要求
1,AS1存在两个环回,一个地址为192.168.1.0/24该地址不能在任何协议中宣告
AS3中存在两个环回,一个地址为192.168.2./24该地址不能在任何协议中宣告,最终要求这两个环回可以互相通讯
AS1的另一个环回为10.0.0.0/24,AS3的另一个环回为11.0.0.0/24
2,整个AS2的IP地址为172.16.0.0/16,请合理划分
3,AS间的骨干链路IP地址随意定制
4,使用BGP协议让整个网络所有设备的环回可以互相访问
5,减少路由条目数量,避免环路出现
地址划分
在实际工程中 /24 网段更适合,故本次划分多采用/24 网段 包括环回 ,172.16.0.0 /24 作为p2p 预留 172.16.1.0 /4 作为ma 环回使用 172.16.2.0 /24 之后的网段 可以划分2^8=128组
172.16.2.0 24·····172.16.7.0 24 为r2-r7的环回
r2-r7组成的ma在划分
172.16.1.0 29 R2-R3
172.16.1.8 29 R3-R4
172.16.1.16 29 R2-R5
172.16.1.24 29 R5-R6
172.16.1.32 29 R6-R7
172.16.1.40 29 R4-R7
1.IP配置,如图所示,此处省略
2.在as2中运行ospf协议
r2-r7
[r2]ospf 1 router-id 2.2.2.2
[r2-ospf-1]a 0
[r2-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.225.255
[r3]ospf 1 router-id 3.3.3.3
[r3-ospf-1]a 0
[r3-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r4]ospf 1 router-id 4.4.4.4
[r4-ospf-1]a 0
[r4-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r5]ospf 1 router-id 5.5.5.5
[r5-ospf-1]a 0
[r5-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r6]ospf 1 router-id 6.6.6.6
[r6-ospf-1]a 0
[r6-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r7]ospf 1 router-id 7.7.7.7
[r7-ospf-1]a 0
[r7-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
检查
3.运行BGP协议,建立对等体关系
r1
[r1]bgp 1
[r1-bgp]router-id 1.1.1.1
[r1-bgp]peer 12.0.0.2 as 2
r2
[r2]bgp 64512
[r2-bgp]router-id 2.2.2.2
[r2-bgp]confederation id 2
[r2-bgp]confederation peer-as 64513
[r2-bgp]peer 12.0.0.1 as 1
[r2-bgp]peer 172.16.3.1 as 64512
[r2-bgp]peer 172.16.3.1 connect-interface LoopBack 0
[r2-bgp]peer 172.16.5.1 as 64513
[r2-bgp]peer 172.16.5.1 connect-interface LoopBack 0
[r2-bgp]peer 172.16.5.1 ebgp-max-hop
r3
[r3]bgp 64512
[r3-bgp]router-id 3.3.3.3
[r3-bgp]confederation id 2
[r3-bgp]peer 172.16.2.1 as 64512
[r3-bgp]peer 172.16.2.1 connect-interface LoopBack 0
[r3-bgp]peer 172.16.4.1 as 64512
[r3-bgp]peer 172.16.4.1 connect-interface LoopBack 0
r4
[r4]bgp 64512
[r4-bgp]router-id 4.4.4.4
[r4-bgp]confederation id 2
[r4-bgp]confederation peer-as 64513
[r4-bgp]peer 172.16.3.1 as 64512
[r4-bgp]peer 172.16.3.1 connect-interface LoopBack 0
[r4-bgp]peer 172.16.7.1 as 64513
[r4-bgp]peer 172.16.7.1 connect-interface LoopBack 0
[r4-bgp]peer 172.16.7.1 ebgp-max-hop
r5
[r5]bgp 64513
[r5-bgp]router-id 5.5.5.5
[r5-bgp]confederation id 2
[r5-bgp]confederation peer-as 64512
[r5-bgp]peer 172.16.2.1 as 64512
[r5-bgp]peer 172.16.2.1 connect-interface LoopBack 0
[r5-bgp]peer 172.16.2.1 ebgp-max-hop
[r5-bgp]peer 172.16.6.1 as 64513
[r5-bgp]peer 172.16.6.1 connect-interface LoopBack 0
r6
[r6]bgp 64513
[r6-bgp]router-id 6.6.6.6
[r6-bgp]confederation id 2
[r6-bgp]peer 172.16.5.1 as 64513
[r6-bgp]peer 172.16.5.1 connect-interface LoopBack 0
[r6-bgp]peer 172.16.7.1 as 64513
[r6-bgp]peer 172.16.7.1 connect-interface LoopBack 0
r7
[r7]bgp 64513
[r7-bgp]router-id 7.7.7.7
[r7-bgp]confederation id 2
[r7-bgp]confederation peer-as 64512
[r7-bgp]peer 172.16.6.1 as 64513
[r7-bgp]peer 172.16.6.1 connect-interface LoopBack 0
[r7-bgp]peer 172.16.4.1 as 64512
[r7-bgp]peer 172.16.4.1 connect-interface LoopBack 0
[r7-bgp]peer 172.16.4.1 ebgp-max-hop
[r7-bgp]peer 78.0.0.2 as 3
r8
[r8]bgp 3
[r8-bgp]peer 78.0.0.1 as 2
[r8-bgp]router-id 8.8.8.8
检查
4.通告路由信息,配置路由反射器 ,解决水平分割导致的路由传递不到的问题
[r2-bgp]peer 172.16.3.1 next-hop-local 在给172.16.3.1传递路由信息是将下一跳属性改为本地
[r2-bgp]peer 172.16.5.1 next-hop-local 保证属性的一致,防止校验失败
[r7-bgp]peer 172.16.4.1 next-hop-local
[r7-bgp]peer 172.16.6.1 next-hop-local
[r1]
[r1]bgp 1
[r1-bgp]network 10.0.0.0 24
[r8]bgp 3
[r8-bgp]network 11.0.0.0 24
[r3]bgp 64512
[r3-bgp]peer 172.16.2.1 reflect-client
[r6-bgp]peer 172.16.7.1 reflect-client
5.减少路由条目,防环写空接口
[r2]ip route-static 172.16.0.0 21 NULL 0
[r2]bgp 64512
[r2-bgp]network 172.16.0.0 21
[r7]ip route-static 172.16.0.0 21 NULL 0
[r7]bgp 64513
[r7-bgp]network 172.16.0.0 21
检查
此时r8到r1的未宣告环回不可达
as 2 内部可达,只需要解决 r1 r8未宣告环回的通信问题即可
6.使用BGP协议让整个网络所有设备的环回可以互相访问
[r1]int t0/0/0
[r1-Tunnel0/0/0]ip a 100.0.0.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre
[r1-Tunnel0/0/0]source 10.0.0.1
[r1-Tunnel0/0/0]description 11.0.0.1
[r1-Tunnel0/0/0] q
[r1]ip route-static 192.168.2.0 24 100.0.0.2
[r8]int t0/0/0
[r8-Tunnel0/0/0]ip a 100.0.0.2 24
[r8-Tunnel0/0/0]tunnel-protocol gre
[r8-Tunnel0/0/0]source 11.0.0.1
[r8-Tunnel0/0/0]description 10.0.0.1
[r8-Tunnel0/0/0]q
[r8]ip route-static 192.16.1.0 24 100.0.0.1