拓扑如上:
要求:
R1-R3 EBGP ;R2-R3 EBGP; R3-R4 EBGP ;R4-R5 IBGP R5为反射器 R6为客户端 R10用于测试
R1-R3 ospf保证网络互通 area 0
R1 bgp 1
int l 1 ip 10.1.1.1 用于测试
R2-R3 ospf area 1 区域使用md5加密
R2 bgp 2
int l 1 ip 20.1.1.1 用于测试
R3-R4 ospf area 2 使用明文加密
R3 bgp 3
R4-R5 eigrp 使用md5验证
R5-R6 eigrp
R1 :
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ip ospf 1 area 0
interface Loopback1
ip address 10.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address 13.1.1.1 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco
ip ospf priority 2
ip ospf 1 area 0
router bgp 1
bgp router-id 1.1.1.1
no bgp default ipv4-unicast //为了体现严谨,CCIE考试都要使用。因为默认就是全局模式下开 启bgp邻居。关闭后需对不同的地址族进行activate
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 3
neighbor 3.3.3.3 ebgp-multihop 255
neighbor 3.3.3.3 update-source Loopback0
!
address-family ipv4
neighbor 3.3.3.3 activate
no auto-summary
no synchronization
network 10.1.1.0 mask 255.255.255.0
exit-address-family
R2:
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ip ospf 1 area 1
!
interface Loopback1
ip address 20.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address 23.1.1.2 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
ip ospf 1 area 1
router bgp 2
bgp router-id 2.2.2.2
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 23.1.1.3 remote-as 3
!
address-family ipv4
neighbor 23.1.1.3 activate
no auto-summary
no synchronization
network 20.1.1.0 mask 255.255.255.0
exit-address-family
R3:
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
ip address 13.1.1.3 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco
ip ospf priority 0
ip ospf 1 area 0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 23.1.1.3 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
ip ospf priority 0
ip ospf 1 area 1
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 34.1.1.3 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco
ip ospf 1 area 2
duplex auto
speed auto
router ospf 1
log-adjacency-changes
!
router bgp 3
bgp router-id 3.3.3.3
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 ebgp-multihop 255
neighbor 1.1.1.1 update-source Loopback0
neighbor 4.4.4.4 remote-as 4
neighbor 4.4.4.4 ebgp-multihop 255
neighbor 4.4.4.4 password cisco
neighbor 4.4.4.4 update-source Loopback0
neighbor 23.1.1.2 remote-as 2
!
address-family ipv4
neighbor 1.1.1.1 activate
neighbor 4.4.4.4 activate
neighbor 23.1.1.2 activate
no auto-summary
no synchronization
exit-address-family
R4:
interface Loopback0
ip address 4.4.4.4 255.255.255.255
ip ospf 1 area 2
!
interface FastEthernet0/0
ip address 34.1.1.4 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco
ip ospf 1 area 2
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 45.1.1.4 255.255.255.0
ip authentication mode eigrp 90 md5
ip authentication key-chain eigrp 90 1
duplex auto
speed auto
!
router eigrp 90
redistribute ospf 1 metric 1 1 1 1 1 //因为上面是ospf下面是eigrp所以有做重分布, 注意点在eigrp中重分布需要metric值
network 4.4.4.4 0.0.0.0
network 45.1.1.4 0.0.0.0
no auto-summary
!
router ospf 1
log-adjacency-changes
redistribute eigrp 90 subnets
router bgp 4
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 3
neighbor 3.3.3.3 ebgp-multihop 255
neighbor 3.3.3.3 password cisco
neighbor 3.3.3.3 update-source Loopback0
neighbor 5.5.5.5 remote-as 4
neighbor 5.5.5.5 ebgp-multihop 255
neighbor 5.5.5.5 update-source Loopback0
!
address-family ipv4
neighbor 3.3.3.3 activate
neighbor 5.5.5.5 activate
no auto-summary
no synchronization
exit-address-family
key chain 1
key 1
key-string cisco
R5:
key chain 1
key 1
key-string cisco //用于eigrp认证
interface Loopback0
ip address 5.5.5.5 255.255.255.255
!
interface FastEthernet0/0
ip address 45.1.1.5 255.255.255.0
ip authentication mode eigrp 90 md5 //开启eigrp认证
ip authentication key-chain eigrp 90 1 //接口使用key 1 对eig 90 认证
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 56.1.1.5 255.255.255.0
ip authentication mode eigrp 90 md5
ip authentication key-chain eigrp 90 1
duplex auto
speed auto
!
router eigrp 90
network 5.5.5.5 0.0.0.0
network 45.1.1.5 0.0.0.0
network 56.1.1.5 0.0.0.0
no auto-summary
!
router bgp 4
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 4.4.4.4 remote-as 4
neighbor 4.4.4.4 update-source Loopback0
neighbor 6.6.6.6 remote-as 4
neighbor 6.6.6.6 update-source Loopback0
!
address-family ipv4
no auto-summary
neighbor 4.4.4.4 activate
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 route-reflector-client //加了这条命令R5直接变成反射器,R6则为客户 端。注意点
反射器会将从ebgp邻居学到的路由发送客户端和非客户端,从客户端学到 路由会发送给Ebgp邻居,客户端和非客户端,从非客户端学习到的路由只
发送给EBGP邻居,客户端,不发送给非客户端。
no synchronization
exit-address-family
R6:
key chain 1
key 1
key-string cisco
interface Loopback0
ip address 6.6.6.6 255.255.255.255
!
interface Loopback1
ip address 60.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address 56.1.1.6 255.255.255.0
ip authentication mode eigrp 90 md5
ip authentication key-chain eigrp 90 1
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 61.1.1.6 255.255.255.0
duplex auto
speed auto
!
router eigrp 90
network 6.6.6.6 0.0.0.0
network 56.1.1.6 0.0.0.0
network 61.1.1.6 0.0.0.0
no auto-summary
router bgp 4
no synchronization
bgp log-neighbor-changes
network 60.1.1.0 mask 255.255.255.0
neighbor 5.5.5.5 remote-as 4
neighbor 5.5.5.5 update-source Loopback0
neighbor 61.1.1.1 remote-as 4
no auto-summary
R10:
interface FastEthernet0/0
ip address 61.1.1.1 255.255.255.0
duplex auto
speed auto
router eigrp 90
network 61.1.1.1 0.0.0.0
auto-summary
!
router bgp 4
bgp router-id 10.1.1.1
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 61.1.1.6 remote-as 4
!
address-family ipv4
neighbor 61.1.1.6 activate
no auto-summary
no synchronization
exit-address-family
结果:
R6 能学习到R1 和R2 的l 1 口的路由信息。R10只能学习到R6的l 1 的路由信息。
其实也是表面,bgp路由中,从ebgp学习到的路由会发送给ebgp邻居和ibgp邻居,但是从ibgp邻居学习到的路由只会发送给ebgp邻居,不会发送给ibgp邻居,也叫做bgp水平分割
R6#sh ip b
BGP table version is 8, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i10.1.1.0/24 3.3.3.3 0 100 0 3 1 i
*>i20.1.1.0/24 3.3.3.3 0 100 0 3 2 i
*> 60.1.1.0/24 0.0.0.0 0 32768 i
R10# sh ip b
BGP table version is 2, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i60.1.1.0/24 61.1.1.6 0 100 0 i
也是自己学习笔记,闲来无事,练练手感以及熟练度。有些理论也顺带在实验过程中又看了一遍。如有错误的地方,请指正。
转载于:https://blog.51cto.com/livetony/1711483