BGP实验

稚 发布于 2024-08-26 37 次阅读


实验一

BGP基础实验

AR1

<Huawei>sys 
[Huawei]sysn AR1
[AR1]int g0/0/0
[AR1-GigabitEthernet0/0/0]ip add 10.0.12.1 24 
[AR1-GigabitEthernet0/0/0]int loo0
[AR1-LoopBack0]ip add 1.1.1.1 32
[AR1]bgp 100
[AR1-bgp]peer 10.0.12.2 as-number 200
[AR1-bgp]dis bgp peer

 BGP local router ID : 10.0.12.1
 Local AS number : 100
 Total number of peers : 1        Peers in established state : 1

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State Pre
fRcv

  10.0.12.2       4         200        2        3     0 00:00:07 Established
[AR1-bgp]network 1.1.1.1 32

AR2

<Huawei>sys
[Huawei]sysn AR2
[AR2]int g0/0/0
[AR2-GigabitEthernet0/0/0]ip add 10.0.12.2 24
[AR2-GigabitEthernet0/0/0]int loo0
[AR2-LoopBack0]ip add 2.2.2.2 32
[AR2]int loo1
[AR2-LoopBack1]ip add 20.20.20.20 32
[AR2-LoopBack0]int g0/0/1
[AR2-GigabitEthernet0/0/1]ip add 10.0.23.2 24
[AR2-GigabitEthernet0/0/1]q
[AR2]bgp 200
[AR2-bgp]peer 10.0.12.1 as-number 100
[AR2]ospf 
[AR2-ospf-1]area 0
[AR2-ospf-1-area-0.0.0.0]network 10.0.23.0 0.0.0.255    
[AR2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[AR2]bgp 200
[AR2-bgp]peer 4.4.4.4 as-number 200
[AR2-bgp]peer 4.4.4.4 connect-interface loo0
[AR2-bgp]aggregate 10.1.0.0 22 detail-suppressed 

AR3

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysn AR3
[AR3]int g0/0/1
[AR3-GigabitEthernet0/0/1]ip add 10.0.23.3 24
Mar 18 2024 16:57:42-08:00 AR3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
 on the interface GigabitEthernet0/0/1 has entered the UP state. 
[AR3-GigabitEthernet0/0/1]int loo0
[AR3-LoopBack0]ip add 3.3.3.3 32
[AR3-LoopBack0]int g0/0/0
[AR3-GigabitEthernet0/0/0]ip add 10.0.34.3 24 
Mar 18 2024 16:58:14-08:00 AR3 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
[AR3-GigabitEthernet0/0/0]q
[AR3]ospf
[AR3-ospf-1]are 
[AR3-ospf-1]area 0
[AR3-ospf-1-area-0.0.0.0]net 10.0.23.0 0.0.0.255
[AR3-ospf-1-area-0.0.0.0]net 3.3.3.3 0.0.0.0
[AR3-ospf-1-area-0.0.0.0]net 10.0.34.0 0.0.0.255
[AR3]bgp 200
[AR3-bgp]peer 4.4.4.4 as-n 200
[AR3-bgp]peer 4.4.4.4 connect-interface loo0

AR4

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysn Ar4
[Ar4]sysn AR4
[AR4]int g0/0/0 
[AR4-GigabitEthernet0/0/0]ip add 10.0.34.4 24
Mar 18 2024 16:59:07-08:00 AR4 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
 on the interface GigabitEthernet0/0/0 has entered the UP state. 
[AR4-GigabitEthernet0/0/0]int loo0
[AR4-LoopBack0]ip add 4.4.4.4 32 
[AR4-LoopBack0]int g0/0/1
[AR4-GigabitEthernet0/0/1]ip add 10.0.45.4 24
Mar 18 2024 16:59:36-08:00 AR4 %%01IFNET/4/LINK_STATE(l)[1]:The line protocol IP
 on the interface GigabitEthernet0/0/1 has entered the UP state. 
[AR4-GigabitEthernet0/0/1]int g0/0/2
[AR4-GigabitEthernet0/0/2]ip add 10.0.46.4 24
Mar 18 2024 16:59:52-08:00 AR4 %%01IFNET/4/LINK_STATE(l)[2]:The line protocol IP
 on the interface GigabitEthernet0/0/2 has entered the UP state.
[AR4]ospf
[AR4-ospf-1]area 0
[AR4-ospf-1-area-0.0.0.0]net 10.0.34.0 0.0.0.255
[AR4-ospf-1-area-0.0.0.0]net 4.4.4.4 0.0.0.0
[AR4-ospf-1]q
[AR4]bgp 200
[AR4-bgp]peer 2.2.2.2 as-n 200
[AR4-bgp]peer 2.2.2.2 connect-interface loo0
[AR4-bgp]peer 10.0.45.5 as-n 300
[AR4-bgp]peer 10.0.46.6 as-n 400
[AR4-bgp]peer 3.3.3.3 as-n 200
[AR4-bgp]peer 3.3.3.3 connect-interface loo0
[AR4]ip route-static 6.6.6.6 32 10.0.46.6 
[AR4-bgp]peer 6.6.6.6 as-n 400
[AR4-bgp]peer 6.6.6.6 connect-interface loo0
[AR4-bgp]peer 6.6.6.6 ebgp-max-hop 4

AR5

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysn AR5
[AR5]int g0/0/1
[AR5-GigabitEthernet0/0/1]ip add 10.0.45.5 24
Mar 18 2024 17:00:54-08:00 Huawei %%01IFNET/4/LINK_STATE(l)[0]:The line protocol
 IP on the interface GigabitEthernet0/0/1 has entered the UP state. 
[AR5-GigabitEthernet0/0/1]int loo0
[AR5-LoopBack0]ip add 5.5.5.5 32
[AR5]int loo1
[AR5-LoopBack1]ip add 50.50.50.50 32
[AR5]bgp 300
[AR5-bgp]peer  10.0.45.4 as-n 200
[AR5-bgp]network 50.50.50.50 32

AR6

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sysn AR6
[AR6]int g0/0/2
[AR6-GigabitEthernet0/0/2]ip add 10.0.46.6 24
Mar 18 2024 17:02:16-08:00 AR6 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
 on the interface GigabitEthernet0/0/2 has entered the UP state. 
[AR6-GigabitEthernet0/0/2]int loo0
[AR6-LoopBack0]ip add 6.6.6.6 32
[AR6]bgp 400
[AR6-bgp]peer 10.0.46.4 as-n 200

[AR6]ip route-static 4.4.4.4 32 10.0.46.6
[AR6-bgp]peer 4.4.4.4 as-n 200
[AR6-bgp]peer 4.4.4.4 connect-interface loo0
[AR6-bgp]peer 4.4.4.4 ebgp-max-hop 4

实验二

AR1

acl number 2000  
 rule 5 permit source 172.16.1.0 0.0.0.255 
acl number 2001  
 rule 5 permit source 172.16.2.0 0.0.0.255 
acl number 2002  
 rule 5 permit source 172.16.3.0 0.0.0.255 
ospf 1 router-id 10.0.1.1 
 import-route direct route-policy aa
 area 0.0.0.0 
  network 10.0.1.1 0.0.0.0 
  network 10.0.12.0 0.0.0.255 
route-policy aa permit node 10 
 if-match acl 2000 
 apply tag 10 
#
route-policy aa permit node 20 
 if-match acl 2001 
 apply tag 20 
#
route-policy aa deny node 30 
 if-match acl 2002 
#
route-policy aa permit node 40 

AR3

isis 1
 is-level level-1
 network-entity 49.0001.0000.0000.0003.00
 import-route ospf 1 level-1 route-policy bb  要指明引入leave-1
 route-policy bb deny node 10 
 if-match tag 20
#
route-policy bb permit node 20 

此时我们还是不可以通信因为在AR1中没有AR4的路由此时我们可以做双向引入

image

AR3
isis 1
 is-level level-1
 network-entity 49.0001.0000.0000.0003.00
 import-route ospf 1 level-1 route-policy bb 
ospf 1 router-id 10.0.3.3 
 import-route isis 1 route-policy aa
 area 0.0.0.0 
  network 10.0.23.0 0.0.0.255 
route-policy bb deny node 5 
 if-match tag 20
#
route-policy bb deny node 10 
 if-match tag 30
#
route-policy bb permit node 20 
 apply tag 10 
#
route-policy aa deny node 10 
 if-match tag 10
#
route-policy aa permit node 20 
 apply tag 30 

实验三

img

起bgp邻居 ar2与ar3建立ibgp邻居 ar3与ar4建立 ar4与ar5建立 此时未建立ibgp全互联 路由传递到ar3根据从ibgp学习得到的路由不会发给他的ibgp邻居会不再优选 此时我们建立路由反射器使其建立ibgp全互联

ar3作为rr 这是 ar2作为他的客户端收到ar2的路由会将路由反射到所有的客户机和非客户机 所以ar4会收到反射的路由 ar3与ar4建立路由反射器ar4作为rr ar3作为客户端从客户端ar3收到的路由会反射给所有的客户端和非客户端至此 ar5收到ar1宣告的路由

   # ar3
    peer 2.2.2.2 reflect-client
   # ar4
     peer 3.3.3.3 reflect-client

img

可以通过以下命令更改集群id

[AR3-bgp]reflector cluster-id 3.3.3.3

img

聚合

使用summary automatic 聚合import引入的路由 聚合之后为自然网段

img

聚合之后as-path会出现丢失

手工聚合可以指定as-set属性来防止as-set属性丢失

不设置

img

设置

img

img

实验四

img

ar3上引入的路由在ar2上进行手动聚合设置as-set对比

img

img

优选

img

通过修改as-path使200中1.0被优选

# AR2
route-policy 1.0 permit node 10 
 if-match ip-prefix 1.0 
 apply as-path none overwrite
#
route-policy 1.0 permit node 20 
#
ip ip-prefix 1.0 index 10 permit 172.16.1.0 24
#
bgp 300
   peer 10.0.24.2 route-policy 1.0 import

img

通过修改2.0的locprf使as200内优选

# ar4
acl number 2001  
 rule 5 permit source 172.16.2.0 0.0.0.255 

route-policy 2.0 permit node 10 
 if-match acl 2001 
 apply local-preference 200 
#
route-policy 2.0 permit node 20 
bgp 300
peer 5.5.5.5 route-policy 2.0 export

img

默认不比较来自不同as的med值compare-different-as-med 可以让其比较

最后更新于 2024-08-26