一、分析要求
1、R1与R8各有两个环回,且其中一个不宣告
2、AS2 合理划分并分配IP 172.16.0.0/16,每个设备都有一个环回
3、R1与R2、R7与R8间链路自行定义
4、使用IGP协议让内网互通,BGP协议让整个网络设备的环回互通,没被宣告的两个环回用Tunnel隧道
5、汇总和空接口
二、实施过程
1. 划分IP
因为图中是单区域,所以直接按照用户网段划分,详细见下图
2. 配置IP及环回
[R1]int g 0/0/0
[R1-GigabitEthernet0/0/0]ip add 12.0.0.1 24
[R1-GigabitEthernet0/0/0]int l 0
[R1-LoopBack0]ip add 192.168.1.1 24
[R1-LoopBack0]int l 1
[R1-LoopBack1]ip add 10.0.0.1 24
[R2]int g 0/0/0
[R2-GigabitEthernet0/0/0]ip add 12.0.0.2 24
[R2-GigabitEthernet0/0/0]int g 0/0/1
[R2-GigabitEthernet0/0/1]ip add 172.16.1.1 29
[R2-GigabitEthernet0/0/1]int g 0/0/2
[R2-GigabitEthernet0/0/2]ip add 172.16.1.9 29
[R2-GigabitEthernet0/0/2]int l 0
[R2-LoopBack0]ip add 172.16.2.1 24
[R3]int g 0/0/0
[R3-GigabitEthernet0/0/0]ip add 172.16.1.2 29
[R3-GigabitEthernet0/0/0]int g 0/0/01
[R3-GigabitEthernet0/0/1]ip add 172.16.1.17 29
[R3-GigabitEthernet0/0/1]int l 0
[R3-LoopBack0]ip add 172.16.3.1 24
[R4]int g 0/0/0
[R4-GigabitEthernet0/0/0]ip add 172.16.1.18 29
[R4-GigabitEthernet0/0/0]int g 0/0/1
[R4-GigabitEthernet0/0/1]ip add 172.16.1.33 29
[R4-GigabitEthernet0/0/1]int l 0
[R4-LoopBack0]ip add 172.16.4.1 24
[R5]int g 0/0/0
[R5-GigabitEthernet0/0/0]ip add 172.16.1.10 29
[R5-GigabitEthernet0/0/0]int g 0/0/1
[R5-GigabitEthernet0/0/1]ip add 172.16.1.25 29
[R5-GigabitEthernet0/0/1]int l 0
[R5-LoopBack0]ip add 172.16.5.1 24
[R6]int g 0/0/0
[R6-GigabitEthernet0/0/0]ip add 172.16.1.26 29
[R6-GigabitEthernet0/0/0]int g 0/0/1
[R6-GigabitEthernet0/0/1]ip add 172.16.1.41 29
[R6-GigabitEthernet0/0/1]int l 0
[R6-LoopBack0]ip add 172.16.6.1 24
[R7]int g 0/0/0
[R7-GigabitEthernet0/0/0]ip add 172.16.1.42 29
[R7-GigabitEthernet0/0/0]int g 0/0/1
[R7-GigabitEthernet0/0/1]ip add 172.16.1.34 29
[R7-GigabitEthernet0/0/1]int g 0/0/2
[R7-GigabitEthernet0/0/2]ip add 78.0.0.1 24
[R7-GigabitEthernet0/0/2]int l 0
[R7-LoopBack0]ip add 172.16.7.1 24
[R8]int g 0/0/0
[R8-GigabitEthernet0/0/0]ip add 78.0.0.2 24
[R8-GigabitEthernet0/0/0]int l 0
[R8-LoopBack0]ip add 192.168.2.1 24
[R8-LoopBack0]int l 1
[R8-LoopBack1]ip add 11.0.0.1 24
3. AS2中设备启用OSPF协议
- 采用精准宣告
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]a 0
[R2-ospf-1-area-0.0.0.0]network 172.16.2.1 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 172.16.1.1 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 172.16.1.9 0.0.0.0
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]a 0
[R3-ospf-1-area-0.0.0.0]network 172.16.3.1 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 172.16.1.2 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 172.16.1.17 0.0.0.0
[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]a 0
[R4-ospf-1-area-0.0.0.0]network 172.16.4.1 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 172.16.1.18 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 172.16.1.33 0.0.0.0
[R5]ospf 1 router-id 5.5.5.5
[R5-ospf-1]a 0
[R5-ospf-1-area-0.0.0.0]network 172.16.5.1 0.0.0.0
[R5-ospf-1-area-0.0.0.0]network 172.16.1.10 0.0.0.0
[R5-ospf-1-area-0.0.0.0]network 172.16.1.25 0.0.0.0
[R6]ospf 1 router-id 6.6.6.6
[R6-ospf-1]a 0
[R6-ospf-1-area-0.0.0.0]network 172.16.6.1 0.0.0.0
[R6-ospf-1-area-0.0.0.0]network 172.16.1.26 0.0.0.0
[R6-ospf-1-area-0.0.0.0]network 172.16.1.41 0.0.0.0
[R7]ospf 1 router-id 7.7.7.7
[R7-ospf-1]a 0
[R7-ospf-1-area-0.0.0.0]network 172.16.7.1 0.0.0.0
[R7-ospf-1-area-0.0.0.0]network 172.16.1.42 0.0.0.0
[R7-ospf-1-area-0.0.0.0]network 172.16.1.34 0.0.0.0
- 查看路由表(例R2)
4. 启用BGP协议
- 注意AS内部建对等体使用联邦AS号
- 命令
[R1]bgp 1
[R1-bgp]router-id 1.1.1.1
[R1-bgp]peer 12.0.0.2 as-number 2
[R2]bgp 64512
[R2-bgp]router-id 2.2.2.2
[R2-bgp]confederation id 2
[R2-bgp]peer 12.0.0.1 as-number 1
[R2-bgp]peer 172.16.3.1 as-number 64512
[R2-bgp]peer 172.16.3.1 connect-interface LoopBack 0
[R2-bgp]confederation peer-as 64513
[R2-bgp]peer 172.16.5.1 as-number 64513
[R2-bgp]peer 172.16.5.1 connect-interface LoopBack 0
[R2-bgp]peer 172.16.5.1 ebgp-max-hop
[R3]bgp 64512
[R3-bgp]router-id 3.3.3.3
[R3-bgp]confederation id 2
[R3-bgp]peer 172.16.2.1 as-number 64512
[R3-bgp]peer 172.16.2.1 connect-interface LoopBack 0
[R3-bgp]peer 172.16.4.1 as-number 64512
[R3-bgp]peer 172.16.4.1 connect-interface LoopBack 0
[R4]bgp 64512
[R4-bgp]router-id 4.4.4.4
[R4-bgp]confederation id 2
[R4-bgp]peer 172.16.3.1 as-number 64512
[R4-bgp]peer 172.16.3.1 connect-interface LoopBack 0
[R4-bgp]confederation peer-as 64513
[R4-bgp]peer 172.16.7.1 as-number 64513
[R4-bgp]peer 172.16.7.1 connect-interface LoopBack 0
[R4-bgp]peer 172.16.7.1 ebgp-max-hop
[R5]bgp 64513
[R5-bgp]router-id 5.5.5.5
[R5-bgp]confederation id 2
[R5-bgp]confederation peer-as 64512
[R5-bgp]peer 172.16.2.1 as-number 64512
[R5-bgp]peer 172.16.2.1 connect-interface LoopBack 0
[R5-bgp]peer 172.16.2.1 ebgp-max-hop
[R5-bgp]peer 172.16.6.1 as-number 64513
[R5-bgp]peer 172.16.6.1 connect-interface LoopBack 0
[R6]bgp 64513
[R6-bgp]router-id 6.6.6.6
[R6-bgp]confederation id 2
[R6-bgp]peer 172.16.5.1 as-number 64513
[R6-bgp]peer 172.16.5.1 connect-interface LoopBack 0
[R6-bgp]peer 172.16.7.1 as-number 64513
[R6-bgp]peer 172.16.7.1 connect-interface LoopBack 0
[R7]bgp 64513
[R7-bgp]router-id 7.7.7.7
[R7-bgp]confederation id 2
[R7-bgp]peer 172.16.6.1 as-number 64513
[R7-bgp]peer 172.16.6.1 connect-interface LoopBack 0
[R7-bgp]confederation peer-as 64512
[R7-bgp]peer 172.16.4.1 as-number 64512
[R7-bgp]peer 172.16.4.1 connect-interface LoopBack 0
[R7-bgp]peer 172.16.4.1 ebgp-max-hop
[R7-bgp]peer 78.0.0.2 as-number 3
[R8]bgp 3
[R8-bgp]router-id 8.8.8.8
[R8-bgp]peer 78.0.0.1 as-number 2
- 查看对等体建立情况(例R2)
5. 发布路由并使环回互通
1)发布路由
- R1与R8的其中一个环回不发布
- AS2 内部由R2与R7利用发布空接口路由的方式,减少路由条目
- 命令
【添加空接口路由】
[R2]ip route-static 172.16.0.0 16 NULL 0
[R7]ip route-static 172.16.0.0 24 NULL 0
【发布路由】
[R1-bgp]network 10.0.0.1 24
[R2-bgp]network 172.16.0.0 16
[R7-bgp]network 172.16.0.0 16
[R8-bgp]network 11.0.0.1 24
2)修改下一跳
-
因为AS-BY-AS规则,IBGP对等体传递路由时,属性不发生变化,因此图中R3中的BGP表显示10.0.0.0/24不可达,且R8环回因为下一跳的关系,R4并不会传给R3,需要修改下一跳
-
命令
[R2-bgp]peer 172.16.3.1 next-hop-local
[R2-bgp]peer 172.16.5.1 next-hop-local
[R7-bgp]peer 172.16.4.1 next-hop-local
[R7-bgp]peer 172.16.6.1 next-hop-local
- 修改后R3的BGP表
3)配置路由反射器 - 由于
IBGP水平分割
,设备从一个IBGP对等体处学来一条BGP路由,则他将不能在传递给其他IBGP对等体,所以图中R4与R7不会有10.0.0.0/24路由,反之,R2与R5不会有11.0.0.0/24路由
- 将R3设为RR,R2作为客户;R6作为RR,R5作为客户
[R3-bgp]peer 172.16.2.1 reflect-client
[R6-bgp]peer 172.16.5.1 reflect-client
6. 建立Tunnel隧道
- 使R1的192.168.1.0网段与R8的192.168.2.0网段互通
- 命令
[R1]int t 0/0/0
[R1-Tunnel0/0/0]ip add 18.0.0.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre
[R1-Tunnel0/0/0]source 10.0.0.1
[R1-Tunnel0/0/0]destination 11.0.0.1
[R8]int t 0/0/0
[R8-Tunnel0/0/0]ip add 18.0.0.2 24
[R8-Tunnel0/0/0]tunnel-protocol gre
[R8-Tunnel0/0/0]source 11.0.0.1
[R8-Tunnel0/0/0]destination 10.0.0.1
【路由】
[R1]ip route-static 192.168.2.0 24 18.0.0.2
[R8]ip route-static 192.168.1.0 24 18.0.0.1
- 测试