要求
1、AS2的 ip 地址为172.16.0.0/16;
AS2中毎台设备存在两个环回接口,一个为专门建立邻居关系的32位;一个为代表用户网段的24位;2、AS2中R3/4/6不得运行 BGP 协议
3、R1到AS2中R2/3/4用户网段基于R5访问
R5/6/7 R2
4、保留备份路由
5、R1/8的环回均可访问内部AS2中所有用户网段环回
拓扑图
配置指令
AR1
interface GigabitEthernet0/0/0
ip address 12.1.1.1 255.255.255.0
interface GigabitEthernet0/0/1
ip address 21.1.1.1 255.255.255.0
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
interface LoopBack1
ip address 10.1.1.1 255.255.255.0
bgp 1
peer 172.16.0.2 as-number 2
peer 172.16.0.2 ebgp-max-hop 2
peer 172.16.0.2 connect-interface LoopBack0
peer 172.16.0.5 as-number 2
peer 172.16.0.5 ebgp-max-hop 2
peer 172.16.0.5 connect-interface LoopBack0
network 10.1.1.0 255.255.255.0
peer 172.16.0.2 enable
peer 172.16.0.5 enable
ip route-static 172.16.0.2 255.255.255.255 12.1.1.2
ip route-static 172.16.0.5 255.255.255.255 21.1.1.2
AR2
interface GigabitEthernet0/0/0
ip address 12.1.1.2 255.255.255.0
interface GigabitEthernet0/0/1
ip address 172.16.1.1 255.255.255.252
interface GigabitEthernet0/0/2
ip address 172.16.1.9 255.255.255.252
interface LoopBack0
ip address 172.16.0.2 255.255.255.255
interface LoopBack1
ip address 172.16.2.1 255.255.255.0
ospf network-type broadcast
bgp 2
peer 1.1.1.1 as-number 1
peer 1.1.1.1 ebgp-max-hop 2
peer 1.1.1.1 connect-interface LoopBack0
peer 172.16.0.5 as-number 2
peer 172.16.0.5 connect-interface LoopBack0
peer 172.16.0.7 as-number 2
peer 172.16.0.7 connect-interface LoopBack0
ipv4-family unicast
aggregate 172.16.0.0 255.255.255.0 detail-suppressed
aggregate 172.16.1.0 255.255.255.0 detail-suppressed
import-route ospf 1
peer 1.1.1.1 enable
peer 1.1.1.1 route-policy s export
peer 172.16.0.5 enable
peer 172.16.0.5 next-hop-local
peer 172.16.0.7 enable
peer 172.16.0.7 next-hop-local
ospf 1
area 0.0.0.0
network 172.16.0.0 0.0.255.255
route-policy s deny node 10
if-match ip-prefix 1
route-policy s deny node 20
if-match ip-prefix 2
route-policy s deny node 30
if-match ip-prefix a
route-policy s deny node 40
if-match ip-prefix b
route-policy s deny node 50
if-match ip-prefix c
apply cost 60
route-policy s permit node 60
ip ip-prefix 1 index 10 permit 172.16.1.0 24
ip ip-prefix 2 index 10 permit 172.16.0.0 24
ip ip-prefix a index 10 permit 172.16.2.0 24
ip ip-prefix b index 10 permit 172.16.3.0 24
ip ip-prefix c index 10 permit 172.16.4.0 24
ip route-static 1.1.1.1 255.255.255.255 12.1.1.1
AR3
mpls lsr-id 172.16.0.3
mpls
mpls ldp
interface GigabitEthernet0/0/0
ip address 172.16.1.2 255.255.255.252
mpls
mpls ldp
interface GigabitEthernet0/0/1
ip address 172.16.1.5 255.255.255.252
mpls
mpls ldp
interface GigabitEthernet0/0/2
ip address 172.16.1.13 255.255.255.252
mpls
mpls ldp
interface LoopBack0
ip address 172.16.0.3 255.255.255.255
interface LoopBack1
ip address 172.16.3.1 255.255.255.0
ospf network-type broadcast
ospf 1
area 0.0.0.0
network 172.16.0.0 0.0.255.255
route recursive-lookup tunnel
AR4
mpls lsr-id 172.16.0.4
mpls
mpls ldp
interface GigabitEthernet0/0/0
ip address 172.16.1.6 255.255.255.252
mpls
mpls ldp
interface GigabitEthernet0/0/1
ip address 172.16.1.17 255.255.255.252
mpls
mpls ldp
interface LoopBack0
ip address 172.16.0.4 255.255.255.255
interface LoopBack1
ip address 172.16.4.1 255.255.255.0
ospf network-type broadcast
ospf 1
area 0.0.0.0
network 172.16.0.0 0.0.255.255
route recursive-lookup tunnel
AR5
interface GigabitEthernet0/0/0
ip address 172.16.1.10 255.255.255.252
interface GigabitEthernet0/0/1
ip address 172.16.1.21 255.255.255.252
interface GigabitEthernet0/0/2
ip address 21.1.1.2 255.255.255.0
interface LoopBack0
ip address 172.16.0.5 255.255.255.255
interface LoopBack1
ip address 172.16.5.1 255.255.255.0
ospf network-type broadcast
bgp 2
peer 1.1.1.1 as-number 1
peer 1.1.1.1 ebgp-max-hop 2
peer 1.1.1.1 connect-interface LoopBack0
peer 172.16.0.2 as-number 2
peer 172.16.0.2 connect-interface LoopBack0
peer 172.16.0.7 as-number 2
peer 172.16.0.7 connect-interface LoopBack0
aggregate 172.16.0.0 255.255.255.0 detail-suppressed
aggregate 172.16.1.0 255.255.255.0 detail-suppressed
peer 1.1.1.1 enable
peer 1.1.1.1 route-policy a export
peer 172.16.0.2 enable
peer 172.16.0.2 next-hop-local
peer 172.16.0.7 enable
peer 172.16.0.7 next-hop-local
ospf 1
area 0.0.0.0
network 172.16.0.0 0.0.255.255
route-policy a deny node 5
if-match ip-prefix a
route-policy a deny node 10
if-match ip-prefix 1
route-policy a deny node 15
if-match ip-prefix b
route-policy a deny node 20
if-match ip-prefix 2
route-policy a deny node 25
if-match ip-prefix c
route-policy a permit node 30
ip ip-prefix 1 index 10 permit 172.16.1.0 24
ip ip-prefix 2 index 10 permit 172.16.0.0 24
ip ip-prefix a index 10 permit 172.16.5.0 24
ip ip-prefix b index 10 permit 172.16.6.0 24
ip ip-prefix c index 10 permit 172.16.7.0 24
ip route-static 1.1.1.1 255.255.255.255 21.1.1.1
AR6
mpls lsr-id 172.16.0.6
mpls
mpls ldp
interface GigabitEthernet0/0/0
ip address 172.16.1.22 255.255.255.252
mpls
mpls ldp
interface GigabitEthernet0/0/1
ip address 172.16.1.25 255.255.255.252
mpls
mpls ldp
interface GigabitEthernet0/0/2
ip address 172.16.1.14 255.255.255.252
mpls
mpls ldp
interface LoopBack0
ip address 172.16.0.6 255.255.255.255
interface LoopBack1
ip address 172.16.6.1 255.255.255.0
ospf network-type broadcast
ospf 1
area 0.0.0.0
network 172.16.0.0 0.0.255.255
route recursive-lookup tunnel
AR7
interface GigabitEthernet0/0/0
ip address 172.16.1.26 255.255.255.252
interface GigabitEthernet0/0/1
ip address 172.16.1.18 255.255.255.252
interface GigabitEthernet0/0/2
ip address 78.1.1.1 255.255.255.0
interface LoopBack0
ip address 172.16.0.7 255.255.255.255
interface LoopBack1
ip address 172.16.7.1 255.255.255.0
ospf network-type broadcast
bgp 2
peer 8.8.8.8 as-number 3
peer 8.8.8.8 ebgp-max-hop 2
peer 8.8.8.8 connect-interface LoopBack0
peer 172.16.0.2 as-number 2
peer 172.16.0.2 connect-interface LoopBack0
peer 172.16.0.5 as-number 2
peer 172.16.0.5 connect-interface LoopBack0
aggregate 172.16.0.0 255.255.255.0 detail-suppressed
aggregate 172.16.1.0 255.255.255.0 detail-suppressed
import-route ospf 1
peer 8.8.8.8 enable
peer 8.8.8.8 route-policy a export
peer 172.16.0.2 enable
peer 172.16.0.2 next-hop-local
peer 172.16.0.5 enable
peer 172.16.0.5 next-hop-local
ospf 1
area 0.0.0.0
network 172.16.0.0 0.0.255.255
route-policy a deny node 10
if-match ip-prefix 1
route-policy a deny node 20
if-match ip-prefix 2
route-policy a permit node 30
ip ip-prefix 1 index 10 permit 172.16.1.0 24
ip ip-prefix 2 index 10 permit 172.16.0.0 24
ip route-static 8.8.8.8 255.255.255.255 78.1.1.2
AR8
interface GigabitEthernet0/0/0
ip address 78.1.1.2 255.255.255.0
interface LoopBack0
ip address 8.8.8.8 255.255.255.255
interface LoopBack1
ip address 20.1.1.1 255.255.255.0
bgp 3
peer 172.16.0.7 as-number 2
peer 172.16.0.7 ebgp-max-hop 2
peer 172.16.0.7 connect-interface LoopBack0
network 20.1.1.0 255.255.255.0
peer 172.16.0.7 enable
ip route-static 172.16.0.7 255.255.255.255 78.1.1.1