HCIP课程总结(十五)
BGP综合实验
要求:
1、建立拓扑,分配ip
2、测试
AR11:
AR12:
AR13:
其他略;
3、启动IBGP协议
AR2:
[r2]ospf 1 router-id 2.2.2.2
[r2-ospf-1]area 0
[r2-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
AR3到AR9,AR11到AR13,类似,唯有router-id不同;(略)
查表:
路由表查询:
没有用户网段,可以通过如下命令达到目的:
[r2]interface LoopBack 0
[r2-LoopBack1]ospf network-type broadcast
注:AR2到AR9,AR11到AR13均需修改;
4、MPLS
查询邻居:
5、启动BGP
AR1:
[r1]bgp 1
[r1-bgp]peer 12.1.1.2 as-number 2
[r1-bgp]peer 16.1.1.2 as-number 2
AR2:
bgp 64512
router-id 2.2.2.2
confederation id 2
peer 12.1.1.1 as-number 1
peer 172.16.1.3 as-number 64512
peer 172.16.1.3 connect-interface LoopBack0
peer 172.16.1.6 as-number 64512
peer 172.16.1.6 connect-interface LoopBack0
AR3:
bgp 64512
router-id 3.3.3.3
confederation id 2
peer 172.16.1.2 as-number 64512
peer 172.16.1.2 connect-interface LoopBack0
peer 172.16.1.4 as-number 64512
peer 172.16.1.4 connect-interface LoopBack0
AR4:
bgp 64512
router-id 4.4.4.4
confederation id 2
confederation peer-as 64513
peer 172.16.1.3 as-number 64512
peer 172.16.1.3 connect-interface LoopBack0
peer 172.16.1.5 as-number 64513
peer 172.16.1.5 ebgp-max-hop 255
peer 172.16.1.5 connect-interface LoopBack0
AR5:
bgp 64513
router-id 5.5.5.5
confederation id 2
confederation peer-as 64512
peer 51.1.1.2 as-number 3
peer 172.16.1.4 as-number 64512
peer 172.16.1.4 ebgp-max-hop 255
peer 172.16.1.4 connect-interface LoopBack0
peer 172.16.1.9 as-number 64513
peer 172.16.1.9 connect-interface LoopBack0
AR6:
bgp 64512
router-id 6.6.6.6
confederation id 2
peer 172.16.1.2 as-number 64512
peer 172.16.1.2 connect-interface LoopBack0
peer 172.16.1.7 as-number 64512
peer 172.16.1.7 connect-interface LoopBack0
AR7:
bgp 64512
router-id 7.7.7.7
confederation id 2
peer 172.16.1.6 as-number 64512
peer 172.16.1.6 connect-interface LoopBack0
peer 172.16.1.8 as-number 64512
peer 172.16.1.8 connect-interface LoopBack0
AR8:
bgp 64512
router-id 8.8.8.8
confederation id 2
confederation peer-as 64513
peer 172.16.1.7 as-number 64512
peer 172.16.1.7 connect-interface LoopBack0
peer 172.16.1.9 as-number 64513
peer 172.16.1.9 ebgp-max-hop 255
peer 172.16.1.9 connect-interface LoopBack0
AR9:
bgp 64513
router-id 9.9.9.9
confederation id 2
confederation peer-as 64512
peer 91.1.1.1 as-number 3
peer 91.1.1.2 as-number 3
peer 172.16.1.5 as-number 64513
peer 172.16.1.5 connect-interface LoopBack0
peer 172.16.1.8 as-number 64512
peer 172.16.1.8 ebgp-max-hop 255
peer 172.16.1.8 connect-interface LoopBack0
AR10:
bgp 3
router-id 10.10.10.10
peer 51.1.1.1 as-number 2
peer 91.1.1.1 as-number 2
查表:
6、宣告
AR1:
[r1]bgp 1
[r1-bgp]network 1.1.1.0 24
查表:
可知AR3不优,修改下一跳即可:
AR2:
[r2]bgp 64512
[r2-bgp]peer 172.16.1.3 next-hop-local
[r2-bgp]peer 172.16.1.6 next-hop-local
再次查表:
成功
对于AR6,同样需修改下一跳,以便AR7优:
AR6:
[r6]bgp 64512
[r6-bgp]peer 172.16.1.2 next-hop-local
[r6-bgp]peer 172.16.1.7 next-hop-local
查表:
成功
查表AR4:
可知,由于ibgp间不能间接传递路由,可以做反射器解决:
AR3:
[r3]bgp 64512
[r3-bgp]peer 172.16.1.2 reflect-client
同理,需在AR7上调反射器:
AR7:
[r7]bgp 64512
[r7-bgp]peer 172.16.1.8 reflect-client
查表:
成功
再次查表:
AR5:
AR9:
宣告AR10:
AR10:
[r10]bgp 3
[r10-bgp]network 10.10.10.0 24
同理可知在AR4,AR8不优,修改下一跳即可:
AR5:
[r5]bgp 64513
[r5-bgp]peer 172.16.1.4 next-hop-local
[r5-bgp]peer 172.16.1.9 next-hop-local
AR9:
[r9]bgp 64513
[r9-bgp]peer 172.16.1.5 next-hop-local
[r9-bgp]peer 172.16.1.8 next-hop-local
查表:
在此过程中,3与7时反射器,只有一次传递机会,间隔ibgp不互相传递路由,所以AR2与AR6不互相传递10.10.10.0的路由;
如图:
为了备份,让2与6为反射器:
AR2:
[r2]bgp 64512
[r2-bgp]peer 172.16.1.6 reflect-client
AR6:
[r6]bgp 64512
[r6-bgp]peer 172.16.1.2 reflect-client
查表:
测试:
再次查表AR1:
可知未达到负载均衡;
汇总宣告:
——空接口路由宣告:
AR2:
[r2]ip route-static 172.16.0.0 255.255.0.0 NULL 0
[r2-bgp]network 172.16.0.0 16
查表:
AR6:
[r6]ip route-static 172.16.0.0 16 NULL 0
[r6]bgp 64512
[r6-bgp]network 172.16.0.0 16
查表:
此时便存在选路问题,可以将需要的优选路由宣告在优选EBGP上:
AR2:
[r2]bgp 64512
[r2-bgp]network 172.16.2.0 24
[r2-bgp]network 172.16.3.0 24
[r2-bgp]network 172.16.4.0 24
[r2-bgp]network 172.16.5.0 24
AR6:
r6]bgp 64512
[r6-bgp]network 172.16.6.0 24
[r6-bgp]network 172.16.7.0 24
[r6-bgp]network 172.16.8.0 24
[r6-bgp]network 172.16.9.0 24
查表:
可知与预想不符——由于2与6回互相传递路由,导致传递的路由的度量大于6传递给1时清洗过的相同路由的度量,反之6也一样;
注:可以通过换位宣告——即将宣告到2与宣告到6的路由交换宣告;
AR2:
[r2]bgp 64512
[r2-bgp]network 172.16.6.0 24
[r2-bgp]network 172.16.7.0 24
[r2-bgp]network 172.16.8.0 24
[r2-bgp]network 172.16.9.0 24
AR6:
[r6]BGP 64512
[r6-bgp]network 172.16.2.0 24
[r6-bgp]network 172.16.3.0 24
[r6-bgp]network 172.16.4.0 24
[r6-bgp]network 172.16.5.0 24
查表:
成功
继续宣告11,12,13:
AR2:
[r2]bgp 64512
[r2-bgp]network 172.16.11.0 24
[r2-bgp]network 172.16.12.0 24
[r2-bgp]network 172.16.13.0 24
AR6:
[r6]BGP 64512
[r6-bgp]network 172.16.11.0 24
[r6-bgp]network 172.16.12.0 24
[r6-bgp]network 172.16.13.0 24
查表:
测试AR1pingAR11、12、13(不通)——11、12、13没有路由:
AR2:
[r2]ospf 1
[r2-ospf-1]default-route-advertise always
AR6:
[r6]OSPF 1
[r6-ospf-1]default-route-advertise always
AR5:
[r5]ospf 1
[r5-ospf-1]default-route-advertise always
AR9:
[r9]ospf 1
[r9-ospf-1]default-route-advertise always
查表:
测试:
左边完成
右边查表:
可知全选AR5;
对策:
AR5:
[r5]bgp 64513
[r5-bgp]aggregate 172.16.0.0 255.255.0.0
[r5-bgp]aggregate 172.16.0.0 255.255.0.0 detail-suppressed
AR9:
[r9]bgp 64513
[r9-bgp]aggregate 172.16.0.0 255.255.0.0
[r9-bgp]aggregate 172.16.0.0 255.255.0.0 detail-suppressed (默认抑制)
如此,只会传递汇总给AR10;
查表:
运用前缀列表:
AR5:
[r5]ip ip-prefix aa deny 172.16.6.0 24(拒绝)
[r5]ip ip-prefix aa deny 172.16.7.0 24
[r5]ip ip-prefix aa deny 172.16.8.0 24
[r5]ip ip-prefix aa deny 172.16.9.0 24
[r5]ip ip-prefix aa permit 0.0.0.0 0 less-equal 32(允许所有)
[r5]bgp 64513
[r5-bgp]undo aggregate 172.16.0.0 255.255.0.0 detail-suppressed
[r5-bgp]aggregate 172.16.0.0 255.255.0.0
[r5-bgp]peer 51.1.1.2 ip-prefix aa export
AR9:
[r9]ip ip-prefix aa deny 172.16.2.0 24
[r9]ip ip-prefix aa deny 172.16.3.0 24
[r9]ip ip-prefix aa deny 172.16.4.0 24
[r9]ip ip-prefix aa deny 172.16.5.0 24
[r9]ip ip-prefix aa permit 0.0.0.0 0 less-equal 32
[r9]bgp 64513
[r9-bgp]undo aggregate 172.16.0.0 255.255.0.0 detail-suppressed
[r9-bgp]aggregate 172.16.0.0 255.255.0.0
[r9-bgp]peer 91.1.1.2 ip-prefix aa export
查表:
成功
7、负载均衡
AR1:
[r1]bgp 1
[r1-bgp]maximum load-balancing ebgp 2(最大负载路径数)
AR10:
[r10]bgp 3
[r10-bgp]maximum load-balancing ebgp 2
测试:
实验完成