HCIP:BGP综合实验

实验拓扑

实验要求

1. AS1存在两个环回，一个地址为192.168.1.0/24该地址不能在任何协议中宣告，AS3中存在俩个环回，一个地址为192.168.2.0/24该地址不能在任何协议中宣告，最终要求这两个环回可以互相通讯
2. 整个AS2的IP地址为172.16.0.0/16，请合理划分
3. R1-R8环回用32掩码；R2-R7除了建邻环回，每一个设备再划分一个业务网段
4. AS间的骨干链路IP地址随意定制
5. 使用BGP协议让整个网络所有设备的环回可以互相访问

实验思路

1. 划分IP
2. 配置各个接口和环回口的IP，查看接口简表进行检测
3. 在AS2区域上配置ospf，宣告建邻环回和骨干IP
4. 开始BGP建邻，采用联盟和反射器的方式
5. BGP宣告网段
6. 确保全网通的情况下搭建隧道
7. 添加AS1和AS3的业务网段的静态路由

实验步骤

网段划分

1. 骨干链路采用30掩码：
   172.16.0.0/30
   172.16.0.4/30
   172.16.0.8/30
   172.16.0.12/30
   172.16.0.16/30
   172.16.0.20/30
2. 业务网段
   R2:172.16.2.0/24
   R3:172.16.3.0/24
   R4:172.16.4.0/24
   R5:172.16.5.0/24
   R6:172.16.6.0/24
   R7:172.16.7.0/24
3. 建邻环回
   172.16.12.2-7/32
4. 隧道
   172.16.13.0/24

配置接口IP地址与环回地址（依次类推）

[r1]int g 0/0/0
[r1-GigabitEthernet0/0/0]ip a 12.0.0.1 24
[r1-GigabitEthernet0/0/0]int lo0
[r1-LoopBack0]ip a 192.168.1.1 24

AS2配置OSPF

[r2]ospf 1 router-id 2.2.2.2
[r2-ospf-1]a 0
[r2-ospf-1-area-0.0.0.0]network 172.16.13.2 0.0.0.0

配置BGP，建立对等体

[r1]bgp 1
[r1-bgp]peer 12.1.1.2 as 2

[r2]bgp 64512
[r2-bgp]confederation id 2
[r2-bgp]confederation peer-as 64513
[r2-bgp]peer 12.1.1.1 as 1
[r2-bgp]peer 172.16.12.3 as 64512
[r2-bgp]peer 172.16.12.3 connect-interface LoopBack 0
[r2-bgp]peer 172.16.12.4 as 64512
[r2-bgp]peer 172.16.12.4 connect-interface LoopBack 0
[r2-bgp]peer 172.16.0.10 as 64513
[r2-bgp]peer 172.16.12.3 next-hop-local
[r2-bgp]peer 172.16.12.4 next-hop-local
[r2-bgp]peer 172.16.0.10 next-hop-local

[r3]bgp 64512
[r3-bgp]confederation id 2
[r3-bgp]peer 172.16.12.2 as 64512
[r3-bgp]peer 172.16.12.2 connect-interface LoopBack 0

[r4]bgp 64512
[r4-bgp]confederation id 2
[r4-bgp]peer 172.16.12.2 as 64512
[r4-bgp]peer 172.16.12.2 connect-interface LoopBack 0

[r5]bgp 64513
[r5-bgp]confederation id 2
[r2-bgp]confederation peer-as 64512
[r5-bgp]peer 172.16.12.6 as 64513
[r5-bgp]peer 172.16.12.6 connect-interface LoopBack 0
[r5-bgp]peer 172.16.12.7 as 64513
[r5-bgp]peer 172.16.12.7 connect-interface LoopBack 0
[r5-bgp]peer 172.16.0.9 as 64512
[r5-bgp]peer 172.16.12.6 next-hop-local
[r5-bgp]peer 172.16.12.7 next-hop-local
[r5-bgp]peer 172.16.0.9 next-hop-local

[r6]bgp 64513
[r6-bgp]confederation id 2
[r6-bgp]peer 172.16.12.5 as 64513
[r6-bgp]peer 172.16.12.5 connect-interface LoopBack 0

[r7]bgp 64513
[r7-bgp]confederation id 2
[r7-bgp]peer 34.1.1.8 as 3
[r7-bgp]peer 172.16.12.5 as 64513
[r7-bgp]peer 172.16.12.5 connect-interface LoopBack 0
[r7-bgp]peer 172.16.12.5 next-hop-local

[r8]bgp 3
[r8-bgp]peer 34.1.1.7 as 2

发布路由

为了实现全网通除了正常宣告AS2内的业务网段外还要宣告以下
[r2]bgp 64512
[r1-bgp]network 12.1.1.0 24

[r7]bgp 64513
[r8-bgp]network 34.1.1.0 24

为了隧道建立实现全网通

配置路由反射器

[r2]bgp 64512
[r2-bgp]peer 172.16.12.3 reflect-client
[r2-bgp]peer 172.16.12.4 reflect-client

[r5]bgp 64513
[r5-bgp]peer 172.16.12.6 reflect-client
[r5-bgp]peer 172.16.12.6 reflect-client

建立GRE隧道

[r1]int t0/0/0
[r1-Tunnel0/0/0]ip a 172.16.13.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre
[r1-Tunnel0/0/0]source 12.1.1.1
[r1-Tunnel0/0/0]destination 34.1.18
[r1]ip route-static 192.168.1.0 24 172.16.13.8

[r8]int t0/0/0
[r8-Tunnel0/0/0]ip a 172.16.13.8
[r8-Tunnel0/0/0]tunnel-protocol gre
[r8-Tunnel0/0/0]source 34.1.1.8
[r8-Tunnel0/0/0]destination 12.1.1.1
[r8]ip route-static 192.168.2.0 24 172.16.13.1

测试

[R1]ping -a 192.168.1.1 192.168.2.1
PING 192.168.2.1: 56 data bytes, press CTRL_C to break
Reply from 192.168.2.1: bytes=56 Sequence=1 ttl=255 time=110 ms
Reply from 192.168.2.1: bytes=56 Sequence=2 ttl=255 time=50 ms
Reply from 192.168.2.1: bytes=56 Sequence=3 ttl=255 time=40 ms
Reply from 192.168.2.1: bytes=56 Sequence=4 ttl=255 time=40 ms
Reply from 192.168.2.1: bytes=56 Sequence=5 ttl=255 time=30 ms

— 192.168.2.1 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 30/54/110 ms