配置 BGP<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />

一、 实验目的:
配置BGP协议,实现两个isp之间的通信
二、 实验拓扑结构图
三、实验步骤
1.         基本接口配置()
2.         配置bgp协议
isp<?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" />1A(config-if)#router bgp 200
isp1A(config-router)#neigh 10.0.0.2 remote-as 100
isp1A(config-router)#net 10.0.0.0
isp1A(config-router)#auto-summary

 

sanjose1(config)#router bgp 100
sanjose1(config-router)#neigh 10.0.0.1 remote-as 200
sanjose1(config-router)#neigh 172.16.0.1 remote-as 300
sanjose1(config-router)#net 192.168.0.0
sanjose1(config-router)#net 192.168.1.0
sanjose1(config-router)#auto-summary

 

isp2(config-if)#router bgp 300
isp2(config-router)#neigh 172.16.0.2 remot
isp2(config-router)#neigh 172.16.0.2 remote-as 100
isp2(config-router)#net 172.16.0.0
isp2(config-router)#auto-summary
3.         BGP配置结果
sanjose1#show ip route
     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/1
B       172.16.0.0/16 [20/0] via 172.16.0.1, 00:08:12

     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       10.0.0.0/30 is directly connected, Serial0/0
B       10.0.0.0/8 [20/0] via 10.0.0.1, 00:06:17

C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1

 

sanjose1#show ip bgp
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.0.0.0         10.0.0.1                 0             0 200 i
*> 172.16.0.0       172.16.0.1               0             0 300 i
*> 192.168.0.0      0.0.0.0                  0         32768 i
*> 192.168.1.0      0.0.0.0                  0         32768 i

 

isp1A#ping 172.16.1.1 实验目的达到是连个isp可以通信
4.          sanjose1上配置访问控制列表防止两个isp之间的通信
sanjose1(config)#router bgp 100
sanjose1(config-router)#neigh 10.0.0.1 d
sanjose1(config-router)#neigh 10.0.0.1 distribute-list 1 out
sanjose1(config-router)#neigh 172.16.0.1 distribute-list 1 out

 

sanjose1(config)#access-list 1 permit 192.168.0.0 0.0.255.255
查看结果
isp1A#show ip bgp
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.0.0.0         0.0.0.0                  0         32768 i
*> 192.168.0.0      10.0.0.2                 0             0 100 i
*> 192.168.1.0      10.0.0.2                 0             0 100 i
isp1A#show ip route
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       10.0.0.0/30 is directly connected, Serial0/0
C       10.0.1.0/24 is directly connected, Loopback0
B    192.168.0.0/24 [20/0] via 10.0.0.2, 00:04:30

B    192.168.1.0/24 [20/0] via 10.0.0.2, 00:04:30

没有到达172.16..0.0的路由
isp1A#ping 172.16.1.1 不能通
5.          查看sanjose1的配置结果
sanjose1#show ip route
     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/1
B       172.16.0.0/16 [20/0] via 172.16.0.1, 00:02:26
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       10.0.0.0/30 is directly connected, Serial0/0
B       10.0.0.0/8 [20/0] via 10.0.0.1, 00:02:26
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
sanjose1#show ip bgp 
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.0.0.0         10.0.0.1                 0             0 200 i
*> 172.16.0.0       172.16.0.1               0             0 300 i
*> 192.168.0.0      0.0.0.0                  0         32768 i
*> 192.168.1.0      0.0.0.0                  0         32768 i
sanjose1#ping 172.16.1.1
sanjose1#ping 10.0.1.1 通过访问控制列表达到保护sanjose1的目的