实验要求:
1、AS1存在两个环回,一个地址为192.168.1.0/24该地址不能在任何协议中宣告
AS3中存在两个环回,一个地址为192.168.2.0/24该地址不能在任何协议中宣告,最终要求这两个环回可以互相通讯 ,
As1的另一个环回为10.0.0.0/24,AS3的另一个环回为11.0.0.0/242,
2、整个AS2的IP地址为172.16.0.0/16,请合理划分
3,AS间的骨干链路IP地址随意定制
4,使用BGP协议让整个网络所有设备的环回可以互相访问
5,减少路由条目数量,避免环路出现
操作过程:
一、划分IP地址
1、AS 2:
IP地址 | 路由器 |
172.16.2.0 /24 | R2 |
172.16.3.0 /24 | R3 |
172.16.4.0 /24 | R4 |
172.16.5.0 /24 | R5 |
172.16.6.0 /24 | R6 |
172.16.7.0 /24 | R7 |
172.16.1.0 /24 | MA骨干网络 |
172.16.1.0 /29 | R2-R3 |
172.16.1.8 /29 | R3-R4 |
172.16.1.16 /29 | R2-R5 |
172.16.1.24 /29 | R5-R6 |
172.16.1.32 /29 | R6-R7 |
172.16.1.40 /29 | R4-R7 |
2、将划分好的IP地址对相应设备进行配置
R1:
[r1]int g 0/0/0
[r1-GigabitEthernet0/0/0]ip ad 12.0.0.1 24
[r1-GigabitEthernet0/0/0]int l0
[r1-LoopBack0]ip ad 192.168.1.1 24
[r1-LoopBack0]int l1
[r1-LoopBack1]ip ad 10.0.0.1 24
R2:
[r2]int g 0/0/0
[r2-GigabitEthernet0/0/0]ip ad 12.0.0.2 24
[r2-GigabitEthernet0/0/0]q
[r2]int g0/0/1
[r2-GigabitEthernet0/0/1]ip ad 172.16.1.1 29
[r2-GigabitEthernet0/0/1]q
[r2]int g0/0/2
[r2-GigabitEthernet0/0/2]ip ad 172.16.1.17 29
[r2]int l0
[r2-LoopBack0]ip ad 172.16.2.1 24
[r2-LoopBack0]
R3:
[r3]int g 0/0/0
[r3-GigabitEthernet0/0/0]ip ad 172.16.1.2 29
[r3-GigabitEthernet0/0/0]int g 0/0/1
[r3-GigabitEthernet0/0/1]ip ad 172.16.1.9 29
[r3-GigabitEthernet0/0/1]int l0
[r3-LoopBack0]ip ad 172.16.3.1 24
R4:
<r4>SYS
[r4]int g 0/0/0
[r4-GigabitEthernet0/0/0]ip ad 172.16.1.10 29
[r4-GigabitEthernet0/0/0]q
[r4]int g 0/0/1
[r4-GigabitEthernet0/0/1]ip ad 172.16.1.41 29
[r4-GigabitEthernet0/0/1]q
[r4]int l0
[r4-LoopBack0]ip ad 172.16.4.1 24
R5:
<r5>SYS
[r5]int g 0/0/0
[r5-GigabitEthernet0/0/0]ip ad 172.16.1.25 29
[r5-GigabitEthernet0/0/0]q
[r5]int g 0/0/1
[r5-GigabitEthernet0/0/1]ip ad 172.16.1.18 29
[r5-GigabitEthernet0/0/1]q
[r5]int l0
[r5-LoopBack0]ip ad 172.16.5.1 24
R6:
<r6>sys
Enter system view, return user view with Ctrl+Z.
[r6]int g 0/0/1
[r6-GigabitEthernet0/0/1]ip ad 172.16.1.26 29
May 5 2022 21:36:38-08:00 r6 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
on the interface GigabitEthernet0/0/1 has entered the UP state.
[r6-GigabitEthernet0/0/1]q
[r6]int g 0/0/0
[r6-GigabitEthernet0/0/0]ip ad 172.16.1.33 29
May 5 2022 21:37:20-08:00 r6 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP
on the interface GigabitEthernet0/0/0 has entered the UP state.
[r6-GigabitEthernet0/0/0]q
[r6]int l0
[r6-LoopBack0]ip ad 172.16.6.1 24
R7:
<r7>sys
[r7]int g 0/0/1
[r7-GigabitEthernet0/0/1]ip ad 172.16.1.34 29
[r7-GigabitEthernet0/0/1]q
[r7]int g 0/0/0
[r7-GigabitEthernet0/0/0]ip ad 172.16.1.42 29
[r7-GigabitEthernet0/0/0]q
[r7]int g 0/0/2
[r7-GigabitEthernet0/0/2]ip ad 78.0.0.1 24
[r7-GigabitEthernet0/0/2]
[r7-GigabitEthernet0/0/2]q
[r7]int l0
[r7-LoopBack0]ip ad 172.16.7.1 24
R8:
<r8>sys
[r8]int g 0/0/0
[r8-GigabitEthernet0/0/0]ip ad 78.0.0.2 24
[r8-GigabitEthernet0/0/0]q
[r8]int l0
[r8-LoopBack0]ip ad 192.168.2.1 24
[r8-LoopBack0]int l1
[r8-LoopBack1]ip ad 11.0.0.1 24
二、在AS2中启动OSPF
R2: <r2>SYS [r2]ospf 1 router-id 2.2.2.2 [r2-ospf-1]a 0 [r2-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255 | R3: <r3>sys [r3]ospf 1 router-id 3.3.3.3 [r3-ospf-1]a 0 [r3-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255 |
R4: <r4>SYS [r4]ospf 1 router-id 4.4.4.4 [r4-ospf-1]a 0 [r4-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255 | R5: <r5>sys [r5]ospf 1 router-id 5.5.5.5 [r5-ospf-1]a 0 [r5-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255 |
R6: <r6>sys [r6]ospf 1 router-id 6.6.6.6 [r6-ospf-1]area 0 [r6-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255 | R7: <r7>sys [r7]ospf 1 router-id 7.7.7.7 [r7-ospf-1]area 0 [r7-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255 |
检查:[r6]display ip routing-table protocol ospf
三、启动BGP
R1:
<r1>sys
[r1]bgp 1
[r1-bgp]router-id 1.1.1.1
[r1-bgp]peer 12.0.0.2 as-number 2
R2:
<r2>SYS
[r2]bgp 64512 ——在联邦中启动的是小的AS号
[r2-bgp]router-id 2.2.2.2 ——声明自己的ID号
[r2-bgp]confederation id 2 ——申明本身所在的大AS号
[r2-bgp]confederation peer-as 64513 ——在跨不同AS 时需要申明所跨AS号,
建立联邦之间的信息
[[r2-bgp]peer 12.0.0.1 as 1 ——进行建邻
[r2-bgp]peer 172.16.3.1 as-number 64512
[r2-bgp]peer 172.16.3.1 connect-interface LoopBack 0
[r2-bgp]peer 172.16.5.1 as-number 64513 ——与R5进行联邦建邻
[r2-bgp]peer 172.16.5.1 connect-interface LoopBack 0
[r2-bgp]peer 172.16.5.1 ebgp-max-hop 2
R3:
<r3>sys1
[r3]bgp 64512
[r3-bgp]router-id 3.3.3.3
[r3-bgp]confederation id 2
[r3-bgp]peer 172.16.2.1 as 64512 ——与R2建邻
[r3-bgp]peer 172.16.2.1 connect-interface LoopBack 0
[r3-bgp]peer 172.16.4.1 as 64512 ——与R4建邻
[r3-bgp]peer 172.16.4.1 connect-interface LoopBack 0
R4:
<r4>sys
[r4]bgp 64512
[r4-bgp]router-id 4.4.4.4
[r4-bgp]confederation id 2
[r4-bgp]confederation peer-as 64513
[r4-bgp]peer 172.16.3.1 advertise-community
[r4-bgp]peer 172.16.3.1 as 64512
[r4-bgp]peer 172.16.3.1 connect-interface LoopBack 0
[r4-bgp]peer 172.16.7.1 as 64513
[r4-bgp]peer 172.16.7.1 connect-interface LoopBack 0
[r4-bgp]peer 172.16.7.1 ebgp-max-hop 2
R5:
<r5>sys
Enter system view, return user view with Ctrl+Z.
[r5]bgp 64513
[r5-bgp]router-id 5.5.5.5
[r5-bgp]confederation id 2
[r5-bgp]confederation peer-as 64512
[r5-bgp]peer 172.16.2.1 as 64512
[r5-bgp]peer 172.16.2.1 connect-interface LoopBack 0
[r5-bgp]peer 172.16.2.1 ebgp-max-hop 2
[r5-bgp]peer 172.16.6.1 as 64513
[r5-bgp]peer 172.16.6.1 connect-interface LoopBack 0
R6:
<r6>sys
Enter system view, return user view with Ctrl+Z.
[r6]bgp 64513
[r6-bgp]router-id 6.6.6.6
[r6-bgp]confederation id 2
[r6-bgp]peer 172.16.5.1 as-number 64513
[r6-bgp]peer 172.16.5.1 connect-interface LoopBack 0
[r6-bgp]peer 172.16.7.1 as 64513
[r6-bgp]peer 172.16.7.1 connect-interface LoopBack 0
R7:
<r7>sys
Enter system view, return user view with Ctrl+Z.
[r7]bgp 64513
[r7-bgp]router-id 7.7.7.7
[r7-bgp]confederation id 2
[r7-bgp]confederation peer-as 64512
[r7-bgp]peer 172.16.6.1 as 64513
[r7-bgp]peer 172.16.6.1 connect-interface LoopBack 0
[r7-bgp]peer 172.16.4.1 as 64512
[r7-bgp]peer 172.16.4.1 connect-interface LoopBack 0
[r7-bgp]peer 172.16.4.1 ebgp-max-hop 2
[r7-bgp]peer 78.0.0.2 as 3
R8:
<r8>sys
Enter system view, return user view with Ctrl+Z.
[r8]bgp 3
[r8-bgp]router-id 8.8.8.8
[r8-bgp]peer 78.0.0.1 as 2
检查:[r1]display bgp peer ——命令
R1:
R2:
R3:
R4:
R5:
R6:
R7:
R8:
三、使用BGP协议让整个网络所有设备的环回可以互相访问
R1:
<r1>sys
Enter system view, return user view with Ctrl+Z.
[r1]bgp 1
[r1-bgp]network 10.0.0.1 24
R2:
<r2>SYS ---修改R2吓一跳的属性改为自己的
[r2]bgp 64512
[r2-bgp]peer 172.16.3.1 next-hop-local
[r2-bgp]peer 172.16.5.1 next-hop-local
由于EBGP之间存在水平分割,所以要将R3、R6作为路由反射器。
R3:[r3-bgp]peer 172.16.2.1 reflect-client ——将R2做为客户端
R6:
[r6]bgp 64513
[r6-bgp]peer 172.16.7.1 reflect-client ——将R7做为客户端
R8:同R2一样
R7:
[r7]bgp 64513
[r7-bgp]peer 172.16.4.1 next-hop-local
[r7-bgp]peer 172.16.6.1 next-hop-local
R8上的相关信息:
R7上的相关信息:
R6上的相关信息:
R1上的相关信息:
四、减少路由条目数量,避免环路出现
R2:[r2]ip route-static 172.16.0.0 21 NULL 0
R1:
R7:
R8:
检查:
R7:
[r7]ip route-static 172.16.0.0 21 NULL 0
[r7]bgp 64513
[r7-bgp]network 172.16.0.0 21
五、一个地址为192.168.1.0/24该地址不能在任何协议中宣告
AS3中存在两个环回,一个地址为192.168.2.0/24该地址不能在任何协议中宣告,最终要求这两个环回可以互相通讯 ,
R1:
<r1>sys
[r1]int t 0/0/0
[r1-Tunnel0/0/0]ip ad 99.0.0.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre
[r1-Tunnel0/0/0]source 10.0.0.1
[r1-Tunnel0/0/0]destination 11.0.0.1
[r1-Tunnel0/0/0]q
[r1]ip route-static 192.168.2.0 24 99.0.0.2
R8:
[r8]int t0/0/0
[r8-Tunnel0/0/0] ip ad 99.0.0.2 24
[r8-Tunnel0/0/0]tunnel-protocol gre
[r8-Tunnel0/0/0]source 11.0.0.1
[r8-Tunnel0/0/0]destination 10.0.0.1
[r8-Tunnel0/0/0]q
[r8]ip route-static 192.168.1.0 24 99.0.0.1