配置基于前缀的BGP ORF示例

最新推荐文章于 2025-07-29 19:43:47 发布

原创最新推荐文章于 2025-07-29 19:43:47 发布 · 966 阅读

·

26

·

CC 4.0 BY-SA版权

版权声明：本文为博主原创文章，遵循 CC 4.0 BY-SA 版权协议，转载请附上原文出处链接和本声明。

文章标签：

#网络 #网络工程师 #华为认证 #HCIP #HCIA

入门到精通华为数通网络工程师专栏收录该内容

101 篇文章

订阅专栏

学习精彩网络技术老师：华为HCIA和HCIP数通eNSP实战视频课

学习精彩网络技术老师：华为HCIA和HCIP数通eNSP实战视频课、华三、锐捷、WLAN、IPv6等全套视频课程

配置基于前缀的BGP ORF功能后可以实现路由的按需发布。

组网需求

如图1所示，DeviceA和DeviceB都属于AS100，DeviceC、DeviceD和DeviceE都属于AS200。DeviceA需要DeviceC只发送符合DeviceA入口策略的路由，但是DeviceC不想单独为DeviceA维护一个出口策略，这时可以配置基于前缀的BGP ORF功能。

图1 配置基于前缀的BGP ORF功能基本组网图

本例中interface1，interface2，interface3分别代表GE0/1/0，GE0/2/0，GE0/3/0。

配置思路

采用如下的思路配置基于前缀的BGP ORF：

在DeviceA和DeviceC之间建立EBGP邻居；在DeviceA和DeviceB之间建立IBGP邻居；在DeviceC和DeviceD、DeviceC和DeviceE之间建立IBGP邻居。

在DeviceA上应用基于前缀的入口过滤，在DeviceA和DeviceC上分别使能基于前缀的BGP ORF能力。

数据准备

为完成此配置例，需准备如下的数据：

DeviceA和DeviceB的Router ID分别是1.1.1.1、2.2.2.2，所在AS号是100。

DeviceC、DeviceD和DeviceE的Router ID分别是3.3.3.3、4.4.4.4、5.5.5.5，所在AS号是200。

操作步骤

配置各接口的IP地址

参照图1，配置各接口的IP地址，具体配置过程请参考后面的配置文件。

配置BGP邻居

# 配置DeviceA。

[~DeviceA] bgp 100

[*DeviceA-bgp] router-id 1.1.1.1

[*DeviceA-bgp] peer 10.2.1.1 as-number 100

[*DeviceA-bgp] peer 10.1.1.2 as-number 200

[*DeviceA-bgp] ipv4-family unicast

[*DeviceA-bgp-af-ipv4] import-route direct

[*DeviceA-bgp-af-ipv4] quit

[*DeviceA-bgp] commit

[~DeviceA-bgp] quit

# 配置DeviceB。

[~DeviceB] bgp 100

[*DeviceB-bgp] router-id 2.2.2.2

[*DeviceB-bgp] peer 10.2.1.2 as-number 100

[*DeviceB-bgp] commit

[~DeviceB-bgp] quit

# 配置DeviceC。

[~DeviceC] bgp 200

[*DeviceC-bgp] router-id 3.3.3.3

[*DeviceC-bgp] peer 10.1.1.1 as-number 100

[*DeviceC-bgp] peer 10.3.1.1 as-number 200

[*DeviceC-bgp] peer 10.4.1.1 as-number 200

[*DeviceC-bgp] ipv4-family unicast

[*DeviceC-bgp-af-ipv4] import-route direct

[*DeviceC-bgp-af-ipv4] quit

[*DeviceC-bgp] commit

[~DeviceC-bgp] quit

# 配置DeviceD。

[~DeviceD] bgp 200

[*DeviceD-bgp] router-id 4.4.4.4

[*DeviceD-bgp] peer 10.3.1.2 as-number 200

[*DeviceD-bgp] commit

[~DeviceD-bgp] quit

# 配置DeviceE。

[~DeviceE] bgp 200

[*DeviceE-bgp] router-id 5.5.5.5

[*DeviceE-bgp] peer 10.4.1.2 as-number 200

[*DeviceE-bgp] commit

[~DeviceE-bgp] quit

在DeviceA上配置基于前缀的入口过滤策略

# 配置DeviceA。

[~DeviceA] ip ip-prefix 1 index 10 permit 10.3.1.0 24 less-equal 32

[*DeviceA] bgp 100

[*DeviceA-bgp] peer 10.1.1.2 ip-prefix 1 import

[*DeviceA-bgp] commit

[~DeviceA-bgp] quit

# 在DeviceC上查看路由发送情况。

[~DeviceC] display bgp routing-table peer 10.1.1.1 advertised-routes

BGP Local router ID is 3.3.3.3

Status codes: * - valid, > - best, d - damped, x - best external, a - add path,

h - history, i - internal, s - suppressed, S - Stale

Origin : i - IGP, e - EGP, ? - incomplete RPKI validation codes: V - valid, I - invalid, N - not-found

Total Number of Routes: 7

Network NextHop MED LocPrf PrefVal Path/Ogn

*> 3.3.3.3/32 10.1.1.2 0 0 200?

*> 10.1.1.0/30 10.1.1.2 0 0 200?

*> 10.1.1.1/32 10.1.1.2 0 0 200?

*> 10.3.1.0/30 10.1.1.2 0 0 200?

*> 10.3.1.1/32 10.1.1.2 0 0 200?

*> 10.4.1.0/30 10.1.1.2 0 0 200?

*> 10.4.1.1/32 10.1.1.2 0 0 200?

# 在DeviceA上查看路由接收情况。

[~DeviceA] display bgp routing-table peer 10.1.1.2 received-routes

BGP Local router ID is 1.1.1.1

Status codes: * - valid, > - best, d - damped, x - best external, a - add path,

h - history, i - internal, s - suppressed, S - Stale

Origin : i - IGP, e - EGP, ? - incomplete RPKI validation codes: V - valid, I - invalid, N - not-found

Total Number of Routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

*> 10.3.1.0/30 10.1.1.2 0 0 200?

*> 10.3.1.1/32 10.1.1.2 0 0 200?

未使能基于前缀的BGP ORF功能时，DeviceC发送了7条路由，而DeviceA基于前缀列表的入口策略对DeviceC发送的7条路由进行过滤，只接收了2条路由。

使能基于前缀的BGP ORF功能

# 在DeviceA上使能基于前缀的BGP ORF功能。

[~DeviceA] bgp 100

[*DeviceA-bgp] peer 10.1.1.2 capability-advertise orf ip-prefix both

[*DeviceA-bgp] commit

[~DeviceA-bgp] quit

# 在DeviceC上使能基于前缀的BGP ORF功能。

[~DeviceC] bgp 200

[*DeviceC-bgp] peer 10.1.1.1 capability-advertise orf ip-prefix both

[*DeviceC-bgp] commit

[~DeviceC-bgp] quit

验证配置结果

# 在DeviceA查看基于前缀的BGP ORF协商信息。

[~DeviceA] display bgp peer 10.1.1.2 verbose

BGP Peer is 10.1.1.2, remote AS 200

Type: EBGP link

BGP version 4, Remote router ID 3.3.3.3

Update-group ID: 1

BGP current state: Established, Up for 00h00m01s

BGP current event: RecvRouteRefresh

BGP last state: OpenConfirm

BGP Peer Up count: 2

Received total routes: 0

Received active routes total: 0

Advertised total routes: 5

Port: Local - 179 Remote - 54545

Configured: Active Hold Time: 180 sec Keepalive Time:60 sec

Received : Active Hold Time: 180 sec

Negotiated: Active Hold Time: 180 sec Keepalive Time:60 sec

Peer optional capabilities:

Peer supports bgp multi-protocol extension

Peer supports bgp route refresh capability

Peer supports bgp outbound route filter capability

Support Address-Prefix: IPv4-UNC address-family, rfc-compatible, both

Peer supports bgp 4-byte-as capability

Address family IPv4 Unicast: advertised and received

Received: Total 3 messages

Update messages 1

Open messages 1

KeepAlive messages 1

Notification messages 0

Refresh messages 1

Sent: Total 9 messages

Update messages 5

Open messages 2

KeepAlive messages 1

Notification messages 0

Refresh messages 1

Authentication type configured: None

Last keepalive received: 2012-03-06 19:17:37 UTC-8:00

Last keepalive sent : 2012-03-06 19:17:37 UTC-8:00

Last update received: 2012-03-06 19:17:43 UTC-8:00

Last update sent : 2012-03-06 19:17:37 UTC-8:00

Minimum route advertisement interval is 30 seconds

Optional capabilities:

Route refresh capability has been enabled

Outbound route filter capability has been enabled

Enable Address-Prefix: IPv4-UNC address-family, rfc-compatible, both

4-byte-as capability has been enabled

Multi-hop ebgp has been enabled

Peer Preferred Value: 0

Routing policy configured:

No import update filter list

No export update filter list

Import prefix list is: 1

No export prefix list

No import route policy

No export route policy

No import distribute policy

No export distribute policy

# 在DeviceC上查看路由发送情况。

[~DeviceC] display bgp routing-table peer 10.1.1.1 advertised-routes

BGP Local router ID is 3.3.3.3

Status codes: * - valid, > - best, d - damped, x - best external, a - add path,

h - history, i - internal, s - suppressed, S - Stale

Origin : i - IGP, e - EGP, ? - incomplete RPKI validation codes: V - valid, I - invalid, N - not-found

Total Number of Routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

*> 10.3.1.0/30 10.1.1.2 0 0 200?

*> 10.3.1.1/32 10.1.1.2 0 0 200?

# 在DeviceA上查看路由接收情况。

[~A] display bgp routing-table peer 10.1.1.2 received-routes

BGP Local router ID is 1.1.1.1

Status codes: * - valid, > - best, d - damped, x - best external, a - add path,

h - history, i - internal, s - suppressed, S - Stale

Origin : i - IGP, e - EGP, ? - incomplete RPKI validation codes: V - valid, I - invalid, N - not-found

Total Number of Routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

*> 10.3.1.0/30 10.1.1.2 0 0 200?

*> 10.3.1.1/32 10.1.1.2 0 0 200?

使能基于前缀的BGP ORF功能后，DeviceC按照DeviceA基于前缀列表的入口策略只发送了2条路由，DeviceA也只接收了这2条路由。

配置文件

DeviceA的配置文件

#

sysname RouterA

#

interface GigabitEthernet0/1/0

ip address 10.2.1.2 255.255.255.252

#

interface GigabitEthernet0/1/1

ip address 10.1.1.1 255.255.255.252

#

interface LoopBack1

ip address 1.1.1.1 255.255.255.255

#

bgp 100

router-id 1.1.1.1

peer 10.1.1.2 as-number 200

peer 10.2.1.1 as-number 100

#

ipv4-family unicast

undo synchronization

import-route direct

peer 10.1.1.2 enable

peer 10.1.1.2 ip-prefix 1 import

peer 10.1.1.2 capability-advertise orf ip-prefix both

peer 10.2.1.1 enable

#

ip ip-prefix 1 index 10 permit 10.3.1.0 24 greater-equal 24 less-equal 32

#

return

DeviceB的配置文件

#

sysname RouterB

#

interface GigabitEthernet0/1/0

ip address 10.2.1.1 255.255.255.252

#

interface LoopBack1

ip address 2.2.2.2 255.255.255.255

#

bgp 100

router-id 2.2.2.2

peer 10.2.1.2 as-number 100

#

ipv4-family unicast

undo synchronization

peer 10.2.1.2 enable

#

return

DeviceC的配置文件

#

sysname RouterC

#

interface GigabitEthernet0/1/0

ip address 10.3.1.2 255.255.255.252

#

interface GigabitEthernet0/1/1

ip address 10.1.1.2 255.255.255.252

#

interface GigabitEthernet0/1/3

ip address 10.4.1.2 255.255.255.252

#

interface LoopBack1

ip address 3.3.3.3 255.255.255.255

#

bgp 200

router-id 3.3.3.3

peer 10.1.1.1 as-number 100

peer 10.3.1.1 as-number 200

peer 10.4.1.1 as-number 200

#

ipv4-family unicast

undo synchronization

import-route direct

peer 10.1.1.1 enable

peer 10.1.1.1 capability-advertise orf ip-prefix both

peer 10.3.1.1 enable

peer 10.4.1.1 enable

#

return

DeviceD的配置文件

#

sysname RouterD

#

interface GigabitEthernet0/1/0

ip address 10.3.1.1 255.255.255.252

#

interface LoopBack1

ip address 4.4.4.4 255.255.255.255

#

bgp 200

router-id 4.4.4.4

peer 10.3.1.2 as-number 200

#

ipv4-family unicast

undo synchronization

peer 10.3.1.2 enable

#

return

DeviceE的配置文件

#

sysname RouterE

#

interface GigabitEthernet0/1/1

ip address 10.4.1.1 255.255.255.252

#

interface LoopBack1

ip address 5.5.5.5 255.255.255.255

#

bgp 200

router-id 5.5.5.5

peer 10.4.1.2 as-number 200

#

ipv4-family unicast

undo synchronization

peer 10.4.1.2 enable

#

return

评论

被折叠的条评论为什么被折叠?

到【灌水乐园】发言

查看更多评论

添加红包

成就一亿技术人!

hope_wisdom

发出的红包

打赏作者

精彩网络技术 你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20

扫码支付：¥1

获取中

扫码支付

您的余额不足，请更换扫码支付或充值

实付元

使用余额支付

点击重新获取

扫码支付

钱包余额 0

抵扣说明：

1.余额是钱包充值的虚拟货币，按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载，可以购买VIP、付费专栏及课程。