bgp反射器及联邦实验

一.实验要求

1、AS1 存在两个环回,一个地址为 192.168.1.0/24,该地址不能在任何协议中宣告 AS3 存在两个环回,一个地址为 192.168.2.0/24,该地址不能在任何协议中宣告 AS1 还有一个环回地址为 10.1.1.0/24,AS3 另一个环回地址是 11.1.1.0/24 最终要求这两个环回可以互相通讯。

2、整个 AS2 的 IP 地址为 172.16.0.0/16

3、AS 间的骨干链路 IP 地址随意分配

4、使用 BGP 协议让整个网络所有设备的环回可以互相访问

5、减少路由条目数量,避免环路出现

二.实验实现

1.IP地址划分

172.168.0.0/24 建邻

172.168.0.2 --R2

172.168.1.0/24 互联

AR1 - AR2:12.0.0.0/24

AR2 - AR3:172.168.1.1/30

AR3 - AR4:172.168.1.4/30

AR4 - AR7:172.168.1.12/30

AR7 - AR8:78.0.0.0/24

AR2 - AR5:172.168.1.8/30

AR5 - AR6:172.168.1.16/30

AR6 - AR7:172.168.1.20/30

172.168.2.0/24 AR2用户

bash 复制代码
//AR1
[AR1]interface LoopBack 0
[AR1-LoopBack0]ip address 192.168.1.1 24
[AR1-LoopBack0]interface LoopBack 1
[AR1-LoopBack1] ip address 10.1.1.1 24
[AR1]interface GigabitEthernet 0/0/0
[AR1-GigabitEthernet0/0/0] ip address 12.0.0.1 24

//AR2
[AR2]interface GigabitEthernet 0/0/0
[AR2-GigabitEthernet0/0/0] ip address 12.0.0.2 24
[AR2-GigabitEthernet0/0/0]interface GigabitEthernet 0/0/1
[AR2-GigabitEthernet0/0/1] ip address 172.16.1.1 30
[AR2-GigabitEthernet0/0/1]interface GigabitEthernet 0/0/2
[AR2-GigabitEthernet0/0/2] ip address 172.16.1.9 30
[AR2]INT L 0
[AR2-LoopBack0]ip add 172.16.0.2 32
[AR2-LoopBack0]INT L 1
[AR2-LoopBack1]ip address 172.16.2.1 24

[AR2-LoopBack1]ospf network-type  broadcast


//AR3
[AR3]interface GigabitEthernet 0/0/0
[AR3-GigabitEthernet0/0/0] ip address 172.16.1.2 30
[AR3-GigabitEthernet0/0/0]interface GigabitEthernet 0/0/1
[AR3-GigabitEthernet0/0/1] ip address 172.16.1.5 30
[AR3-GigabitEthernet0/0/1] ip address 172.16.1.5 30
[AR3-LoopBack1]ospf network-type  broadcast

[AR3]int l 0
[AR3-LoopBack0]ip add	
[AR3-LoopBack0]ip address  172.16.0.3 32
[AR3-LoopBack0]int l 1
[AR3-LoopBack1]ip add 172.16.3.1 24

//AR4
[AR4]interface GigabitEthernet 0/0/0
[AR4-GigabitEthernet0/0/0] ip address 172.16.1.6 30
[AR4-GigabitEthernet0/0/0]interface GigabitEthernet 0/0/1
[AR4-GigabitEthernet0/0/1] ip address 172.16.1.13 30

[AR4]int LoopBack 0
[AR4-LoopBack0]ip add 172.16.0.4 32
[AR4-LoopBack0]int LoopBack 1
[AR4-LoopBack1]ip add 172.16.4.1 24

[AR4-LoopBack1]ospf network-type  broadcast

//AR5
[AR5]interface GigabitEthernet 0/0/0
[AR5-GigabitEthernet0/0/0] ip address 172.16.1.10 30
[AR5-GigabitEthernet0/0/0]interface GigabitEthernet 0/0/1
[AR5-GigabitEthernet0/0/1] ip address 172.16.1.17 30

[AR5]int l 0
[AR5-LoopBack0]ip add 172.16.0.5 32
[AR5-LoopBack0]int l 1
[AR5-LoopBack1]ip add 172.16.5.1 24
[AR5-LoopBack1]ospf network-type  broadcast

//AR6
[AR6]interface GigabitEthernet 0/0/0
[AR6-GigabitEthernet0/0/0] ip address 172.16.1.18 30
[AR6-GigabitEthernet0/0/0]interface GigabitEthernet 0/0/1
[AR6-GigabitEthernet0/0/1] ip address 172.16.1.21 30


[AR6]int l 0
[AR6-LoopBack0]ip address 172.16.0.6 32
[AR6-LoopBack0]int l 1
[AR6-LoopBack1]ip address 172.16.6.1 24
[AR6-LoopBack1]ospf network-type  broadcast

//AR7
[AR7]int GigabitEthernet  0/0/0
[AR7-GigabitEthernet0/0/0]ip add 172.16.1.14 30
[AR7-GigabitEthernet0/0/0]int GigabitEthernet 0/0/1
[AR7-GigabitEthernet0/0/1]ip add 172.16.1.22 30
[AR7]int g 0/0/2
[AR7-GigabitEthernet0/0/2]ip add 78.0.0.7 24


[AR7]int l 0
[AR7-LoopBack0]ip add 172.16.0.7 32
[AR7-LoopBack0]int l 1
[AR7-LoopBack1]ip add 172.16.7.1 24
[AR7-LoopBack1]ospf network-type  broadcast

//AR8
[AR8]int g 0/0/0

[AR8-GigabitEthernet0/0/0]ip address  78.0.0.8 24

[AR8-GigabitEthernet0/0/0]int l 0
[AR8-LoopBack0]ip add 192.168.2.1 24
[AR8-LoopBack0]int l 1
[AR8-LoopBack1]ip add 11.1.1.1 24

IGP

bash 复制代码
[AR2]ospf 1 router-id 2.2.2.2
[AR2-ospf-1]area 0
[AR2-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255

[AR3]ospf 1 router-id  3.3.3.3
[AR3-ospf-1]a 0
[AR3-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255

[AR4]ospf 1 router-id  4.4.4.4
[AR4-ospf-1]area 0
[AR4-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255

[AR5]ospf 1 router-id  5.5.5.5
[AR5-ospf-1]area 0 
[AR5-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255

[AR6]ospf 1 router-id  6.6.6.6
[AR6-ospf-1]area 0
[AR6-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255

[AR7]ospf 1 router-id 7.7.7.7
[AR7-ospf-1]area 0
[AR7-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255

BGP配置

建邻

bash 复制代码
//AR2
[AR2]bgp 64512

[AR2-bgp]router-id 2.2.2.2
	
[AR2-bgp]confederation id  2

[AR2-bgp]confederation  peer-as 64513

[AR2-bgp]peer 12.0.0.1 as-number  1

[AR2-bgp]peer 172.16.0.3 as-number 64512


[AR2-bgp]peer 172.16.0.5 as-number 64513
[AR2-bgp]peer 172.16.0.3  connect-interface  LoopBack 0
[AR2-bgp]peer 172.16.0.5 connect-interface LoopBack 0
	
[AR2-bgp]peer 172.16.0.5 ebgp-max-hop

[AR2-bgp]peer 172.16.0.3 next-hop-local
[AR2-bgp]peer 172.16.0.5 next-hop-local


//AR3
[AR3]bgp 64512

[AR3-bgp]router-id 3.3.3.3
	
[AR3-bgp]confederation  id 2

[AR3-bgp]peer 172.16.0.2 as-number 64512
[AR3-bgp]peer 172.16.0.4 as-number 64512
	
[AR3-bgp]peer 172.16.0.2 connect-interface LoopBack  0
[AR3-bgp]peer 172.16.0.4 connect-interface LoopBack  0


//AR4
[AR4-bgp]dis th
[V200R003C00]
#
bgp 64512
 router-id 4.4.4.4
 confederation id 2
 confederation peer-as 64513
 peer 172.16.0.3 as-number 64512 
 peer 172.16.0.3 connect-interface LoopBack0
 peer 172.16.0.7 as-number 64513 
 peer 172.16.0.7 ebgp-max-hop 255 
 peer 172.16.0.7 connect-interface LoopBack0
 #



//AR5
[AR5-bgp]dis th
[V200R003C00]
#
bgp 64513
 router-id 5.5.5.5
 confederation id 2
 confederation peer-as 64512
 peer 172.16.0.2 as-number 64512 
 peer 172.16.0.2 ebgp-max-hop 255 
 peer 172.16.0.2 connect-interface LoopBack0
 peer 172.16.0.6 as-number 64513 
 peer 172.16.0.6 connect-interface LoopBack0

//AR6
[AR6-bgp]dis th
[V200R003C00]
#
bgp 64513
 router-id 6.6.6.6
 confederation id 2
 peer 172.16.0.5 as-number 64513 
 peer 172.16.0.5 connect-interface LoopBack0
 peer 172.16.0.7 as-number 64517 
 peer 172.16.0.7 connect-interface LoopBack0

//AR7
[AR7-bgp]display  th
[V200R003C00]
#
bgp 64513
 router-id 7.7.7.7
 confederation id 2
 confederation peer-as 64512
 peer 78.0.0.8 as-number 3 
 peer 172.16.0.4 as-number 64512 
 peer 172.16.0.4 ebgp-max-hop 255 
 peer 172.16.0.4 connect-interface LoopBack0
 peer 172.16.0.6 as-number 64513 
 peer 172.16.0.6 ebgp-max-hop 255 
 peer 172.16.0.6 connect-interface LoopBack0
 #

///AR8
[AR8]bgp 3
[AR8-bgp]router-id 8.8.8.8
[AR8-bgp]peer 78.0.0.7 as-number 2

查看是否成功建立

AR3 AR6当RR

bash 复制代码
//AR3
[AR3-bgp]peer 172.16.0.2 reflect-client
[AR3-bgp]peer 172.16.0.4 reflect-client


[AR6-bgp]peer 172.16.0.5 reflect-client
[AR6-bgp]peer 172.16.0.7 reflect-client

发布路由

bash 复制代码
//AR1
[AR1-bgp]network 10.1.1.0 24

//AR8
[AR8-bgp]network 11.1.1.0 24

此时

bash 复制代码
[AR2]ip ip-prefix aa permit 172.16.0.0 16 greater-equal  24 less-equal 24

[AR2]route-policy aa permit  node 10
Info: New Sequence of this List.

[AR2-route-policy]if-match ip-prefix  aa
[AR2-route-policy]q
[AR2]bgp 64512
[AR2-bgp]import-route ospf  1 route-policy aa




[AR7]ip ip-prefix aa permit 172.16.0.0 16 greater-equal  24 less-equal 24
[AR7]route-policy aa permit  node 10
Info: New Sequence of this List.
[AR7-route-policy]if-match ip-prefix  aa
[AR7-route-policy]q
[AR7]bgp 64513
[AR7-bgp]import-route ospf  1 route-policy aa

路由优选后才会进行传递

此时AR1pingAR6环回 数据可通

vpn实现两环回互通

bash 复制代码
[AR1]int Tunnel  0/0/0
[AR1-Tunnel0/0/0]ip address  18.0.0.1 24
[AR1-Tunnel0/0/0]tunnel-protocol  gre
[AR1-Tunnel0/0/0]source 10.1.1.1
[AR1-Tunnel0/0/0]destination 11.1.1.1


[AR8]int Tunnel 0/0/0
[AR8-Tunnel0/0/0]ip address 18.0.0.8 24
[AR8-Tunnel0/0/0]tunnel-protocol  gre 
[AR8-Tunnel0/0/0]source 11.1.1.1
[AR8-Tunnel0/0/0]description 10.1.1.1

此时

AR1ip route-static 192.168.2.0 24 18.0.0.8

AR8ip route-static 192.168.1.0 24 18.0.0.1

两环回互通

优化:减少路由条目数量,避免环路出现

汇总

bash 复制代码
[AR2]bgp 64512

[AR2-bgp]aggregate 172.16.0.0  255.255.248.0

AR2-bgpaggregate 172.16.0.0 255.255.248.0 detail-suppressed as-set

detail-suppressed 抑制明细路由

as-set 继承AS-path

AR7也要汇总

bash 复制代码
[AR7-bgp]aggregate 172.16.0.0 255.255.248.0 detail-suppressed as-set
相关推荐
Triv202523 分钟前
Profinet与Modbus协议转换网关HD67602的硬件特性与配置方法
网络·plc·modbus·profinet·工业网关·协议转换
珠***格2 小时前
XGF10-Z-4典型接入方式解析:10千伏专变用户380伏多点分布式光伏如何并网?
网络·人工智能·分布式·安全·边缘计算
盟接之桥2 小时前
跨越数字鸿沟,重塑全球信任:盟接之桥EDI如何以长期主义赋能中国制造出海
网络·人工智能·安全·汽车·制造
一只小菜鸡..2 小时前
Stanford CS144 学习笔记 (四):网络拥塞控制与 AIMD 算法
网络·笔记·学习
AFinalStone3 小时前
Android 7系统网络(八)应用API层—ConnectivityManager使用与实战调试
android·网络
希望奇迹很安静4 小时前
数通基本实验
运维·服务器·网络
ITxiaobing20235 小时前
如何构建IP维度的假量排查流程:以AppsFlyer Protect360判假后的实战为例
网络·数据库
Eloudy6 小时前
基于 RDMA-CM(librdmacm)的聊天程序
网络·人工智能
(Charon)6 小时前
【C/C++】手写内存池(三):大块内存的申请、记录与单独释放
网络
一只小菜鸡..8 小时前
Stanford CS144 学习笔记 (二):传输层与数据通信机制
网络·笔记·学习