实验要求

IP地址分配

给所有路由器按要求配置IP地址，AS之间使用AR编号连接作为IP，例如34.0.0.0/30。

在AS123中启动OSPF

 

 

 启动BGP，并将24网段的路由宣告

R4
[r4]bgp 400
[r4-bgp]peer 24.0.0.2 as-number 123
[r4-bgp]peer 34.0.0.2 as-number 123
[r4-bgp]network 192.168.1.0 24
[r4-bgp]network 192.168.2.0 24
[r4-bgp]network 192.168.3.0 24

R2
[r2]bgp 123
[r2-bgp]peer 24.0.0.1 as-number 400
[r2-bgp]peer 1.1.1.1 as-number 123
[r2-bgp]peer 1.1.1.1 connect-interface LoopBack 0
[r2-bgp]peer 1.1.1.1 next-hop-local
[r2-bgp]network 192.168.20.0 24

R3
[r3]bgp 123	
[r3-bgp]peer 34.0.0.1 as-number 400
[r3-bgp]peer 1.1.1.1 as-number 123	
[r3-bgp]peer 1.1.1.1 connect-interface LoopBack 0
[r3-bgp]peer 1.1.1.1 next-hop-local
[r3-bgp]network 192.168.30.0 24

R1
[r1]bgp 123
[r1-bgp]peer 15.0.0.2 as-number 500
[r1-bgp]peer 2.2.2.2 as-number 123
[r1-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[r1-bgp]peer 2.2.2.2 next-hop-local
[r1-bgp]peer 3.3.3.3 as-number 123
[r1-bgp]peer 3.3.3.3 connect-interface LoopBack 0
[r1-bgp]peer 3.3.3.3 next-hop-local
[r1-bgp]network 192.168.100.0 24

R5
[r5]bgp 500	
[r5-bgp]peer 15.0.0.1 as-number 123
[r5-bgp]network 192.168.10.0 24
[r5-bgp]network 192.168.11.0 24
[r5-bgp]network 192.168.12.0 24

查看BGP路由表

 

按照要求干涉BGP选择路由

1、使用PreVal策略，确保R4通过R2到达192.168.10.0/24

1、抓流量
[r4]ip ip-prefix pv permit 192.168.10.0 24
2、做策略
[r4]route-policy pv permit node 10
[r4-route-policy]if-match ip-prefix pv
[r4-route-policy]apply preferred-value 100
[r4]route-policy pv permit node 20
3、调用
[r4]bgp 400
[r4-bgp]peer 24.0.0.2 route-policy pv import 

 验证

 2、使用AS_ Path策略，确保R4通过R3到达192.168.11.0/24

1、抓流量
[r4]ip ip-prefix as_path permit 192.168.11.0 24
2、做策略
[r4]route-policy as_path permit node 10
[r4-route-policy]if-match ip-prefix as_path
[r4-route-policy]apply as-path 123 additive
3、调用
[r4-bgp]peer 34.0.0.2 route-policy as_path import 

3、配置MED策略，确保R4通过R3到达192.168.12.0/24

1、抓流量
[r4]ip ip-prefix med permit 192.168.12.0 24
2、做策略
[r4]route-policy med permit node 10
[r4-route-policy]if-match ip-prefix med
[r4-route-policy]apply cost 10
[r4]route-policy med permit node 20
3、调用
[r4-bgp]peer 24.0.0.2 route-policy med import

4、使用Local Preference策略，确保R1通过R2到达192.168.1.0/24 

1、抓流量
[r1]ip ip-prefix lp1 permit 192.168.1.0 24
2、做策略
[r1]route-policy lp permit node 10
[r1-route-policy]if-match ip-prefix lp1
[r1-route-policy]apply local-preference 200
[r1]route-policy lp permit node 20
3、调用
[r1-bgp]peer 2.2.2.2 route-policy lp import

5、使用Local Preference策略，确保R1通过R3到达192.168.2.0/24

1、抓流量
[r1]ip ip-prefix lp2 permit 192.168.2.0 24
2、做策略
[r1]route-policy lp2 permit node 10
[r1-route-policy]if-match ip-prefix lp2
[r1-route-policy]apply local-preference 200
[r1]route-policy lp2 permit node 20
3、调用
[r1-bgp]peer 3.3.3.3 route-policy lp2 import

6、配置负载均衡，确保R1通过R2和R3到达192.168.3.0/24

[r1-bgp]maximum load-balancing 2

7、使用AS策略，AS 500不接受任何始发于AS 123的路由

1、抓取流量，并过滤
[r5]ip as-path-filter 1 deny _123$
[r5]ip as-path-filter 1 permit .*
2、调用
[r5-bgp]peer 15.0.0.1 as-path-filter 1 import 

8、使用自定义Community策略，确保192.168.3.0/24路由不会被发布到AS 500

R4上给路由打社团属性，并且开启传递社团属性
[r4]route-policy com permit node 10
[r4-route-policy]apply community 400:3
[r4-bgp]network 192.168.3.0 24 route-policy com
[r4-bgp]peer 24.0.0.2 advertise-community
[r4-bgp]peer 34.0.0.2 advertise-community

R2 R3 R1开启传递社团属性
[r2-bgp]peer 1.1.1.1 advertise-community
[r3-bgp]peer 1.1.1.1 advertise-community
[r1-bgp]peer 15.0.0.2 advertise-community

R5
1、抓流量
[r5]ip community-filter 1 permit 400:3
2、做策略
[r5]route-policy comm deny node 10
[r5-route-policy]if-match community-filter 1
[r5]route-policy comm permit node 20
3、调用
[r5-bgp]peer 15.0.0.1 route-policy comm import