使用华为eNSP组网试验⑹-组建基于BGP的网络

dawn

已于 2023-10-08 14:43:51 修改

阅读量823

点赞数

分类专栏：网络管理文章标签：华为 eNSP BGP

于 2023-10-08 12:47:57 首次发布

本文链接：https://blog.csdn.net/dawn0718/article/details/133673610

版权

网络管理专栏收录该内容

39 篇文章 22 订阅

订阅专栏

　　BGP(Border Gateway Protocol -- 边界网关协议)是一种在自治系统之间动态交换路由信息、具有丰富的路由控制机制、稳定而安全的路由协议，一般部署在骨干(主要、核心)路由器。

　　BGP适用于大中型网络的组建，在很多企业当中都有应用。

　　一般情况下，企业的网络当中不会只是简单地使用一种网络协议，都会混杂着启用很多的网络协议并且根据需求进行逻辑隔离，也可以在一种协议当中引用另外一种协议的部分网络资源。

　　BGP分为 EBGP（External/Exterior BGP）和 IBGP（Internal/Interior BGP），这是按照运行方式来划分的。EBGP运行于不同AS之间,IBGP运行于同一AS内部。
　　为了防止AS间所产生的环路，当BGP设备接收EBGP对等体发送的路由时，会将带有本地AS号的路由丢弃；而为了防止AS内部所产生的环路，BGP设备不将从IBGP对等体学到的路由通告给其他IBGP对等体，并与所有IBGP对等体建立全连接。为了解决IBGP对等体的连接数量太多的问题，BGP有路由反射器和 BGP 联盟。

　　比如，企业当中有办公网络、物联网、视频监控网络等，在这样的情况下为了节约网络硬件，办公、自动化、视频都在同一个网络设备上但进行了分割，办公网使用OSPF、自动化和视频使用BGP，三个网络分开互不影响，根据需要可以设定路由来完成特殊的应用。

　　BGP组网略微复杂一点，根据组建需求配置参数略微多，BGP需要学习的内容很多。

　　一、常用查询的命令

　　①display bgp routing-table

　　②refresh bgp all export

　　③display ip interface brief

　　④display bgp peer

　　⑤display ip routing-table protocol bgp

　　二、试验图

　　三、试验结果

　　四、配置

　　Router3配置：

 sysname Router3
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
 undo info-center enable
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 200.200.1.1 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 200.200.9.2 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 4.4.4.4 255.255.255.255 
#
bgp 100
 peer 200.200.1.2 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 4.4.4.4 255.255.255.255 
  network 192.168.1.0 
  network 200.200.1.0 255.255.255.252 
  network 200.200.9.0 
  network 200.200.9.0 255.255.255.252 
  import-route static
  peer 200.200.1.2 enable
#
ip route-static 192.168.0.0 255.255.0.0 200.200.9.1
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

　　Router1配置：

 sysname Router1
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
 undo info-center enable
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 200.200.2.5 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 200.200.1.2 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 2.2.2.2 255.255.255.255 
#
bgp 200
 peer 200.200.1.1 as-number 100 
 peer 200.200.2.6 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 200.200.2.5 255.255.255.255 
  peer 200.200.1.1 enable
  peer 200.200.2.6 enable
  peer 200.200.2.6 next-hop-local 
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

　　Router0配置：

 sysname Router0
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
 undo info-center enable
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 200.200.2.6 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 200.200.3.9 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255 
#
bgp 200
 peer 200.200.2.5 as-number 200 
 peer 200.200.3.10 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 200.200.2.4 255.255.255.252 
  network 200.200.3.8 255.255.255.252 
  peer 200.200.2.5 enable
  peer 200.200.2.5 reflect-client
  peer 200.200.3.10 enable
  peer 200.200.3.10 reflect-client
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

　　Router2配置：

 sysname Router2
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
 undo info-center enable
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 200.200.3.10 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 200.200.4.13 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255 
#
bgp 200
 peer 200.200.3.9 as-number 200 
 peer 200.200.4.14 as-number 300 
 #
 ipv4-family unicast
  undo synchronization
  network 3.3.3.3 255.255.255.255 
  network 200.200.3.8 255.255.255.252 
  network 200.200.4.12 255.255.255.252 
  peer 200.200.3.9 enable
  peer 200.200.3.9 next-hop-local 
  peer 200.200.4.14 enable
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

　　Router4配置：

 sysname Router4
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
 undo info-center enable
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 200.200.4.14 255.255.255.252 
#
interface GigabitEthernet0/0/1
 ip address 200.200.19.2 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
 ip address 5.5.5.5 255.255.255.255 
#
bgp 300
 peer 200.200.4.13 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 5.5.5.5 255.255.255.255 
  network 172.16.1.0 255.255.255.0 
  network 200.200.19.0 255.255.255.252 
  import-route static
  peer 200.200.4.13 enable
#
ip route-static 176.16.0.0 255.255.0.0 200.200.19.1
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return