简单规划一下接口ip为12.1.1.1 12.1.1.2 这些类似。
R5 引入 lookback地址为 55.55.55.55
R1这边引入 11.11.11.11
接下来我们一个一个来进行测试
BGP选路原则:
0.丢弃下一跳不可达的路由
1.优选Preferrd—Vaule属性最大的路由 //仅限与华为的。华三不支持。思科不支持。
2.优选local_Preferrd属性最大的路由
3.本地始发的路由优于其他对等体学习的路由,本地始发的路由:优选手动聚合>自动聚合>netweork>import
4.优选as path最短的路由 //手动加path建议加成同as号 类似于 100 100 100 。防止隐患。到as号被丢弃
5.优选Origin属性最优的路由 network>import 就是i>?
6.优选MED属性最小的路由 //类似于cost 在路由策略里面可以实现
7.优选从EBGP对等体学来的路由,EBGP路由高于IBGP路由
8.优选Next_hop的igp度量值最小的路由 ///比如修改接口ospf的cost\
9.优选与CLuster——list最短的路由
10.优选router id 最小的设备通告的路由
11.优选具有最小ip地址的对等体通知的路由。
以上12种类选路原则都是依次向下的。 12条是最后比的。优先比较前面几条。依次类推
大部分都是可以使用router pol 操控的
bgp中
maximum load-balancing 2 两条
这是显示bgp负载分担的路由,并不是不负载分担。
预配:100的底层运行ospf接口R2和R3 g0/0/1不宣告,其他都宣告。然后100和200之间做EBGP连接 , 区域100内通过环回口地址来宣告。
预配:
R1:
R1]dis cu
[R1]dis current-configuration
[V200R003C00]
#
sysname R1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 12.1.1.1 255.255.255.0
ospf enable 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
ip address 13.1.1.1 255.255.255.0
ospf enable 1 area 0.0.0.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
ospf enable 1 area 0.0.0.0
#
bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
R2:
[R2]dis current-configuration
[V200R003C00]
#
sysname R2
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 12.1.1.2 255.255.255.0
ospf enable 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
ip address 24.1.1.2 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
ospf enable 1 area 0.0.0.0
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 24.1.1.4 as-number 200
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 1.1.1.1 next-hop-local
peer 24.1.1.4 enable
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
R3:
[R3]dis current-configuration
[V200R003C00]
#
sysname R3
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 13.1.1.3 255.255.255.0
ospf enable 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
ip address 34.1.1.3 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.0
ospf enable 1 area 0.0.0.0
#
bgp 100
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 34.1.1.4 as-number 200
#
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 1.1.1.1 next-hop-local
peer 34.1.1.4 enable
#
ospf 1 router-id 3.3.3.3
area 0.0.0.0
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R4:
[R4]dis cu
[R4]dis current-configuration
[V200R003C00]
#
sysname R4
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 24.1.1.4 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 34.1.1.4 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
interface LoopBack5
ip address 55.55.55.55 255.255.255.255
#
bgp 200
peer 24.1.1.2 as-number 100
peer 34.1.1.3 as-number 100
#
ipv4-family unicast
undo synchronization
network 33.0.0.0
network 33.33.33.33 255.255.255.255
network 55.0.0.0
network 55.55.55.55 255.255.255.255
peer 24.1.1.2 enable
peer 34.1.1.3 enable
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
预配的现象就是所有的bgp的邻居关系已经起来我们来分析路由的走向
因为我们在R4当中已经通过network的方式引入了55.55.55.55
我们在R1上面观察55.55.55.55的路由的走向
这个路由的下一跳为2.2.2.2是啥因素导致的呢
- 上面显示是因为router id的原因没有被优选,越小越优,所以选择2.2.2.2.验证我们的第十条。
然后我们去修改下一跳的优先级
我们再去查看他们的下一跳的变化,
是因为cost数值的变化,所有没有被优选。验证了我们的第8条
我们记住这个R4的路由优选是24.1.1.2
可以看出MED数值的修改决定我们下一跳,越小越优先。
可以看出aspath的越长越不优先,越小越优先