.18 30
 
interface GigabitEthernet 0/0/1
 ip address 172.16.0.13 30
 
interface LoopBack0
 ip address 6.6.6.6 32
 
interface LoopBack1
 ip address 172.16.6.1 24
 
ospf 1 router-id 6.6.6.6
 area 0
  network 172.16.0.0 0.0.0.255
  network 6.6.6.6 0.0.0.0
 
bgp 64513
 confederation id 2
 router-id 6.6.6.6
 peer 5.5.5.5 as-number 64513
 peer 5.5.5.5 connect-interface LoopBack 0
 peer 7.7.7.7 as-number 64513
 peer 7.7.7.7 connect-interface LoopBack 0
 peer 5.5.5.5 reflect-client 
 peer 7.7.7.7 reflect-client

ar7

interface GigabitEthernet 0/0/0
 ip address 172.16.0.14 30
 
interface GigabitEthernet 0/0/1
 ip address 172.16.0.10 30
 
interface GigabitEthernet 0/0/2
 ip address 78.0.0.7 24
 
interface LoopBack0
 ip address 7.7.7.7 32
 
interface LoopBack1
 ip address 172.16.7.1 24
 
ospf 1 router-id 7.7.7.7
 area 0
  network 172.16.0.0 0.0.0.255
  network 7.7.7.7 0.0.0.0
 
bgp 64513
 confederation id 2
 router-id 7.7.7.7
 peer 78.0.0.8 as-number 3
 peer 6.6.6.6 as-number 64513
 peer 6.6.6.6 connect-interface LoopBack 0
 peer 6.6.6.6 next-hop-local
 confederation peer-as 64512
 peer 4.4.4.4 as-number 64512
 peer 4.4.4.4 connect-interface LoopBack 0
 peer 4.4.4.4 next-hop-local
 peer 4.4.4.4 ebgp-max-hop 255
 network 172.16.0.0 24
 network 172.16.0.0 16
 
ip route-static 172.16.0.0 16 NULL 0

ar8

interface GigabitEthernet 0/0/0
 ip address 78.0.0.8 24
 
interface LoopBack0
 ip address 11.1.1.1 24
 
interface LoopBack1
 ip address 192.168.2.1 24
 
bgp 3
 router-id 8.8.8.8
 peer 78.0.0.7 as-number 2
 network 11.1.1.0 24
 
interface Tunnel 0/0/0
 ip address 18.1.1.2 24
 tunnel-protocol gre
 source 11.1.1.1
 destination 10.1.1.1
 
ip route-static 192.168.1.0 24 18.1.1.1

五.检验

Timememory829
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值