功能点很小,不过对于初级的同学来说希望有帮助。
BGP实际上对于路由选择过滤是相当强大的一个路由协议。也是CCIE中考试的重点,其实有一本很好的书想推荐给大家: <CISCO BGP-4 命令与配置手册>,曾经有人给我说过,把这本书的命令敲3遍,终身难忘,,可惜我只敲了一遍,哈哈哈,,很多东西只是在脑子里留了一个概念,等到要用的时候再去查.....真的是一本很好的书,敲了一遍,我就成菜鸟了,至少知道别人在说bgp的时候我不会很茫然了。:)
希望对初学bgp的同学有用。
1, Testing topology:
2, Testing target:
L3 switch as the ASBR, connect two different Service provider.
Here for example switch port 1 connect to TATA ISP. Port 2 connect to Reliance ISP.
On L3 switch enable the BGP, make the neighbor ship with TATA and reliance router, from AS 17483 internal routing-router, will advertise loopback 0 and loopback 1 all of the network to L3 switch ASBR by IGP, then need enable the route-map on switch, the interface loopback 0 networks will only advertise to TATA router, and interface looback 1 only advertise to Reliance router by BGP.
3, Testing snapshots:
On MAIPU L3 switch switch first we can check all of the internal routes are already learned by IGP OSPF from routing router:
And now we can check on switch should be has 2 BGP neighbor ship:
For BGP neighbor 111.93.11.249, the switch only advertise interface loopback 0 networks:
And for neighbor 115.248.84.66 only advertise interface loopback 1 networks:
Finally let’s check on TATA router how many routes was learned from MAIPU 4128F V3 switch:
And on Reliance router:
4, Testing configuration:
Routing-router of AS 17483:
interface loopback0
ip address 49.156.130.1 255.255.255.0
ip address 49.156.131.1 255.255.255.0 secondary
ip address 49.156.132.1 255.255.255.0 secondary
ip address 49.156.133.1 255.255.255.0 secondary
ip address 49.156.134.1 255.255.255.0 secondary
ip address 49.156.135.1 255.255.255.0 secondary
ip address 49.156.136.1 255.255.255.0 secondary
ip address 49.156.137.1 255.255.255.0 secondary
ip address 49.156.138.1 255.255.255.0 secondary
ip address 49.156.139.1 255.255.255.0 secondary
ip address 49.156.140.1 255.255.255.0 secondary
ip address 49.156.141.1 255.255.255.0 secondary
ip address 49.156.142.1 255.255.255.0 secondary
ip address 49.156.143.1 255.255.255.0 secondary
ip address 49.156.144.1 255.255.255.0 secondary
ip address 49.156.145.1 255.255.255.0 secondary
ip address 49.156.146.1 255.255.255.0 secondary
ip address 49.156.147.1 255.255.255.0 secondary
ip address 49.156.155.1 255.255.255.0 secondary
ip address 49.156.128.1 255.255.255.0 secondary
ip address 49.156.129.1 255.255.255.0 secondary
ip address 202.62.72.1 255.255.255.0 secondary
ip address 202.62.85.1 255.255.255.0 secondary
ip address 202.62.67.1 255.255.255.0 secondary
ip address 202.62.74.1 255.255.255.0 secondary
ip address 202.62.90.1 255.255.255.0 secondary
ip ospf network point-to-point
exit
interface loopback1
ip address 49.156.158.1 255.255.255.0
ip address 103.5.18.1 255.255.255.0 secondary
ip ospf network point-to-point
exit
interface fastethernet0
ip address 1.1.1.2 255.255.255.0
exit
router ospf 1
network 0.0.0.0 255.255.255.255 area 0
exit
L3 switch:
!
vlan 1-4;4094
!
ip access-list standard TATA
permit 49.156.130.0 0.0.0.255
permit 49.156.131.0 0.0.0.255
permit 49.156.132.0 0.0.0.255
permit 49.156.133.0 0.0.0.255
permit 49.156.134.0 0.0.0.255
permit 49.156.135.0 0.0.0.255
permit 49.156.136.0 0.0.0.255
permit 49.156.137.0 0.0.0.255
permit 49.156.138.0 0.0.0.255
permit 49.156.139.0 0.0.0.255
permit 49.156.140.0 0.0.0.255
permit 49.156.141.0 0.0.0.255
permit 49.156.142.0 0.0.0.255
permit 49.156.143.0 0.0.0.255
permit 49.156.144.0 0.0.0.255
permit 49.156.145.0 0.0.0.255
permit 49.156.146.0 0.0.0.255
permit 49.156.147.0 0.0.0.255
permit 49.156.155.0 0.0.0.255
permit 49.156.128.0 0.0.0.255
permit 49.156.129.0 0.0.0.255
permit 202.62.72.0 0.0.0.255
permit 202.62.85.0 0.0.0.255
permit 202.62.67.0 0.0.0.255
permit 202.62.74.0 0.0.0.255
permit 202.62.90.0 0.0.0.255
ip access-list standard reliance
permit 103.5.18.0 0.0.0.255
permit 49.156.158.0 0.0.0.255
!
Interface Ethernet1/0/1
switchport access vlan 2
!
Interface Ethernet1/0/2
switchport access vlan 3
!
Interface Ethernet1/0/3
switchport access vlan 4
!
Interface Ethernet1/0/4
!
Interface Ethernet1/0/5
!
Interface Ethernet1/0/6
!
Interface Ethernet1/0/7
!
Interface Ethernet1/0/8
!
Interface Ethernet1/0/9
!
Interface Ethernet1/0/10
!
Interface Ethernet1/0/11
!
Interface Ethernet1/0/12
!
Interface Ethernet1/0/13
!
Interface Ethernet1/0/14
!
Interface Ethernet1/0/15
!
Interface Ethernet1/0/16
!
Interface Ethernet1/0/17
!
Interface Ethernet1/0/18
!
Interface Ethernet1/0/19
!
Interface Ethernet1/0/20
switchport access vlan 4094
!
Interface Ethernet1/0/21
!
Interface Ethernet1/0/22
!
Interface Ethernet1/0/23
!
Interface Ethernet1/0/24
!
Interface Ethernet1/0/25
!
Interface Ethernet1/0/26
!
Interface Ethernet1/0/27
!
Interface Ethernet1/0/28
!
interface Vlan2
description connect-to-TATA-router
ip address 111.93.11.250 255.255.255.252
!
interface Vlan3
description connect-to-Reliance-router
ip address 115.248.84.65 255.255.255.252
!
interface Vlan4
description connect-to-LAN-router
ip address 1.1.1.1 255.255.255.0
!
interface Vlan4094
ip address 192.168.2.83 255.255.252.0
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
!
router bgp 17483
network 49.156.128.0/24
network 49.156.129.0/24
network 49.156.130.0/24
network 49.156.131.0/24
network 49.156.132.0/24
network 49.156.133.0/24
network 49.156.134.0/24
network 49.156.135.0/24
network 49.156.136.0/24
network 49.156.137.0/24
network 49.156.138.0/24
network 49.156.139.0/24
network 49.156.140.0/24
network 49.156.141.0/24
network 49.156.142.0/24
network 49.156.143.0/24
network 49.156.144.0/24
network 49.156.145.0/24
network 49.156.146.0/24
network 49.156.147.0/24
network 49.156.155.0/24
network 49.156.158.0/24
network 103.5.18.0/24
network 202.62.67.0/24
network 202.62.72.0/24
network 202.62.74.0/24
network 202.62.85.0/24
network 202.62.90.0/24
neighbor 111.93.11.249 remote-as 45820
neighbor 111.93.11.249 update-source 111.93.11.250
neighbor 111.93.11.249 route-map TATA-OUT out
neighbor 115.248.84.66 remote-as 18101
neighbor 115.248.84.66 update-source 115.248.84.65
neighbor 115.248.84.66 route-map RIL-OUT out
!
route-map RIL-OUT permit 10
match ip address reliance
!
route-map TATA-OUT permit 10
match ip address TATA
!
!
TATA-router:
interface fastethernet0
ip address 111.93.11.249 255.255.255.252
exit
router bgp 45820
no auto-summary
no synchronization
neighbor 111.93.11.250 remote-as 17483
exit
Reliance router:
interface fastethernet0
ip address 115.248.84.66 255.255.255.252
exit
router bgp 18101
no auto-summary
no synchronization
neighbor 115.248.84.65 remote-as 17483
exit
转载于:https://blog.51cto.com/361531/921178
1507
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
