学习精彩网络技术老师:华为HCIA和HCIP数通eNSP实战视频课
学习精彩网络技术老师:华为HCIA和HCIP数通eNSP实战视频课、华三、锐捷、WLAN、IPv6等全套视频课程
通过控制缺省路由的发布,控制流量从不同的路径离开AS。
组网需求
如图1所示,所有NE均为BGP设备,DeviceA和DeviceB之间、DeviceC和DeviceE之间、DeviceD和DeviceF之间分别建立EBGP连接,DeviceB和DeviceC之间、DeviceB和DeviceD之间分别建立IBGP连接,以保证AS200的出流量可以通过DeviceE和DeviceF来进行分担。
本例中interface1,interface2,interface3分别代表GE0/1/0,GE0/2/0,GE0/3/0。
| 设备名称 | 接口 | IP地址 |
| Device A | GE 0/1/0 | 10.20.1.1/24 |
| Loopback 0 | 1.1.1.1/32 | |
| Device B | GE 0/1/0 | 10.20.1.2/24 |
| GE 0/2/0 | 10.0.1.1/24 | |
| GE 0/3/0 | 10.0.3.2/24 | |
| Loopback 0 | 2.2.2.2/32 | |
| Device C | GE 0/1/0 | 10.20.2.2/24 |
| GE 0/2/0 | 10.0.1.2/24 | |
| GE 0/3/0 | 10.0.2.1/24 | |
| Loopback 0 | 3.3.3.3/32 | |
| Device D | GE 0/1/0 | 10.20.3.2/24 |
| GE 0/2/0 | 10.0.3.1/24 | |
| GE 0/3/0 | 10.0.2.2/24 | |
| Loopback 0 | 4.4.4.4/32 | |
| Device E | GE 0/1/0 | 10.20.2.1/24 |
| GE 0/2/0 | 10.21.7.1.1/24 | |
| Loopback 0 | 5.5.5.5/32 | |
| Device F | GE 0/1/0 | 10.20.3.1/24 |
| GE 0/2/0 | 10.22.8.1.1/24 | |
| Loopback 0 | 6.6.6.6/32 |
配置注意事项
在配置过程中,需注意以下事项:
缺省路由有两种用途,一是代表全网路由,减少路由量,如用在Stub AS的场景中,使用一条缺省路由引导所有到外界的流量,而不是将全网路由发布过去;另一个是代表除明细路由外的所有路由,如用在Multi-home负载分担场景中。
建立对等体时,当所指定的对等体的IP地址为Loopback接口地址或子接口的IP地址时,需要在对等体两端同时配置命令peer connect-interface,以保证两端连接的正确性。
配置思路
采用如下的思路配置BGP发布缺省路由:
在DeviceB、DeviceC和DeviceD上配置OSPF协议。
在DeviceA和DeviceB之间、DeviceC和DeviceE之间、DeviceD和DeviceF之间分别配置EBGP连接。
在DeviceB和DeviceC之间、DeviceB和DeviceD之间分别配置IBGP连接。
在DeviceC上配置入口策略,只允许接收缺省路由。
在DeviceD上配置入口策略,允许接收缺省路由和所有明细路由,并对接收的缺省路由设置Local_Pref值。
数据准备
为完成此配置例,需准备如下的数据:
DeviceA、DeviceB、DeviceC、DeviceD、DeviceE和DeviceF各自的Router ID 以及所在的AS号。
在DeviceC和DeviceD上配置入口策略的名称。
在DeviceD上对接收的缺省路由设置的Local_Pref值。
操作步骤
- 配置各接口的IP地址(略)
- 配置OSPF
# 配置DeviceB。
[~DeviceB] ospf 1
[*DeviceB-ospf-1] area 0
[*DeviceB-ospf-1-area-0.0.0.0] network 10.0.1.0 0.0.0.255
[*DeviceB-ospf-1-area-0.0.0.0] network 10.0.3.0 0.0.0.255
[*DeviceB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
[*DeviceB-ospf-1-area-0.0.0.0] commit
[~DeviceB-ospf-1-area-0.0.0.0] quit
[~DeviceB-ospf-1] quit
# 配置DeviceC。
[~DeviceC] ospf 1
[*DeviceC-ospf-1] area 0
[*DeviceC-ospf-1-area-0.0.0.0] network 10.0.1.0 0.0.0.255
[*DeviceC-ospf-1-area-0.0.0.0] network 10.0.2.0 0.0.0.255
[*DeviceC-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0
[*DeviceC-ospf-1-area-0.0.0.0] commit
[~DeviceC-ospf-1-area-0.0.0.0] quit
[~DeviceC-ospf-1] quit
# 配置DeviceD。
[~DeviceD] ospf 1
[*DeviceD-ospf-1] area 0
[*DeviceD-ospf-1-area-0.0.0.0] network 10.0.2.0 0.0.0.255
[*DeviceD-ospf-1-area-0.0.0.0] network 10.0.3.0 0.0.0.255
[*DeviceD-ospf-1-area-0.0.0.0] network 4.4.4.4 0.0.0.0
[*DeviceD-ospf-1-area-0.0.0.0] commit
[~DeviceD-ospf-1-area-0.0.0.0] quit
[~DeviceD-ospf-1] quit
- 配置BGP连接
# 配置DeviceA。
[~DeviceA] bgp 100
[*DeviceA-bgp] router-id 1.1.1.1
[*DeviceA-bgp] peer 10.20.1.2 as-number 200
[*DeviceA-bgp] commit
[~DeviceA-bgp] quit
# 配置DeviceB。
[~DeviceB] bgp 200
[*DeviceB-bgp] router-id 2.2.2.2
[*DeviceB-bgp] peer 10.20.1.1 as-number 100
[*DeviceB-bgp] network 10.20.1.0 24
[*DeviceB-bgp] peer 3.3.3.3 as-number 200
[*DeviceB-bgp] peer 3.3.3.3 connect-interface LoopBack0
[*DeviceB-bgp] peer 4.4.4.4 as-number 200
[*DeviceB-bgp] peer 4.4.4.4 connect-interface LoopBack0
[*DeviceB-bgp] commit
[~DeviceB-bgp] quit
# 配置DeviceC。
[~DeviceC] bgp 200
[*DeviceC-bgp] router-id 3.3.3.3
[*DeviceC-bgp] peer 10.20.2.1 as-number 300
[*DeviceC-bgp] network 10.20.2.0 24
[*DeviceC-bgp] peer 2.2.2.2 as-number 200
[*DeviceC-bgp] peer 2.2.2.2 connect-interface LoopBack0
[*DeviceC-bgp] commit
[~DeviceC-bgp] quit
# 配置DeviceD。
[~DeviceD] bgp 200
[*DeviceD-bgp] router-id 4.4.4.4
[*DeviceD-bgp] peer 10.20.3.1 as-number 400
[*DeviceD-bgp] network 10.20.3.0 24
[*DeviceD-bgp] peer 2.2.2.2 as-number 200
[*DeviceD-bgp] peer 2.2.2.2 connect-interface LoopBack0
[*DeviceD-bgp] commit
[~DeviceD-bgp] quit
# 配置DeviceE。
[~DeviceE] bgp 300
[*DeviceE-bgp] router-id 5.5.5.5
[*DeviceE-bgp] peer 10.20.2.2 as-number 200
[*DeviceE-bgp] network 10.1.1.0 24
[*DeviceE-bgp] commit
[~DeviceE-bgp] quit
# 配置DeviceF。
[~DeviceF] bgp 400
[*DeviceF-bgp] router-id 6.6.6.6
[*DeviceF-bgp] peer 10.20.3.2 as-number 200
[*DeviceF-bgp] network 10.2.1.0 24
[*DeviceF-bgp] commit
[~DeviceF-bgp] quit
- 配置DeviceE和DeviceF发布缺省路由
# 配置DeviceE发布缺省路由。
[~DeviceE-bgp] ipv4-family unicast
[*DeviceE-bgp-af-ipv4] peer 10.20.2.2 default-route-advertise
[*DeviceE-bgp-af-ipv4] commit
# 配置DeviceF发布缺省路由。
[~DeviceF-bgp] ipv4-family unicast
[*DeviceF-bgp-af-ipv4] peer 10.20.3.2 default-route-advertise
[*DeviceF-bgp-af-ipv4] commit
# 查看DeviceB路由表信息。
[~DeviceB] display bgp routing-table
BGP Local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete RPKI validation codes: V - valid, I - invalid, N - not-found
Total Number of Routes: 7
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 0.0.0.0 10.20.2.1 0 100 0 300i
* i 10.20.3.1 0 100 0 400i
*>i 10.1.1.0/24 10.20.2.1 0 100 0 300i
*>i 10.2.1.0/24 10.20.3.1 0 100 0 400i
*> 10.20.1.0 0.0.0.0 0 0 i
*>i 10.20.2.0 3.3.3.3 0 100 0 i
*>i 10.20.3.0 4.4.4.4 0 100 0 i
从路由表中可以看到,DeviceB接收到AS300和AS400的缺省路由以及所有明细路由。
- 配置入口策略
# 在DeviceC上配置名称为default的IP前缀列表,只允许缺省路由。
[~DeviceC] ip ip-prefix default permit 0.0.0.0 0
[*DeviceC] commit
[*DeviceC] bgp 200
[*DeviceC-bgp] peer 10.20.2.1 ip-prefix default import
[*DeviceC-bgp] commit
# 在DeviceD上配置名称为set-default-low的Route-policy,允许接收缺省路由和所有明细路由,并对接收的缺省路由设置Local_Pref值。
[~DeviceD] ip as-path-filter 10 permit ^(400_)+$
[*DeviceD] ip as-path-filter 10 permit ^(400_)+_[0-9]+$
[*DeviceD] ip ip-prefix default permit 0.0.0.0 0
[*DeviceD] route-policy set-default-low permit node 10
[*DeviceD-route-policy] if-match ip-prefix default
[*DeviceD-route-policy] apply local-preference 80
[*DeviceD-route-policy] quit
[*DeviceD] route-policy set-default-low permit node 20
[*DeviceD-route-policy] quit
[*DeviceD] commit
[~DeviceD] bgp 200
[*DeviceD-bgp] peer 10.20.3.1 as-path-filter 10 import
[*DeviceD-bgp] peer 10.20.3.1 route-policy set-default-low import
[*DeviceD-bgp] commit
# 查看DeviceB路由表信息。
[~DeviceB] display bgp routing-table
BGP Local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped, x - best external, a - add path,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete RPKI validation codes: V - valid, I - invalid, N - not-found
Total Number of Routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 0.0.0.0 10.20.2.1 0 100 0 300i
* i 10.20.3.1 0 80 0 400i
*>i 10.2.1.0/24 10.20.3.1 0 100 0 400i
*> 10.20.1.0 0.0.0.0 0 0 i
*>i 10.20.2.0 3.3.3.3 0 100 0 i
*>i 10.20.3.0 4.4.4.4 0 100 0 i
从路由表中可以看到,DeviceB将接收到AS300的缺省路由和AS400的缺省路由以及所有明细路由,并将接收到AS400的缺省路由的Local_Pref值设置为80。
配置文件
DeviceA的配置文件
#
sysname DeviceA
#
interface GigabitEthernet0/1/0
undo shutdown
ip address 10.20.1.1 255.255.255.0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
bgp 100
peer 10.20.1.2 as-number 200
#
ipv4-family unicast
peer 10.20.1.2 enable
#
return
DeviceB的配置文件
#
sysname DeviceB
#
interface GigabitEthernet0/1/0
undo shutdown
ip address 10.20.1.2 255.255.255.0
#
interface GigabitEthernet0/2/0
undo shutdown
ip address 10.0.1.1 255.255.255.0
#
interface GigabitEthernet0/3/0
undo shutdown
ip address 10.0.3.2 255.255.255.0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
bgp 200
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
peer 10.20.1.1 as-number 100
#
ipv4-family unicast
network 10.20.1.0 255.255.255.0
peer 3.3.3.3 enable
peer 4.4.4.4 enable
peer 10.20.1.1 enable
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.0.1.0 0.0.0.255
network 10.0.3.0 0.0.0.255
#
return
DeviceC的配置文件
#
sysname DeviceC
#
interface GigabitEthernet0/1/0
undo shutdown
ip address 10.20.2.2 255.255.255.0
#
interface GigabitEthernet0/2/0
undo shutdown
ip address 10.0.1.2 255.255.255.0
#
interface GigabitEthernet0/3/0
undo shutdown
ip address 10.0.2.1 255.255.255.0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
bgp 200
peer 2.2.2.2 as-number 200
peer 2.2.2.2 connect-interface LoopBack0
peer 10.20.2.1 as-number 300
#
ipv4-family unicast
network 10.20.2.0 255.255.255.0
peer 2.2.2.2 enable
peer 10.20.2.1 enable
peer 10.20.2.1 ip-prefix default import
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.0.1.0 0.0.0.255
network 10.0.2.0 0.0.0.255
#
ip ip-prefix default index 10 permit 0.0.0.0 0
#
return
DeviceD的配置文件
#
sysname DeviceD
#
interface GigabitEthernet0/1/0
undo shutdown
ip address 10.20.3.2 255.255.255.0
#
interface GigabitEthernet0/2/0
undo shutdown
ip address 10.0.2.2 255.255.255.0
#
interface GigabitEthernet0/3/0
undo shutdown
ip address 10.0.3.1 255.255.255.0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
bgp 200
peer 2.2.2.2 as-number 200
peer 2.2.2.2 connect-interface LoopBack0
peer 10.20.3.1 as-number 400
#
ipv4-family unicast
network 10.20.3.0 255.255.255.0
peer 2.2.2.2 enable
peer 10.20.3.1 enable
peer 10.20.3.1 as-path-filter 10 import
peer 10.20.3.1 route-policy set-default-low import
#
ospf 1
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 10.0.2.0 0.0.0.255
network 10.0.3.0 0.0.0.255
#
route-policy set-default-low permit node 10
if-match ip-prefix default
apply local-preference 80
#
route-policy set-default-low permit node 20
#
ip ip-prefix default index 10 permit 0.0.0.0 0
#
ip as-path-filter 10 permit ^(400_)+$
ip as-path-filter 10 permit ^(400_)+_[0-9]+$
#
return
DeviceE的配置文件
#
sysname DeviceE
#
interface GigabitEthernet0/1/0
undo shutdown
ip address 10.20.2.1 255.255.255.0
#
interface GigabitEthernet0/2/0
undo shutdown
ip address 10.21.7.1.1 255.255.255.0
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
#
bgp 300
peer 10.20.2.2 as-number 200
#
ipv4-family unicast
network 10.1.1.0 255.255.255.0
peer 10.20.2.2 enable
peer 10.20.2.2 default-route-advertise
#
return
DeviceF的配置文件
#
sysname DeviceF
#
interface GigabitEthernet0/1/0
undo shutdown
ip address 10.20.3.1 255.255.255.0
#
interface GigabitEthernet0/2/0
undo shutdown
ip address 10.22.8.1.1 255.255.255.0
#
interface LoopBack0
ip address 6.6.6.6 255.255.255.255
#
bgp 400
peer 10.20.3.2 as-number 200
#
ipv4-family unicast
network 10.2.1.0 255.255.255.0
peer 10.20.3.2 enable
peer 10.20.3.2 default-route-advertise
#
return
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
