HCIP课程总结(十一)
BGP实验之聚合实验
要求:
1、建立拓扑,分配ip地址
2、配置ip地址(略)
3、于AS2内开启OSPF
其他略;
查表:
4、建立IBGP,联邦
注:confederation peer-as 64513 ——告知本地直连的其他小AS号,若没有直连到其他小AS则不用配置
联邦64512:
AR2:
bgp 64512
router-id 172.16.0.1
confederation id 2
confederation peer-as 64513
peer 172.16.16.1 as-number 64512
peer 172.16.16.1 connect-interface LoopBack0
peer 172.16.48.1 as-number 64513
peer 172.16.48.1 ebgp-max-hop 2
peer 172.16.48.1 connect-interface LoopBack0
AR3:
bgp 64512
router-id 172.16.16.1
confederation id 2
peer 172.16.0.1 as-number 64512
peer 172.16.0.1 connect-interface LoopBack0
peer 172.16.32.1 as-number 64512
peer 172.16.32.1 connect-interface LoopBack0
AR4:
bgp 64512
router-id 172.16.32.1
confederation id 2
confederation peer-as 64513
peer 172.16.16.1 as-number 64512
peer 172.16.16.1 connect-interface LoopBack0
peer 172.16.80.1 as-number 64513
peer 172.16.80.1 ebgp-max-hop 2
peer 172.16.80.1 connect-interface LoopBack0
联邦64513:
AR5:
bgp 64513
router-id 172.16.48.1
confederation id 2
confederation peer-as 64512
peer 172.16.0.1 as-number 64512
peer 172.16.0.1 ebgp-max-hop 2
peer 172.16.0.1 connect-interface LoopBack0
peer 172.16.64.1 as-number 64513
peer 172.16.64.1 connect-interface LoopBack0
AR6:
bgp 64513
confederation id 2
peer 172.16.48.1 as-number 64513
peer 172.16.48.1 connect-interface LoopBack0
peer 172.16.80.1 as-number 64513
peer 172.16.80.1 connect-interface LoopBack0
AR7:
bgp 64513
confederation id 2
confederation peer-as 64512
peer 172.16.32.1 as-number 64512
peer 172.16.32.1 ebgp-max-hop 2
peer 172.16.32.1 connect-interface LoopBack0
peer 172.16.64.1 as-number 64513
peer 172.16.64.1 connect-interface LoopBack0
查表AR2:
5、建立EBGP
AR1:
bgp 1
router-id 10.1.1.1
peer 12.1.1.2 as-number 2
AR2:
bgp 64512
peer 12.1.1.1 as-number 1
AR7:
[r7]bgp 64513
[r7-bgp]peer 10.1.2.1 as-number 3
[r7-bgp]peer 10.1.2.1 ebgp-max-hop 2
[r7-bgp]peer 10.1.2.1 connect-interface LoopBack0
AR8:
[r8]bgp 3
[r8-bgp]router-id 10.1.2.1
[r8-bgp]peer 172.16.80.1 as-number 2
[r8-bgp]peer 172.16.80.1 connect-interface LoopBack 0
[r8-bgp]peer 172.16.80.1 ebgp-max-hop 255
查表:
6、宣告环回——若要汇总AS2内环回,先汇总再宣告
AR1:
[r1-bgp]network 10.1.1.0 255.255.255.0
[r1]ip route-static 10.1.1.0 255.255.255.0 NULL 0
查表:
查表AR3:
可知不优,于AR2上修改下一跳即可;
[r2-bgp]peer 172.16.16.1 next-hop-local
对于AR5同样如此:
[r2-bgp]peer 172.16.48.1 next-hop-local
查表AR4:
由图可知AR4由于水平分割不优,可以于AR3上配置RR反射器,将AR4指定为客户端;
[r3-bgp]peer 172.16.32.1 reflect-client
查表AR5:
查表AR6:
查表AR7:
查表AR8:
AR8:
[r8-bgp]network 10.1.2.0 24
[r8]ip route-static 10.1.2.0 255.255.255.0 NULL 0
查表AR7:
再次查表:
修改静态路由即可;
[r7]undo ip route-static 10.1.2.1 24 78.1.1.2
[r7]ip route-static 10.1.2.1 32 78.1.1.2
查表AR6:
于AR7上修改下一跳即可:
[r7]bgp 64513
[r7-bgp]peer 172.16.64.1 next-hop-local
查表AR6:
查表AR5:
同理,于AR6上配置RR反射器,将AR5设置为客户端;
[r6]bgp 64513
[r6-bgp]peer 172.16.48.1 reflect-client
查表AR5:
修改成功;
查表AR4:
查表AR3:
查表AR2:
查表AR1:
接下来将AS2中环回全部宣告
查表AR6:
查表AR1:
测试:
7、AR1和AR8上另外的环回要能互通
这里使用GRP VPN(将各已经宣告的环回联系起来——source 10.1.1.1和source 10.1.2.1):
AR1:
[r1]interface Tunnel 0/0/0
[r1-Tunnel0/0/0]ip address 11.1.1.129 255.255.255.128
[r1-Tunnel0/0/0]tunnel-protocol gre
[r1-Tunnel0/0/0]source 10.1.1.1
[r1-Tunnel0/0/0]destination 10.1.2.1
[r1-Tunnel0/0/0]ospf network-type broadcast
[r1]ip route-static 0.0.0.0 0 Tunnel 0/0/0
AR8:
[r8]interface Tunnel 0/0/0
[r8-Tunnel0/0/0]ip address 11.1.2.129 255.255.255.128
[r8-Tunnel0/0/0]tunnel-protocol gre
[r8-Tunnel0/0/0]source 10.1.2.1
[r8-Tunnel0/0/0]destination 10.1.1.1
[r8-Tunnel0/0/0]ospf network-type broadcast
[r8]ip route-static 0.0.0.0 0 Tunnel 0/0/0
测试:
实验完成