使用华为eNSP组网试验⑹-组建基于BGP的网络

  BGP(Border Gateway Protocol -- 边界网关协议)是一种在自治系统之间动态交换路由信息、具有丰富的路由控制机制、稳定而安全的路由协议,一般部署在骨干(主要、核心)路由器。

  BGP适用于大中型网络的组建,在很多企业当中都有应用。

  一般情况下,企业的网络当中不会只是简单地使用一种网络协议,都会混杂着启用很多的网络协议并且根据需求进行逻辑隔离,也可以在一种协议当中引用另外一种协议的部分网络资源。

  BGP分为 EBGP(External/Exterior BGP)和 IBGP(Internal/Interior BGP),这是按照运行方式来划分的。EBGP运行于不同AS之间,IBGP运行于同一AS内部。
  为了防止AS间所产生的环路,当BGP设备接收EBGP对等体发送的路由时,会将带有本地AS号的路由丢弃;而为了防止AS内部所产生的环路,BGP设备不将从IBGP对等体学到的路由通告给其他IBGP对等体,并与所有IBGP对等体建立全连接。为了解决IBGP对等体的连接数量太多的问题,BGP有路由反射器和 BGP 联盟。

  比如,企业当中有办公网络、物联网、视频监控网络等,在这样的情况下为了节约网络硬件,办公、自动化、视频都在同一个网络设备上但进行了分割,办公网使用OSPF、自动化和视频使用BGP,三个网络分开互不影响,根据需要可以设定路由来完成特殊的应用。

  BGP组网略微复杂一点,根据组建需求配置参数略微多,BGP需要学习的内容很多。

  一、常用查询的命令

  ①display bgp routing-table 

  ②refresh bgp all export

  ③display ip interface brief

  ④display bgp peer

  ⑤display ip routing-table protocol bgp

  二、试验图

  三、试验结果

  四、配置

  Router3配置:

 sysname Router3
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
 undo info-center enable
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 200.200.1.1 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 200.200.9.2 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 4.4.4.4 255.255.255.255 
#
bgp 100
 peer 200.200.1.2 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 4.4.4.4 255.255.255.255 
  network 192.168.1.0 
  network 200.200.1.0 255.255.255.252 
  network 200.200.9.0 
  network 200.200.9.0 255.255.255.252 
  import-route static
  peer 200.200.1.2 enable
#
ip route-static 192.168.0.0 255.255.0.0 200.200.9.1
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

  Router1配置:

 sysname Router1
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
 undo info-center enable
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 200.200.2.5 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 200.200.1.2 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 2.2.2.2 255.255.255.255 
#
bgp 200
 peer 200.200.1.1 as-number 100 
 peer 200.200.2.6 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 200.200.2.5 255.255.255.255 
  peer 200.200.1.1 enable
  peer 200.200.2.6 enable
  peer 200.200.2.6 next-hop-local 
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

  Router0配置:

 sysname Router0
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
 undo info-center enable
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 200.200.2.6 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 200.200.3.9 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255 
#
bgp 200
 peer 200.200.2.5 as-number 200 
 peer 200.200.3.10 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 200.200.2.4 255.255.255.252 
  network 200.200.3.8 255.255.255.252 
  peer 200.200.2.5 enable
  peer 200.200.2.5 reflect-client
  peer 200.200.3.10 enable
  peer 200.200.3.10 reflect-client
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

  Router2配置:

 sysname Router2
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
 undo info-center enable
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 200.200.3.10 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 200.200.4.13 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255 
#
bgp 200
 peer 200.200.3.9 as-number 200 
 peer 200.200.4.14 as-number 300 
 #
 ipv4-family unicast
  undo synchronization
  network 3.3.3.3 255.255.255.255 
  network 200.200.3.8 255.255.255.252 
  network 200.200.4.12 255.255.255.252 
  peer 200.200.3.9 enable
  peer 200.200.3.9 next-hop-local 
  peer 200.200.4.14 enable
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

  Router4配置:

 sysname Router4
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
 undo info-center enable
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 200.200.4.14 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 200.200.19.2 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 5.5.5.5 255.255.255.255 
#
bgp 300
 peer 200.200.4.13 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 5.5.5.5 255.255.255.255 
  network 172.16.1.0 255.255.255.0 
  network 200.200.19.0 255.255.255.252 
  import-route static
  peer 200.200.4.13 enable
#
ip route-static 176.16.0.0 255.255.0.0 200.200.19.1
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值