1,AS1存在两个环回,一个地址为192.168.1.0/24 该地址不嫩在任何协议中宣告
AS3中存在两个环回,一个地址为192.168.2.0/24该地址不能再任何协议中宣告,最终要求这两个环回可用互相通讯
AS1中的另一个环回为10.0.0.0 24,AS3中的另一个环回为11.0.0.0/24
2,整个AS2的IP地址为172.16.0.0/16,请合理划分
3,AS间的骨干链路IP地址随意指定
4,使用BGP协议让整个网络所有设备的环回可以互相访问
5,减少路由条目数量,避免环路出现
配置路由
R1
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.0.0.1/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
LoopBack0 10.0.0.1/24 up up(s)
LoopBack1 192.168.1.1/24 up up(s)
NULL0 unassigned up up(s)
R2
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.0.1/30 up up
GigabitEthernet0/0/1 12.0.0.2/24 up up
GigabitEthernet0/0/2 172.16.0.22/30 up up
LoopBack0 172.16.2.1/24 up up(s)
NULL0 unassigned up up(s)
R3
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.0.5/30 up up
GigabitEthernet0/0/1 172.16.0.2/30 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.3.1/24 up up(s)
NULL0 unassigned up up(s)
R4
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.0.9/30 up up
GigabitEthernet0/0/1 172.16.0.6/30 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.4.1/24 up up(s)
NULL0 unassigned up up(s)
R5
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.0.21/30 up up
GigabitEthernet0/0/1 172.16.0.18/30 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.5.1/24 up up(s)
NULL0 unassigned up up(s)
R6
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.0.17/30 up up
GigabitEthernet0/0/1 172.16.0.14/30 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.6.1/24 up up(s)
NULL0 unassigned up up(s)
R7
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.0.13/30 up up
GigabitEthernet0/0/1 78.0.0.1/24 up up
GigabitEthernet0/0/2 172.16.0.10/30 up up
LoopBack0 172.16.7.1/24 up up(s)
NULL0 unassigned up up(s)
R8
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 78.0.0.2/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
LoopBack0 11.0.0.1/24 up up(s)
LoopBack1 192.168.2.1/24 up up(s)
NULL0 unassigned up up(s)
再内部网络(R2-R7)中运行IGP协议--ospf
R2
[r2]ospf 1 ro
[r2]ospf 1 router-id 2.2.2.2
[r2-ospf-1]area 0
[r2-ospf-1-area-0.0.0.0]net
[r2-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r2]dis ospf p b
OSPF Process 1 with Router ID 2.2.2.2
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 3.3.3.3 Full
0.0.0.0 GigabitEthernet0/0/2 5.5.5.5 Full
----------------------------------------------------------------------------
R3
[r3-LoopBack0]q
[r3]ospf 1 ro
[r3]ospf 1 router-id 3.3.3.3
[r3-ospf-1]net
[r3-ospf-1]area 0
[r3-ospf-1-area-0.0.0.0]net
[r3-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r3]dis ospf p b
OSPF Process 1 with Router ID 3.3.3.3
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 4.4.4.4 Full
0.0.0.0 GigabitEthernet0/0/1 2.2.2.2 Full
----------------------------------------------------------------------------
[r3]
R4
[r4-ospf-1-area-0.0.0.0]dis this
[V200R003C00]
#
area 0.0.0.0
network 172.16.0.0 0.0.255.255
#
return
[r4-ospf-1-area-0.0.0.0]dis ospf p b
OSPF Process 1 with Router ID 4.4.4.4
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 7.7.7.7 Full
0.0.0.0 GigabitEthernet0/0/1 3.3.3.3 Full
----------------------------------------------------------------------------
R5
[r5]ospf 1 ro
[r5]ospf 1 router-id 5.5.5.5
[r5-ospf-1]AREA 0
[r5-ospf-1-area-0.0.0.0]net
[r5-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r5-ospf-1-area-0.0.0.0]dis ospf p b
OSPF Process 1 with Router ID 5.5.5.5
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 2.2.2.2 Full
0.0.0.0 GigabitEthernet0/0/1 6.6.6.6 Full
----------------------------------------------------------------------------
R6
[r6]ospf 1 ro
[r6]ospf 1 router-id 6.6.6.6
[r6-ospf-1]area 0
[r6-ospf-1-area-0.0.0.0]net
[r6-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r6-ospf-1-area-0.0.0.0]dis ospf p b
OSPF Process 1 with Router ID 6.6.6.6
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 5.5.5.5 Full
0.0.0.0 GigabitEthernet0/0/1 7.7.7.7 Full
----------------------------------------------------------------------------
R7
[r7]ospf 1 ro
[r7]ospf 1 router-id 7.7.7.7
[r7-ospf-1]area 0
[r7-ospf-1-area-0.0.0.0]net
[r7-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r7-ospf-1-area-0.0.0.0]dis ospf p b
OSPF Process 1 with Router ID 7.7.7.7
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 6.6.6.6 Full
0.0.0.0 GigabitEthernet0/0/2 4.4.4.4 Full
----------------------------------------------------------------------------
进行BGP配置,并进行建邻操作
R1
[r1-bgp]ro
[r1-bgp]router-id 1.1.1.1
[r1-bgp]peer 12.0.0.2 as
[r1-bgp]peer 12.0.0.2 as-number 2
[r1-bgp]dis this
[V200R003C00]
#
bgp 1
router-id 1.1.1.1
peer 12.0.0.2 as-number 2
#
ipv4-family unicast
undo synchronization
peer 12.0.0.2 enable
#
return
[r1-bgp]
R2
[r2-bgp]ro
[r2-bgp]router-id 2.2.2.2
[r2-bgp]con
[r2-bgp]confederation id 2
[r2-bgp]peer 12.0.0.1 as
[r2-bgp]peer 12.0.0.1 as-number 1
[r2-bgp]peer 172.16.3.1 as
[r2-bgp]peer 172.16.3.1 as-path-filter
[r2-bgp]peer 172.16.3.1 as-number 64512
[r2-bgp]peer 172.16.3.1 connect-interface lo
[r2-bgp]peer 172.16.3.1 connect-interface LoopBack 0
[r2-bgp]dis this
[V200R003C00]
#
bgp 64512
router-id 2.2.2.2
confederation id 2
peer 12.0.0.1 as-number 1
peer 172.16.3.1 as-number 64512
peer 172.16.3.1 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 12.0.0.1 enable
peer 172.16.3.1 enable
#
return
R3
[r3-bgp]con
[r3-bgp]confederation id 2
[r3-bgp]ro
[r3-bgp]router-id 3.3.3.3
[r3-bgp]peer 172.16.2.1 as-nu
[r3-bgp]peer 172.16.2.1 as-number 64512
[r3-bgp]peer 172.16.2.1 con
[r3-bgp]peer 172.16.2.1 connect-interface lo 0
[r3-bgp]peer 172.16.4.1 as-
[r3-bgp]peer 172.16.4.1 as-number 64512
[r3-bgp]peer 172.16.4.1 co
[r3-bgp]peer 172.16.4.1 connect-interface lo 0
[r3-bgp]dis this
[V200R003C00]
#
bgp 64512
router-id 3.3.3.3
confederation id 2
peer 172.16.2.1 as-number 64512
peer 172.16.2.1 connect-interface LoopBack0
peer 172.16.4.1 as-number 64512
peer 172.16.4.1 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 172.16.2.1 enable
peer 172.16.4.1 enable
#
return
R4
[r4-bgp]con
[r4-bgp]confederation id 2
[r4-bgp]ro
[r4-bgp]router-id 4.4.4.4
[r4-bgp]peer 172.16.3.1 as
[r4-bgp]peer 172.16.3.1 as-number 64512
[r4-bgp]peer 172.16.3.1 con
[r4-bgp]peer 172.16.3.1 connect-interface lo 0
[r4-bgp]dis this
[V200R003C00]
#
bgp 64512
router-id 4.4.4.4
confederation id 2
peer 172.16.3.1 as-number 64512
peer 172.16.3.1 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 172.16.3.1 enable
#
return
R5
[r5-bgp]con
[r5-bgp]confederation id 2
[r5-bgp]ro
[r5-bgp]router-id 5.5.5.5
[r5-bgp]peer 172.16.6.1 as
[r5-bgp]peer 172.16.6.1 as-number 64513
[r5-bgp]peer 172.16.6.1 con
[r5-bgp]peer 172.16.6.1 connect-interface lo 0
[r5-bgp]dis this
[V200R003C00]
#
bgp 64513
router-id 5.5.5.5
confederation id 2
peer 172.16.6.1 as-number 64513
peer 172.16.6.1 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 172.16.6.1 enable
#
return
R6
[r6-bgp]con
[r6-bgp]confederation id 2
[r6-bgp]ro
[r6-bgp]router-id 6.6.6.6
[r6-bgp]peer 172.16.5.1 as
[r6-bgp]peer 172.16.5.1 as-number 64513
[r6-bgp]peer 172.16.5.1 co
[r6-bgp]peer 172.16.5.1 connect-interface lo 0
[r6-bgp]peer 172.16.7.1 as
[r6-bgp]peer 172.16.7.1 as-number 64513
[r6-bgp]peer 172.16.7.1 con
[r6-bgp]peer 172.16.7.1 connect-interface lo 0
[r6-bgp]dis this
[V200R003C00]
#
bgp 64513
router-id 6.6.6.6
confederation id 2
peer 172.16.5.1 as-number 64513
peer 172.16.5.1 connect-interface LoopBack0
peer 172.16.7.1 as-number 64513
peer 172.16.7.1 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 172.16.5.1 enable
peer 172.16.7.1 enable
#
return
R7
[r7-bgp]con
[r7-bgp]confederation id 2
[r7-bgp]ro
[r7-bgp]router-id 7.7.7.7
[r7-bgp]peer 78.0.0.2 as
[r7-bgp]peer 78.0.0.2 as-number 3
[r7-bgp]peer 172.16.6.1 as
[r7-bgp]peer 172.16.6.1 as-path-filter
[r7-bgp]peer 172.16.6.1 co
[r7-bgp]peer 172.16.6.1 connect-interface lo 0
Error: The peer session does not exist.
[r7-bgp]peer 172.16.6.1 connect-interface lo
[r7-bgp]peer 172.16.6.1 connect-interface LoopBack 0
Error: The peer session does not exist.
[r7-bgp]dis this
[V200R003C00]
#
bgp 64513
router-id 7.7.7.7
confederation id 2
peer 78.0.0.2 as-number 3
#
ipv4-family unicast
undo synchronization
peer 78.0.0.2 enable
#
return
[r7-bgp]peer 172.16.6.1 as
[r7-bgp]peer 172.16.6.1 as-number 64513
[r7-bgp]peer 172.16.6.1 co
[r7-bgp]peer 172.16.6.1 connect-interface lo 0
[r7-bgp]dis this
[V200R003C00]
#
bgp 64513
router-id 7.7.7.7
confederation id 2
peer 78.0.0.2 as-number 3
peer 172.16.6.1 as-number 64513
peer 172.16.6.1 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 78.0.0.2 enable
peer 172.16.6.1 enable
#
return
R8
[r8-bgp]ro
[r8-bgp]route-select
[r8-bgp]router-id 8.8.8.8
[r8-bgp]peer 78.0.0.1 as
[r8-bgp]peer 78.0.0.1 as-number 2
[r8-bgp]dis this
[V200R003C00]
#
bgp 3
router-id 8.8.8.8
peer 78.0.0.1 as-number 2
#
ipv4-family unicast
undo synchronization
peer 78.0.0.1 enable
#
return
再AS2内部进行AS联邦配置
[r2-bgp]confederation peer-as 64513
[r2-bgp]peer 172.16.5.1 as-number 64513
[r2-bgp]peer 172.16.5.1 connect-interface lo 0
[r2-bgp]peer 172.16.5.1 ebgp-max-hop
[r4-bgp]confederation peer-as 64513
[r4-bgp]peer 172.16.7.1 as-number 64513
[r4-bgp]peer 172.16.7.1 connect-interface LoopBack 0
[r4-bgp]peer 172.16.7.1 ebgp-max-hop
[r5-bgp]confederation peer-as 64512
[r5-bgp]peer 172.16.2.1 as-number 64512
[r5-bgp]peer 172.16.2.1 connect-interface lo 0
[r5-bgp]peer 172.16.2.1 ebgp-max-hop
[r7-bgp]confederation peer-as 64512
[r7-bgp]peer 172.16.4.1 as-number 64512
[r7-bgp]peer 172.16.4.1 connect-interface LoopBack 0
[r7-bgp]peer 172.16.4.1 ebgp-max-hop
查看建邻是否成功
[r2-bgp]dis bgp peer
BGP local router ID : 2.2.2.2
Local AS number : 64512
Total number of peers : 3 Peers in established state : 3
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv
12.0.0.1 4 1 27 27 0 00:25:39 Established
0
172.16.3.1 4 64512 25 26 0 00:23:42 Established
0
172.16.5.1 4 64513 6 10 0 00:05:00 Established
0
[r2-bgp]
[r7-bgp]dis bgp peer
BGP local router ID : 7.7.7.7
Local AS number : 64513
Total number of peers : 3 Peers in established state : 3
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv
78.0.0.2 4 3 18 19 0 00:16:39 Established
0
172.16.4.1 4 64512 5 5 0 00:03:19 Established
0
172.16.6.1 4 64513 19 19 0 00:17:12 Established
0
[r7-bgp]宣告10.0.0.0/24和11.0.0.0/24网段,以及修改在R2和R7上传输给AS 2内部的对等体的下一跳属性,并指定为自己与对等体的连接地址
[r1-bgp]network 10.0.0.0 24
[r8-bgp]network 11.0.0.0 24
[r2-bgp]peer 172.16.3.1 next-hop-local
[r2-bgp]peer 172.16.5.1 next-hop-local
[r7-bgp]peer 172.16.4.1 next-hop-local
[r7-bgp]peer 172.16.6.1 next-hop-local指定R3和R6为路由反射器,并将R2和R7分别定为R3和R6的客户
[r3-bgp]peer 172.16.2.1 reflect-client
[r6-bgp]peer 172.16.7.1 reflect-client
[r4-bgp]dis bgp routing-table
BGP Local router ID is 4.4.4.4
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 3
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 10.0.0.0/24 172.16.2.1 0 100 0 1i
*>i 11.0.0.0/24 172.16.7.1 0 100 0 (64513) 3i
* i 172.16.7.1 0 100 0 (64513) 3i
[r4-bgp]
[r5-bgp]dis bgp routing-table
BGP Local router ID is 5.5.5.5
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 10.0.0.0/24 172.16.2.1 0 100 0 (64512) 1i
*>i 11.0.0.0/24 172.16.7.1 0 100 0 3i
[r5-bgp]对AS 2区域内的路由进行聚合,并配置空接口
[r2]ip route-static 172.16.0.0 16 nu 0
[r7]ip route-static 172.16.0.0 16 NULL 0
[r7-bgp]network 172.16.0.0 16
[r2-bgp]network 172.16.0.0 16再R2和R7上宣告其他AS区域的网段,使得全网可达
[r2-bgp]network 12.0.0.0 24
[r7-bgp]network 78.0.0.0 24
[r1-bgp]dis ip ro protocol bgp
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : BGP
Destinations : 3 Routes : 3
BGP routing table status : <Active>
Destinations : 3 Routes : 3
Destination/Mask Proto Pre Cost Flags NextHop Interface
11.0.0.0/24 EBGP 255 0 D 12.0.0.2 GigabitEthernet
0/0/0
78.0.0.0/24 EBGP 255 0 D 12.0.0.2 GigabitEthernet
0/0/0
172.16.0.0/16 EBGP 255 0 D 12.0.0.2 GigabitEthernet
0/0/0
BGP routing table status : <Inactive>
Destinations : 0 Routes : 0
[r1-bgp]
[r8-bgp]dis ip ro p bgp
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : BGP
Destinations : 3 Routes : 3
BGP routing table status : <Active>
Destinations : 3 Routes : 3
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.0.0/24 EBGP 255 0 D 78.0.0.1 GigabitEthernet
0/0/0
12.0.0.0/24 EBGP 255 0 D 78.0.0.1 GigabitEthernet
0/0/0
172.16.0.0/16 EBGP 255 0 D 78.0.0.1 GigabitEthernet
0/0/0
BGP routing table status : <Inactive>
Destinations : 0 Routes : 0
[r8-bgp]为R1和R2的环回L1建立隧道,使得不宣告路由也可达
R1:[r1-Tunnel0/0/0]dis this
[V200R003C00]
#
interface Tunnel0/0/0
ip address 18.0.0.1 255.255.255.0
tunnel-protocol gre
source 10.0.0.1
destination 11.0.0.1
#
return
R8:
[r8-Tunnel0/0/0]dis this
[V200R003C00]
#
interface Tunnel0/0/0
ip address 18.0.0.2 255.255.255.0
tunnel-protocol gre
source 11.0.0.1
destination 10.0.0.1
#
return
[r1-Tunnel0/0/0]ping -a 18.0.0.1 18.0.0.2
PING 18.0.0.2: 56 data bytes, press CTRL_C to break
Reply from 18.0.0.2: bytes=56 Sequence=1 ttl=255 time=90 ms
Reply from 18.0.0.2: bytes=56 Sequence=2 ttl=255 time=40 ms
Reply from 18.0.0.2: bytes=56 Sequence=3 ttl=255 time=50 ms
Reply from 18.0.0.2: bytes=56 Sequence=4 ttl=255 time=40 ms
Reply from 18.0.0.2: bytes=56 Sequence=5 ttl=255 time=60 ms
--- 18.0.0.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 40/56/90 ms
R1:
[r1]ip route-static 192.168.2.0 24 18.0.0.2----在R1上配置静态指向隧道对端的入口地址
R8:
[r8]ip route-static 192.168.1.0 24 18.0.0.1----在R8上配置静态指向隧道对端的入口地址
[r1]ping -a 192.168.1.1 192.168.2.1
PING 192.168.2.1: 56 data bytes, press CTRL_C to break
Reply from 192.168.2.1: bytes=56 Sequence=1 ttl=255 time=70 ms
Reply from 192.168.2.1: bytes=56 Sequence=2 ttl=255 time=50 ms
Reply from 192.168.2.1: bytes=56 Sequence=3 ttl=255 time=50 ms
Reply from 192.168.2.1: bytes=56 Sequence=4 ttl=255 time=50 ms
Reply from 192.168.2.1: bytes=56 Sequence=5 ttl=255 time=60 ms
--- 192.168.2.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 50/56/70 ms
