实验要求:
我的拓扑图:
ip具体规划参照拓扑图
1、启动ospf协议
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[R5]ospf 1 router-id 5.5.5.5
[R5-ospf-1]area 0
[R5-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[R6]ospf 1 router-id 6.6.6.6
[R6-ospf-1]area 0
[R6-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[R7]ospf 1 router-id 7.7.7.7
[R7-ospf-1]area 0
[R7-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
2、启动bgp协议建邻
[R1]bgp 1
[R1-bgp]router-id 1.1.1.1
[R1-bgp]peer 12.1.1.2 as-number 2 //直连建邻
[R2]bgp 64512
[R2-bgp]router-id 2.2.2.2
[R2-bgp]confederation id 2 //声明本地大AS号
[R2-bgp]confederation peer-as 64513 //声明对端小AS号
[R2-bgp]peer 12.1.1.1 as-number 1 //直连建邻
[R2-bgp]peer 172.16.3.1 as-number 64512 //环回建邻
[R2-bgp]peer 172.16.3.1 connect-interface LoopBack 0
[R2-bgp]peer 172.16.5.1 as-number 64513
[R2-bgp]peer 172.16.5.1 connect-interface LoopBack 0
[R2-bgp]peer 172.16.5.1 ebgp-max-hop 2 //修改TTL值为2
[R3]bgp 64512
[R3-bgp]router-id 3.3.3.3
[R3-bgp]confederation id 2
[R3-bgp]peer 172.16.2.1 as-number 64512
[R3-bgp]peer 172.16.2.1 connect-interface LoopBack 0
[R3-bgp]peer 172.16.4.1 as-number 64512
[R3-bgp]peer 172.16.4.1 connect-interface LoopBack 0
[R4]bgp 64512
[R4-bgp]router-id 4.4.4.4
[R4-bgp]confederation id 2
[R4-bgp]confederation peer-as 64513
[R4-bgp]peer 172.16.3.1 as-number 64512
[R4-bgp]peer 172.16.3.1 connect-interface LoopBack 0
[R4-bgp]peer 172.16.7.1 as-number 64513
[R4-bgp]peer 172.16.7.1 connect-interface LoopBack 0
[R4-bgp]peer 172.16.7.1 ebgp-max-hop 2
[R5]bgp 64513
[R5-bgp]router-id 5.5.5.5
[R5-bgp]confederation id 2
[R5-bgp]confederation peer-as 64512
[R5-bgp]peer 172.16.2.1 as-number 64512
[R5-bgp]peer 172.16.2.1 connect-interface LoopBack 0
[R5-bgp]peer 172.16.2.1 ebgp-max-hop 2
[R5-bgp]peer 172.16.6.1 as-number 64513
[R5-bgp]peer 172.16.6.1 connect-interface LoopBack 0
[R6]bgp 64513
[R6-bgp]router-id 6.6.6.6
[R6-bgp]confederation id 2
[R6-bgp]peer 172.16.5.1 as-number 64513
[R6-bgp]peer 172.16.5.1 connect-interface LoopBack 0
[R6-bgp]peer 172.16.7.1 as-number 64513
[R6-bgp]peer 172.16.7.1 connect-interface LoopBack 0
[R7]bgp 64513
[R7-bgp]router-id 7.7.7.7
[R7-bgp]confederation id 2
[R7-bgp]confederation peer-as 64512
[R7-bgp]peer 172.16.4.1 as-number 64512
[R7-bgp]peer 172.16.4.1 connect-interface LoopBack 0
[R7-bgp]peer 172.16.4.1 ebgp-max-hop 2
[R7-bgp]peer 172.16.6.1 as-number 64513
[R7-bgp]peer 172.16.6.1 connect-interface LoopBack 0
[R7-bgp]peer 78.1.1.8 as-number 3
[R8]bgp 3
[R8-bgp]router-id 8.8.8.8
[R8-bgp]peer 78.1.1.7 as-number 2
3、进行bgp宣告,使所有环回可以相互访问
[R1]bgp 1
[R1-bgp]network 10.1.1.0 24
R3和R5虽然收到了路由,但因为AS-BY-AS的规则,导致通过在一个as内部传递时,属性不变,导致下一跳不可达,路径不优;所以在EBGP邻居关系间传递路由时,我们将下一跳修改为本地。
[R2]bgp 64512
[R2-bgp]peer 172.16.3.1 next-hop-local
[R2-bgp]peer 172.16.5.1 next-hop-local
R3的虽然变优,但因为IBGP的水平分割,R4不会收到路由,我们需要将R3设置为RR,利用反射器使R4可以学到R3的路由。
[R3]bgp 64512
[R3-bgp]peer 172.16.2.1 reflect-client //设置R2为客户端
[R6]bgp 64513
[R6-bgp]peer 172.16.7.1 reflect-client //同理,将R6设置为RR,R7为客户端
最后查看R8, 成功学到优的路由
[R8]bgp 3
[R8-bgp]network 10.1.2.0 24 //宣告R8的环回
同理,在R7上修改到R4和到R6的下一跳为本地
[R7]bgp 64513
[R7-bgp]peer 172.16.4.1 next-hop-local
[R7-bgp]peer 172.16.6.1 next-hop-local
所有环回要相互访问,所以还要宣告AS2内的环回
因为R2学到的环回掩码都是32位的,直接宣告会造成逻辑悖论,为避免逻辑悖论,我们利用BGP的宣告规则来宣告。
//先写汇总空接口,使汇总路由加表
[R2]ip route-static 172.16.0.0 21 NULL 0
[R2]bgp 64512
[R2-bgp]network 172.16.0.0 21 //宣告汇总加表路由
[R7]ip route-static 172.16.0.0 21 NULL 0
[R7]bgp 64513
[R7-bgp]network 172.16.0.0 21
4、因为R1和R8的环回1不能宣告,所以我们使用VPN技术,使R1和R8的环回1可以相互访问
[R1]interface Tunnel 0/0/0
[R1-Tunnel0/0/0]ip address 10.1.3.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre
[R1-Tunnel0/0/0]source 10.1.1.1
[R1-Tunnel0/0/0]destination 10.1.2.1
[R1]ip route-static 192.168.2.0 24 10.1.3.2
[R8]interface Tunnel 0/0/0
[R8-Tunnel0/0/0]ip address 10.1.3.2 24
[R8-Tunnel0/0/0]tunnel-protocol gre
[R8-Tunnel0/0/0]source 10.1.2.1
[R8-Tunnel0/0/0]destination 10.1.1.1
[R8]ip route-static 192.168.1.0 24 10.1.3.1