实验拓扑图
实验要求
1.AS1中存在两个环回地址,一个为192.168.1.0/24,该地址不能在任何协议中宣告;
AS3中存在两个环回,一个地址为192.168.2.0/24 该地址不在任何协议中宣告,最终要求这两个环回可以ping通;
2.整个AS2的ip地址为172.16.0.0/16,请合理划分;并且其内部配置OSPF协议
3.AS间的骨干链路IP地址随意定制;
4.使用BGP协议让整个网络所有设备的环回可以互相访问;
5.减少路由条目,避免环路出现;
实验思路和步骤
1.IP地址划分和IP地址配置
IP地址配置
r1
[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip a 12.1.1.1 24
[r1-GigabitEthernet0/0/0]int l0
[r1-LoopBack0]ip a 172.16.0.1 32
[r1-LoopBack0]int l1
[r1-LoopBack1]ip a 192.168.1.1 24
[r1-LoopBack1]q
[r1]dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.1.1.1/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.0.1/32 up up(s)
LoopBack1 192.168.1.1/24 up up(s)
NULL0 unassigned up up(s)
r2
[r2]int g0/0/0
[r2-GigabitEthernet0/0/0]ip a 172.16.1.1 30
[r2-GigabitEthernet0/0/0]ip a 12.1.1.2 24
[r2-GigabitEthernet0/0/0]int g0/0/1
[r2-GigabitEthernet0/0/1]ip a 172.16.1.1 30
[r2-GigabitEthernet0/0/1]int g0/0/2
[r2-GigabitEthernet0/0/2]ip a 172.16.1.21 30
[r2-GigabitEthernet0/0/2]q
[r2]int l0
[r2-LoopBack0]ip a 172.16.0.2 32
[r2-LoopBack0]q
[r2]dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.1.1.2/24 up up
GigabitEthernet0/0/1 172.16.1.1/30 up up
GigabitEthernet0/0/2 172.16.1.21/30 up up
LoopBack0 172.16.0.2/32 up up(s)
NULL0 unassigned up up(s)
r3
[r3]int g 0/0/0
[r3-GigabitEthernet0/0/0]ip a 172.16.1.2 30
[r3-GigabitEthernet0/0/0]int g 0/0/1
[r3-GigabitEthernet0/0/1]ip a 172.16.1.5 30
[r3-GigabitEthernet0/0/1]int l0
[r3-LoopBack0]ip a 172.16.0.3 32
[r3-LoopBack0]int l1
[r3-LoopBack1]ip a 172.16.3.1 32
[r3-LoopBack1]q
[r3]dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.1.2/30 up up
GigabitEthernet0/0/1 172.16.1.5/30 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.0.3/32 up up(s)
LoopBack1 172.16.3.1/32 up up(s)
NULL0 unassigned up up(s)
r4
[r4]int g0/0/0
[r4-GigabitEthernet0/0/0]ip a 172.16.1.6 30
[r4-GigabitEthernet0/0/0]int g0/0/1
[r4-GigabitEthernet0/0/1]ip a 172.16.1.9 30
[r4-GigabitEthernet0/0/1]int l0
[r4-LoopBack0]ip a 172.16.0.4 32
[r4-LoopBack0]int l1
[r4-LoopBack1]ip a 172.16.4.1 24
[r4-LoopBack1]q
[r4]dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.1.6/30 up up
GigabitEthernet0/0/1 172.16.1.9/30 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.0.4/32 up up(s)
LoopBack1 172.16.4.1/24 up up(s)
NULL0 unassigned up up(s)
r5
[r5]in g0/0/0
[r5-GigabitEthernet0/0/0]ip a 172.16.1.22 30
[r5-GigabitEthernet0/0/0]in g0/0/1
[r5-GigabitEthernet0/0/1]
[r5-GigabitEthernet0/0/1]ip a 172.16.1.17 30
[r5-GigabitEthernet0/0/1]int l0
[r5-LoopBack0]ip a 172.16.0.5 32
[r5-LoopBack0]int l1
[r5-LoopBack1]ip a 172.16.5.1 24
[r5-LoopBack1]q
[r5]dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.1.22/30 up up
GigabitEthernet0/0/1 172.16.1.17/30 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.0.5/32 up up(s)
LoopBack1 172.16.5.1/24 up up(s)
NULL0 unassigned up up(s)
r6
[r6]int g0/0/0
[r6-GigabitEthernet0/0/0]ip a 172.16.1.18 30
[r6-GigabitEthernet0/0/0]int g0/0/1
[r6-GigabitEthernet0/0/1]ip a 172.16.1.13 30
[r6-GigabitEthernet0/0/1]int l0
[r6-LoopBack0]ip a 172.16.0.6 32
[r6-LoopBack0]int l1
[r6-LoopBack1]ip a 172.16.6.1 24
[r6-LoopBack1]q
[r6]dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.1.18/30 up up
GigabitEthernet0/0/1 172.16.1.13/30 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.0.6/32 up up(s)
LoopBack1 172.16.6.1/24 up up(s)
NULL0 unassigned up up(s)
r7
[r7]int g0/0/0
[r7-GigabitEthernet0/0/0]ip a 172.16.1.14 30
[r7-GigabitEthernet0/0/0]int g0/0/1
[r7-GigabitEthernet0/0/1]ip a 172.16.1.10 30
[r7-GigabitEthernet0/0/1]int g0/0/2
[r7-GigabitEthernet0/0/2]ip a 34.1.1.7 24
[r7-GigabitEthernet0/0/2]int l0
[r7-LoopBack0]ip a 172.16.0.7 32
[r7-LoopBack0]int l1
[r7-LoopBack1]ip a 172.16.7.1 24
[r7-LoopBack1]q
[r7]dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.1.14/30 up up
GigabitEthernet0/0/1 172.16.1.10/30 up up
GigabitEthernet0/0/2 34.1.1.7/24 up up
LoopBack0 172.16.0.7/32 up up(s)
LoopBack1 172.16.7.1/24 up up(s)
NULL0 unassigned up up(s)
r8
[r8]int g0/0/0
[r8-GigabitEthernet0/0/0]ip a 34.1.1.8 24
[r8-GigabitEthernet0/0/0]int l0
[r8-LoopBack0]ip a 172.16.0.8 32
[r8-LoopBack0]int l1
[r8-LoopBack1]ip a 192.168.2.1 24
[r8-LoopBack1]q
[r8]dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 34.1.1.8/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.0.8/32 up up(s)
LoopBack1 192.168.2.1/24 up up(s)
NULL0 unassigned up up(s)
2.AS2的OSPF互通
r2
[r2-ospf-1]dis th
[V200R003C00]
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 172.16.0.1 0.0.0.0
network 172.16.1.1 0.0.0.0
network 172.16.1.21 0.0.0.0
#
r3
[r3-ospf-1]dis th
[V200R003C00]
#
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 172.16.0.3 0.0.0.0
network 172.16.1.2 0.0.0.0
network 172.16.1.5 0.0.0.0
network 172.16.3.0 0.0.0.255
#
r4
[r4-ospf-1]dis th
[V200R003C00]
#
ospf 1 router-id 4.4.4.4
area 0.0.0.0
network 172.16.0.4 0.0.0.0
network 172.16.1.6 0.0.0.0
network 172.16.1.9 0.0.0.0
network 172.16.4.0 0.0.0.255
#
return
r5
[r5-ospf-1]dis th
[V200R003C00]
#
ospf 1 router-id 5.5.5.5
area 0.0.0.0
network 172.16.0.5 0.0.0.0
network 172.16.1.17 0.0.0.0
network 172.16.1.22 0.0.0.0
network 172.16.5.0 0.0.0.255
#
return
r6
[r6-ospf-1]dis th
[V200R003C00]
#
ospf 1 router-id 6.6.6.6
area 0.0.0.0
network 172.16.0.6 0.0.0.0
network 172.16.1.13 0.0.0.0
network 172.16.1.18 0.0.0.0
network 172.16.6.0 0.0.0.255
#
return
r7
[r7-ospf-1]dis th
[V200R003C00]
#
ospf 1 router-id 7.7.7.7
area 0.0.0.0
network 172.16.0.7 0.0.0.0
network 172.16.1.10 0.0.0.0
network 172.16.1.14 0.0.0.0
network 172.16.7.0 0.0.0.255
#
return
在r2上看ospf表查看建邻学到的IP:
3.BGP建邻
r1
[r1]bgp 1
[r1-bgp]pe
[r1-bgp]peer 12.1.1.2 as 2
r2
[r2-bgp]dis th
[V200R003C00]
#
bgp 64512
confederation id 2
confederation peer-as 64513
peer 12.1.1.1 as-number 1
peer 172.16.0.3 as-number 64512
peer 172.16.0.3 connect-interface LoopBack0
peer 172.16.1.22 as-number 64513
#
ipv4-family unicast
undo synchronization
peer 12.1.1.1 enable
peer 172.16.0.3 enable
peer 172.16.0.3 next-hop-local
peer 172.16.1.22 enable
peer 172.16.1.22 next-hop-local
#
r3
bgp 64512
confederation id 2
peer 172.16.0.2 as-number 64512
peer 172.16.0.2 connect-interface LoopBack0
peer 172.16.0.4 as-number 64512
peer 172.16.0.4 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 172.16.0.2 enable
peer 172.16.0.4 enable
peer 172.16.0.4 next-hop-local
r4
bgp 64512
confederation id 2
peer 172.16.0.3 as-number 64512
peer 172.16.0.3 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 172.16.0.3 enable
peer 172.16.0.3 next-hop-local
r5
bgp 64513
confederation id 2
confederation peer-as 64512
peer 172.16.0.6 as-number 64513
peer 172.16.0.6 connect-interface LoopBack0
peer 172.16.1.21 as-number 64512
#
ipv4-family unicast
undo synchronization
peer 172.16.0.6 enable
peer 172.16.0.6 next-hop-local
peer 172.16.1.21 enable
peer 172.16.1.21 next-hop-local
r6
bgp 64513
confederation id 2
peer 172.16.0.5 as-number 64513
peer 172.16.0.5 connect-interface LoopBack0
peer 172.16.0.7 as-number 64513
peer 172.16.0.7 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 172.16.0.5 enable
peer 172.16.0.5 next-hop-local
peer 172.16.0.7 enable
peer 172.16.0.7 next-hop-local
r7
bgp 64513
confederation id 2
peer 34.1.1.8 as-number 3
peer 172.16.0.6 as-number 64513
peer 172.16.0.6 connect-interface LoopBack0
peer 172.16.1.9 as-number 64512
#
ipv4-family unicast
undo synchronization
peer 34.1.1.8 enable
peer 172.16.0.6 enable
peer 172.16.0.6 next-hop-local
peer 172.16.1.9 enable
peer 172.16.1.9 next-hop-local
r8
bgp 3
peer 34.1.1.7 as-number 2
选择R2查看bgp邻居表
宣告r1和r8的环回进去看建邻是否成功
[r1]bgp 1
[r1-bgp]ne
[r1-bgp]network 172.16.0.1 32
[r8-bgp]ne 172.16.0.8 32
[r8-bgp]q
此时发现只有r1,r2,r3,r5,,r6接受到了r1的宣告
r6, r7, r8接受到r8的
此时这个问题是业务IBGP水平分割所造成的
想要解决需要在r3和r6上做路由反射,才能让他们都学到
r3
[r3]bgp 64512
[r3-bgp]pe
[r3-bgp]peer 172.16.0.2 re
[r3-bgp]peer 172.16.0.2 reflect-client
r6
[r6]bgp 64513
[r6-bgp]pe
[r6-bgp]peer 172.16.0.7 re
[r6-bgp]peer 172.16.0.7 reflect-client
查看是否反射到
用r1的环回pingr8的环回(可达)
我们宣告所有业务回环
[r3]bgp 64512
[r3-bgp]ne 172.16.3.1 24
[r4]bgp 64512
[r4-bgp]ne 172.16.4.1 24
[r5]bgp 64513
[r5-bgp]ne 172.16.5.1 24
[r6]bgp 64513
[r6-bgp]ne 172.16.6.1 24
[r7]bgp 64513
[r7-bgp]ne 172.16.7.1 24
此时bgp路由表
r1也可ping其他业务网段
3.AS1中存在两个环回地址,一个为192.168.1.0/24,该地址不能在任何协议中宣告;
AS3中存在两个环回,一个地址为192.168.2.0/24 该地址不在任何协议中宣告,最终要求这两个环回可以ping通;
不能宣告的情况下我们可以使用VPN的gre完成
[r1]int t0/0/0
[r1-Tunnel0/0/0]ip a 10.1.1.1 24
[r1-Tunnel0/0/0]t
[r1-Tunnel0/0/0]tun
[r1-Tunnel0/0/0]tunnel-protocol gre
[r1-Tunnel0/0/0]s
[r1-Tunnel0/0/0]sou
[r1-Tunnel0/0/0]source 172.16.0.1
[r1-Tunnel0/0/0]de
[r1-Tunnel0/0/0]description 172.16.0.8
[r8]int t0/0/0
[r8-Tunnel0/0/0]ip a 10.1.1.2 24
[r8-Tunnel0/0/0]tun
[r8-Tunnel0/0/0]tunnel-protocol gre
[r8-Tunnel0/0/0]sou
[r8-Tunnel0/0/0]source 172.16.0.8
[r8-Tunnel0/0/0]de
[r8-Tunnel0/0/0]description172.16.0.1
^
Error: Unrecognized command found at '^' position.
[r8-Tunnel0/0/0]description 172.16.0.1
[r8-Tunnel0/0/0]q
[r8]ip rou
[r8]ip route-static 192.168.1.0 24 10.1.1.1