【实验前推荐阅读】

 

http://haolun.blog.51cto.com/173913/992834


 
【实验说明】

要求:在R1上配置 community 属性为 Local-AS ,确保只有R3通告的网络可以访问 AS3通告的网络

 
说明:community Local-AS属性: 不通告该路由到本地AS之外的对等体(不通告给其他AS或者 sub-AS)

 
【实验拓扑】

 

【实验基本配置】

R1:
interface FastEthernet0/0
ip address 155.1.146.1 255.255.255.0
interface Serial0/0
ip address 155.1.13.1 255.255.255.0
clock rate 2000000
router eigrp 2
network 155.1.13.1 0.0.0.0
no auto-summary
!
route-map LOCAL_AS permit 10
set community local-as

 
router bgp 65013
bgp confederation identifier 2
neighbor 155.1.13.3 remote-as 65013
neighbor 155.1.13.3 next-hop-self
neighbor 155.1.146.4 remote-as 3
neighbor 155.1.146.4 route-map LOCAL_AS
neighbor 155.1.13.3 send-community

R2:
interface Serial0/0
ip address 155.1.23.2 255.255.255.0
clock rate 2000000
interface Serial0/1
ip address 155.1.0.2 255.255.255.0
encapsulation frame-relay
clock rate 2000000
frame-relay map ip 155.1.0.5 205 broadcast
router eigrp 2
network 155.1.23.2 0.0.0.0
no auto-summary
!
router bgp 65002
bgp confederation identifier 2
bgp confederation peers 65013
neighbor 155.1.23.3 remote-as 65013
neighbor 155.1.23.3 next-hop-self
neighbor 155.1.0.5 remote-as 1

注意:R2与R3之间也需要制定 next-hop-self,
否则R3 ping不通R5的通告地址。不清楚是否存在bug
R3:
interface Loopback0
ip address 155.1.37.3 255.255.255.0
interface Serial0/0
ip address 155.1.13.3 255.255.255.0
clock rate 2000000
interface Serial0/1
ip address 155.1.23.3 255.255.255.0
clock rate 2000000
router eigrp 2
network 155.1.13.3 0.0.0.0
network 155.1.23.3 0.0.0.0
auto-summary
!
router bgp 65013
bgp confederation identifier 2
bgp confederation peers 65002
network 155.1.37.0 mask 255.255.255.0
neighbor 155.1.13.1 remote-as 65013
neighbor 155.1.13.1 next-hop-self
neighbor 155.1.23.2 remote-as 65002

 
R4:
interface Loopback0
ip address 204.12.1.4 255.255.255.0
!
interface FastEthernet0/0
ip address 155.1.146.4 255.255.255.0
router bgp 3
no synchronization
bgp log-neighbor-changes
network 204.12.1.0
neighbor 155.1.146.1 remote-as 2
R5:
interface Loopback0
ip address 155.1.5.5 255.255.255.0
interface Loopback1
ip address 155.1.58.5 255.255.255.0
interface Serial0/0
ip address 155.1.0.5 255.255.255.0
encapsulation frame-relay
clock rate 2000000
frame-relay map ip 155.1.0.2 502 broadcast
router bgp 1
network 155.1.5.0 mask 255.255.255.0
neighbor 155.1.0.2 remote-as 2

 
 

【实验验证】

R3#show ip bgp
<隐藏部分输出结果>
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 155.1.23.2 0 100 0 (65002) 1 i
*> 155.1.37.0/24 0.0.0.0 0 32768 i
*>i204.12.1.0 155.1.13.1 0 100 0 3 i
R3#show ip bgp 204.12.1.0
BGP routing table entry for 204.12.1.0/24, version 3
Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised outside local AS)
Flag: 0x820
Not advertised to any peer
3
155.1.13.1 from 155.1.13.1 (155.1.146.1)
Origin IGP, metric 0, localpref 100, valid, confed-internal, best
Community: local-AS
R2#show ip bgp 下面的输出结果中,没有AS3通告的地址,也验证了 community Loacl-as 是不会把路由传递 其他AS包括sub-AS
BGP table version is 7, local router ID is 155.1.23.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 155.1.0.5 0 0 1 i
*> 155.1.37.0/24 155.1.23.3 0 100 0 (65013) i