BGP选路综合实验
899
2023-12-25
BGP选路综合实验
实验要求:
1.使用PreVal策略,确保R1通过R3到达192.168.10.0/24
2.使用AS_Path策略,确保R1通过R3到达192.168.11.0/24
3.配置MED策略,确保R1通过R3到达192.168.12.0/24
4.使用Local Preference策略,确保R4通过R2到达192.168.1.0/24
5.使用Local Preference策略,确保R4通过R3到达192.168.2.0/24
6.配置负载均衡,确保R4通过R2和R3到达192.168.3.0/24
7.使用As策略,AS 500 不接受任何始发于As 123 的路由
8.使用自定义Community策略,确保192.168.3.0/24路由不会被发布到As 500
IBGP使用环回接口建邻,EBGP使用物理接口建邻
修改As 123 中的用户网段为Broadcast,方便后续在BGP中宣告
BGP宣告路由时,仅宣告24网段的用户路由
实验配置:
R1:
#
interface GigabitEthernet0/0/0
ip address 10.0.12.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 10.0.13.1 255.255.255.0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
bgp 1
peer 10.0.12.2 as-number 234
peer 10.0.13.3 as-number 234
#
ipv4-family unicast
undo synchronization
import-route static
peer 10.0.12.2 enable
peer 10.0.12.2 route-policy as_path import ----->从R2引入的路由应用as_path策略
peer 10.0.12.2 route-policy comm export ----->向R2发布的路由应用comm策略
peer 10.0.12.2 advertise-community ----->向R2发布团体属性
peer 10.0.13.3 enable
peer 10.0.13.3 route-policy preval import ----->从R3引入的路由应用preval策略
peer 10.0.13.3 route-policy comm export ----->向R3发布的路由应用comm策略
peer 10.0.13.3 advertise-community ----->向R3发布团体属性
#
route-policy preval permit node 10
if-match ip-prefix 1 ----->匹配前缀列表1
apply preferred-value 10 ----->修改pre-value值为10
#
route-policy preval permit node 20 ----->只匹配需要的路由,并修改其路由信息,其他的路由信息不做改变,正常放通
#
route-policy as_path permit node 10
if-match ip-prefix 2 ----->匹配前缀列表2
apply as-path 234 additive ----->多添加as_path属性给该路由信息
#
route-policy as_path permit node 20 ----->只匹配需要的路由,并修改其路由信息,其他的路由信息不做改变,正常放通
#
route-policy comm permit node 10
if-match ip-prefix 3 ----->匹配前缀列表3
apply community 1:1 no-export ----->应用团体属性为1:1,且是no-export属性
#
route-policy comm permit node 20 ----->只匹配需要的路由,并修改其路由信息,其他的路由信息不做改变,正常放通
#
ip ip-prefix 1 index 10 permit 192.168.10.0 24
ip ip-prefix 2 index 10 permit 192.168.11.0 24
ip ip-prefix 3 index 10 permit 192.168.3.0 24
#
ip route-static 192.168.1.0 255.255.255.0 NULL0
ip route-static 192.168.2.0 255.255.255.0 NULL0
ip route-static 192.168.3.0 255.255.255.0 NULL0R2:
#
interface GigabitEthernet0/0/0
ip address 10.0.12.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 10.0.24.2 255.255.255.0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
bgp 234
peer 4.4.4.4 as-number 234
peer 4.4.4.4 connect-interface LoopBack0
peer 10.0.12.1 as-number 1
#
ipv4-family unicast
undo synchronization
network 172.16.112.0 255.255.255.0
peer 4.4.4.4 enable
peer 4.4.4.4 route-policy local_pre export ----->向R4发布的路由应用local_pre策略
peer 4.4.4.4 next-hop-local
peer 4.4.4.4 advertise-community
peer 10.0.12.1 enable
peer 10.0.12.1 route-policy med export ----->向R1发布的路由应用med策略
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.0.24.2 0.0.0.0
#
route-policy med permit node 10
if-match ip-prefix 1
apply cost 10 ---->修改med属性值为10 (越小越优)
#
route-policy med permit node 20
#
route-policy local_pre permit node 10
if-match ip-prefix 2
apply local-preference 200 ---->修改本地优先级值为200(越大越优)
#
route-policy local_pre permit node 20
if-match ip-prefix 3
apply local-preference 100 ---->修改本地优先级值为100(越大越优)
#
route-policy local_pre permit node 30
#
ip ip-prefix 1 index 10 permit 192.168.12.0 24
ip ip-prefix 2 index 10 permit 192.168.1.0 24
ip ip-prefix 3 index 10 permit 192.168.2.0 24
#
ip route-static 172.16.112.0 255.255.255.0 NULL0R3:
#
interface GigabitEthernet0/0/0
ip address 10.0.13.3 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 10.0.34.3 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
bgp 234
peer 4.4.4.4 as-number 234
peer 4.4.4.4 connect-interface LoopBack0
peer 10.0.13.1 as-number 1
#
ipv4-family unicast
undo synchronization
network 172.16.113.0 255.255.255.0
peer 4.4.4.4 enable
peer 4.4.4.4 route-policy local_pre export ----->向R4发布的路由应用local_pre策略
peer 4.4.4.4 next-hop-local
peer 4.4.4.4 advertise-community
peer 10.0.13.1 enable
peer 10.0.13.1 route-policy med export ----->向R1发布的路由应用med策略
#
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.0.34.3 0.0.0.0
#
route-policy med permit node 10
if-match ip-prefix 1
apply cost 5 ---->修改med属性值为10 (越小越优)
#
route-policy med permit node 20
#
route-policy local_pre permit node 10
if-match ip-prefix 2
apply local-preference 100 ---->修改本地优先级值为100(越大越优)
#
route-policy local_pre permit node 20
if-match ip-prefix 3
apply local-preference 200 ---->修改本地优先级值为200(越大越优)
#
route-policy local_pre permit node 30
#
route-policy test permit node 10
#
ip ip-prefix 1 index 10 permit 192.168.12.0 24
ip ip-prefix 2 index 10 permit 192.168.1.0 24
ip ip-prefix 3 index 10 permit 192.168.2.0 24
#
ip route-static 172.16.113.0 255.255.255.0 NULL0R4:
#
interface GigabitEthernet0/0/0
ip address 10.0.24.4 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 10.0.34.4 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 10.0.45.4 255.255.255.0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
bgp 234
peer 2.2.2.2 as-number 234
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 234
peer 3.3.3.3 connect-interface LoopBack0
peer 10.0.45.5 as-number 5
#
ipv4-family unicast
undo synchronization
maximum load-balancing 2 ----->在R4的bgp中应用负载均衡,将最大负载均衡数变成2(默认是1,即默认是bgp不允许负载均衡路由出现)
peer 2.2.2.2 enable
peer 2.2.2.2 next-hop-local
peer 3.3.3.3 enable
peer 3.3.3.3 next-hop-local
peer 10.0.45.5 enable
#
ospf 1 router-id 4.4.4.4
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 10.0.24.4 0.0.0.0
network 10.0.34.4 0.0.0.0 R5:
interface GigabitEthernet0/0/0
ip address 10.0.45.5 255.255.255.0
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
#
bgp 5
peer 10.0.45.4 as-number 234
#
ipv4-family unicast
undo synchronization
import-route static
peer 10.0.45.4 enable
peer 10.0.45.4 as-path-filter 1 import
#
ip as-path-filter 1 deny _234$ ----->采用as_path过滤工具,_234$代表匹配路由条目最右边的数字(即起源as234的路由),并deny拒绝掉该路由
ip as-path-filter 1 permit .* ----->在该AS路径过滤工具中,允许放通所有流量(as过滤默认拒绝所有流量)
注意:
拒绝的语句一定要写在允许的前面,代表只拒绝起源于as234的路由,但是放通其他所有的路由
#
ip route-static 192.168.10.0 255.255.255.0 NULL0
ip route-static 192.168.11.0 255.255.255.0 NULL0
ip route-static 192.168.12.0 255.255.255.0 NULL0实验现象:
- 63
- 0
-
分享