九、配置样例2
下面的示例中涉及到聚合路由内容,并将聚合路由使用community、router-map及prefix-list等功能实现过滤精细路由,拓扑图如下所示。
![clip_p_w_picpath024[4]](https://s1.51cto.com/attachment/201012/27/499334_1293422563L2Bb.jpg "clip_p_w_picpath024[4]")
具体配置如下:
R1#sh running-config
!
hostname R1
!
interface Loopback0
ip address 192.168.192.1 255.255.255.0
!
interface Loopback1
ip address 192.168.193.1 255.255.255.0
!
interface Loopback2
ip address 192.168.194.1 255.255.255.0
!
interface Loopback3
ip address 192.168.195.1 255.255.255.0
!
interface Loopback4
ip address 192.168.196.1 255.255.255.0
!
interface Loopback5
ip address 192.168.197.1 255.255.255.0
!
interface Loopback6
ip address 192.168.198.1 255.255.255.0
!
interface Loopback7
ip address 192.168.199.1 255.255.255.0
!
interface Ethernet1/0
ip address 10.1.1.1 255.255.255.0
duplex half
!
interface Ethernet1/1
ip address 10.1.6.1 255.255.255.0
duplex half
!
router ospf 10
log-adjacency-changes
network 10.1.1.0 0.0.0.255 area 0
network 10.1.6.0 0.0.0.255 area 0
network 192.168.192.0 0.0.0.255 area 0
network 192.168.193.0 0.0.0.255 area 0
network 192.168.194.0 0.0.0.255 area 0
network 192.168.195.0 0.0.0.255 area 0
network 192.168.196.0 0.0.0.255 area 0
network 192.168.197.0 0.0.0.255 area 0
network 192.168.198.0 0.0.0.255 area 0
network 192.168.199.0 0.0.0.255 area 0
-------------------------------------------------------------------------------------------------------------------------
R2#sh running-config
interface Ethernet1/0
ip address 10.1.1.2 255.255.255.0
duplex half
!
interface Serial2/0
ip address 10.1.2.1 255.255.255.0
serial restart-delay 0
!
router ospf 10
log-adjacency-changes
network 10.1.1.0 0.0.0.255 area 0
!
router bgp 100
no synchronization
bgp log-neighbor-changes
aggregate-address 192.168.192.0 255.255.248.0
redistribute ospf 10 metric 50
neighbor 10.1.2.2 remote-as 200
neighbor 10.1.2.2 send-community
neighbor 10.1.2.2 route-map community out
neighbor 10.1.6.2 remote-as 100
no auto-summary
!
access-list 110 permit ip host 192.168.192.0 host 255.255.248.0
!
route-map community permit 10
match ip address 110
set community none
!
route-map community permit 20
set community no-export
!
-------------------------------------------------------------------------------------------------------------------------
R3#sh running-config
interface Ethernet1/0
ip address 10.1.7.1 255.255.255.0
duplex half
!
interface Serial2/0
ip address 10.1.2.2 255.255.255.0
serial restart-delay 0
!
interface Serial2/1
ip address 10.1.3.1 255.255.255.0
serial restart-delay 0
!
router bgp 200
no synchronization
bgp log-neighbor-changes
neighbor 10.1.2.1 remote-as 100
neighbor 10.1.3.2 remote-as 300
neighbor 10.1.7.2 remote-as 200
no auto-summary
!
-------------------------------------------------------------------------------------------------------------------------
R4#sh running-config
interface Serial2/0
ip address 10.1.3.2 255.255.255.0
serial restart-delay 0
!
interface Serial2/1
ip address 10.1.4.1 255.255.255.0
serial restart-delay 0
!
router bgp 300
no synchronization
bgp log-neighbor-changes
neighbor 10.1.3.1 remote-as 200
neighbor 10.1.4.2 remote-as 200
no auto-summary
!
-------------------------------------------------------------------------------------------------------------------------
R5#sh running-config
interface Ethernet1/0
ip address 10.1.7.2 255.255.255.0
duplex half
!
interface Serial2/0
ip address 10.1.4.2 255.255.255.0
serial restart-delay 0
!
interface Serial2/1
ip address 10.1.5.1 255.255.255.0
serial restart-delay 0
!
router bgp 200
no synchronization
bgp log-neighbor-changes
neighbor 10.1.4.1 remote-as 300
neighbor 10.1.5.2 remote-as 100
neighbor 10.1.7.1 remote-as 200
no auto-summary
!
-------------------------------------------------------------------------------------------------------------------------
R6#sh running-config
interface Ethernet1/0
ip address 10.1.6.2 255.255.255.0
duplex half
!
interface Serial2/0
ip address 10.1.5.2 255.255.255.0
serial restart-delay 0
!
!
router ospf 10
log-adjacency-changes
network 10.1.6.0 0.0.0.255 area 0
!
router bgp 100
no synchronization
bgp log-neighbor-changes
aggregate-address 192.168.192.0 255.255.248.0
redistribute ospf 10 metric 50
neighbor 10.1.1.2 remote-as 100
neighbor 10.1.5.1 remote-as 200
neighbor 10.1.5.1 send-community
neighbor 10.1.5.1 route-map community out
no auto-summary
!
!
ip prefix-list aggregate seq 5 permit 192.168.192.0/21
!
route-map community permit 10
match ip address prefix-list aggregate
set community none
!
route-map community permit 20
set community no-export
!
配置完成以后,可以查看聚合路由表。
R4#sh ip bgp
BGP table version is 32, local router ID is 10.1.4.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, * - incomplete
Network Next Hop Metric LocPrf Weight Path
* 192.168.192.0/21 10.1.4.2 0 200 100 i
*> 10.1.3.1 0 200 100 i
R3#sh ip bgp
BGP table version is 22, local router ID is 10.1.7.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, * - incomplete
Network Next Hop Metric LocPrf Weight Path
* i10.1.1.0/24 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 0 0 100 *
* i10.1.6.0/24 10.1.5.2 0 100 0 100 *
*> 10.1.2.1 50 0 100 *
* i192.168.192.0/21 10.1.5.2 0 100 0 100 i
*> 10.1.2.1 0 0 100 i
* i192.168.192.1/32 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 50 0 100 *
* i192.168.193.1/32 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 50 0 100 *
* i192.168.194.1/32 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 50 0 100 *
* i192.168.195.1/32 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 50 0 100 *
* i192.168.196.1/32 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 50 0 100 *
* i192.168.197.1/32 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 50 0 100 *
* i192.168.198.1/32 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 50 0 100 *
* i192.168.199.1/32 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 50 0 100 *
R5#sh ip bgp
BGP table version is 33, local router ID is 10.1.7.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, * - incomplete
Network Next Hop Metric LocPrf Weight Path
* i10.1.1.0/24 10.1.2.1 0 100 0 100 *
*> 10.1.5.2 50 0 100 *
* i10.1.6.0/24 10.1.2.1 50 100 0 100 *
*> 10.1.5.2 0 0 100 *
*> 192.168.192.0/21 10.1.5.2 0 0 100 i
* i 10.1.2.1 0 100 0 100 i
* i192.168.192.1/32 10.1.2.1 50 100 0 100 *
*> 10.1.5.2 50 0 100 *
* i192.168.193.1/32 10.1.2.1 50 100 0 100 *
*> 10.1.5.2 50 0 100 *
* i192.168.194.1/32 10.1.2.1 50 100 0 100 *
*> 10.1.5.2 50 0 100 *
* i192.168.195.1/32 10.1.2.1 50 100 0 100 *
*> 10.1.5.2 50 0 100 *
* i192.168.196.1/32 10.1.2.1 50 100 0 100 *
*> 10.1.5.2 50 0 100 *
* i192.168.197.1/32 10.1.2.1 50 100 0 100 *
*> 10.1.5.2 50 0 100 *
* i192.168.198.1/32 10.1.2.1 50 100 0 100 *
*> 10.1.5.2 50 0 100 *
* i192.168.199.1/32 10.1.2.1 50 100 0 100 *
*> 10.1.5.2 50 0 100 *
使用下面的命令查看携带NO-EPORT COMMUNITY属性的路由情况
R3#sh ip bgp community no-export
BGP table version is 22, local router ID is 10.1.7.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, * - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.1.1.0/24 10.1.2.1 0 0 100 *
*> 10.1.6.0/24 10.1.2.1 50 0 100 *
*> 192.168.192.1/32 10.1.2.1 50 0 100 *
*> 192.168.193.1/32 10.1.2.1 50 0 100 *
*> 192.168.194.1/32 10.1.2.1 50 0 100 *
*> 192.168.195.1/32 10.1.2.1 50 0 100 *
*> 192.168.196.1/32 10.1.2.1 50 0 100 *
*> 192.168.197.1/32 10.1.2.1 50 0 100 *
*> 192.168.198.1/32 10.1.2.1 50 0 100 *
*> 192.168.199.1/32 10.1.2.1 50 0 100 *
R5#sh ip bgp community no-export
BGP table version is 33, local router ID is 10.1.7.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, * - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.1.1.0/24 10.1.5.2 50 0 100 *
*> 10.1.6.0/24 10.1.5.2 0 0 100 *
*> 192.168.192.1/32 10.1.5.2 50 0 100 *
*> 192.168.193.1/32 10.1.5.2 50 0 100 *
*> 192.168.194.1/32 10.1.5.2 50 0 100 *
*> 192.168.195.1/32 10.1.5.2 50 0 100 *
*> 192.168.196.1/32 10.1.5.2 50 0 100 *
*> 192.168.197.1/32 10.1.5.2 50 0 100 *
*> 192.168.198.1/32 10.1.5.2 50 0 100 *
*> 192.168.199.1/32 10.1.5.2 50 0 100 *
也可以在上面配置的基础上实现如下策略:
* 通过R2-R3链路来宣告192.168.192.0/24、192.168.193.0/24、192.168.194.0/24
* 通过R6-R5链路来宣告192.168.196.0/24、192.168.197.0/24、192.168.198.0/24
* 不宣告192.168.195.0/24、192.168.199.0/24
具体配置如下:
R2#sh running-config
router bgp 100
no synchronization
bgp log-neighbor-changes
aggregate-address 192.168.192.0 255.255.248.0 suppress-map suppress
!
access-list 1 permit 192.168.195.0 0.0.0.255
access-list 1 permit 192.168.196.0 0.0.3.255
!
route-map suppress permit 10
match ip address 1
R6#sh running-config
router bgp 100
no synchronization
bgp log-neighbor-changes
aggregate-address 192.168.192.0 255.255.248.0 suppress-map suppress
!
ip prefix-list suppress seq 5 permit 192.168.192.0/22 le 24
ip prefix-list suppress seq 10 permit 192.168.199.0/24
!
route-map suppress permit 10
match ip address prefix-list suppress
使用命令查看路由状态
R3#sh ip bgp
BGP table version is 39, local router ID is 10.1.7.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, * - incomplete
Network Next Hop Metric LocPrf Weight Path
* i10.1.1.0/24 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 0 0 100 *
* i10.1.6.0/24 10.1.5.2 0 100 0 100 *
*> 10.1.2.1 50 0 100 *
* i192.168.192.0/21 10.1.5.2 0 100 0 100 i
*> 10.1.2.1 0 0 100 i
* i192.168.192.1/32 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 50 0 100 *
* i192.168.193.1/32 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 50 0 100 *
* i192.168.194.1/32 10.1.5.2 50 100 0 100 *
*> 10.1.2.1 50 0 100 *
* i192.168.195.1/32 10.1.5.2 50 100 0 100 *
* i192.168.196.1/32 10.1.5.2 50 100 0 100 *
* i192.168.197.1/32 10.1.5.2 50 100 0 100 *
* i192.168.198.1/32 10.1.5.2 50 100 0 100 *
* i192.168.199.1/32 10.1.5.2 50 100 0 100 *
R5#sh ip bgp
BGP table version is 62, local router ID is 10.1.7.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, * - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.1.1.0/24 10.1.5.2 50 0 100 *
* i 10.1.2.1 0 100 0 100 *
*> 10.1.6.0/24 10.1.5.2 0 0 100 *
* i 10.1.2.1 50 100 0 100 *
*> 192.168.192.0/21 10.1.5.2 0 0 100 i
* i 10.1.2.1 0 100 0 100 i
*> 192.168.192.1/32 10.1.5.2 50 0 100 *
* i 10.1.2.1 50 100 0 100 *
*> 192.168.193.1/32 10.1.5.2 50 0 100 *
* i 10.1.2.1 50 100 0 100 *
*> 192.168.194.1/32 10.1.5.2 50 0 100 *
* i 10.1.2.1 50 100 0 100 *
*> 192.168.195.1/32 10.1.5.2 50 0 100 *
*> 192.168.196.1/32 10.1.5.2 50 0 100 *
*> 192.168.197.1/32 10.1.5.2 50 0 100 *
*> 192.168.198.1/32 10.1.5.2 50 0 100 *
*> 192.168.199.1/32 10.1.5.2 50 0 100 *
转载于:https://blog.51cto.com/zhangaodi/1298893
515
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
