一、实验概述
在大型BGP网络中,AS内部IBGP水平分割规则会限制路由传递。为了解决AS内部全互联带来的配置复杂性,本实验采用BGP联邦 结合路由反射器的技术方案。BG
二、拓扑规划与IP地址分配
1. 网络拓扑结构
-
AS 1:AR1(边界路由器)
-
AS 2(联邦AS):
-
子AS 64512:AR2、AR3、AR4
-
子AS 64513:AR5、AR6、AR7
-
-
AS 3:AR8(边界路由器)
2. 骨干链路IP规划
| 链路 | 接口IP地址 |
|---|---|
| AR1 ↔ AR2 | 192.168.100.1/30 ↔ 192.168.100.2/30 |
| AR2 ↔ AR3 | 192.168.101.1/30 ↔ 192.168.101.2/30 |
| AR3 ↔ AR4 | 192.168.102.1/30 ↔ 192.168.102.2/30 |
| AR4 ↔ AR7 | 192.168.103.1/30 ↔ 192.168.103.2/30 |
| AR7 ↔ AR8 | 192.168.104.1/30 ↔ 192.168.104.2/30 |
| AR2 ↔ AR5 | 192.168.105.1/30 ↔ 192.168.105.2/30 |
| AR5 ↔ AR6 | 192.168.106.1/30 ↔ 192.168.106.2/30 |
| AR6 ↔ AR7 | 192.168.107.1/30 ↔ 192.168.107.2/30 |
三、基础接口配置
AR1 配置
system-view
sysname AR1
interface GigabitEthernet0/0/0
ip address 192.168.100.1 255.255.255.252
interface LoopBack0
ip address 10.1.1.1 255.255.255.0
quitAR2 配置
system-view
sysname AR2
interface GigabitEthernet0/0/0
ip address 192.168.100.2 255.255.255.252
interface GigabitEthernet0/0/1
ip address 192.168.101.1 255.255.255.252
interface GigabitEthernet0/0/2
ip address 192.168.105.1 255.255.255.252
interface LoopBack0
ip address 10.2.2.2 255.255.255.0
quitAR3 配置
system-view
sysname AR3
interface GigabitEthernet0/0/0
ip address 192.168.101.2 255.255.255.252
interface GigabitEthernet0/0/1
ip address 192.168.102.1 255.255.255.252
interface LoopBack0
ip address 10.3.3.3 255.255.255.0
quitAR4 配置
system-view
sysname AR4
interface GigabitEthernet0/0/0
ip address 192.168.102.2 255.255.255.252
interface GigabitEthernet0/0/1
ip address 192.168.103.1 255.255.255.252
interface LoopBack0
ip address 10.4.4.4 255.255.255.0
quitAR5 配置
system-view
sysname AR5
interface GigabitEthernet0/0/0
ip address 192.168.105.2 255.255.255.252
interface GigabitEthernet0/0/1
ip address 192.168.106.1 255.255.255.252
interface LoopBack0
ip address 10.5.5.5 255.255.255.0
quitAR6 配置
注 :原配置中AR6接口IP有误,已修正为正确的
192.168.106.2。
system-view
sysname AR6
interface GigabitEthernet0/0/0
ip address 192.168.106.2 255.255.255.252
interface GigabitEthernet0/0/1
ip address 192.168.107.1 255.255.255.252
interface LoopBack0
ip address 10.6.6.6 255.255.255.0
quitAR7 配置
system-view
sysname AR7
interface GigabitEthernet0/0/0
ip address 192.168.103.2 255.255.255.252
interface GigabitEthernet0/0/1
ip address 192.168.107.2 255.255.255.252
interface GigabitEthernet0/0/2
ip address 192.168.104.1 255.255.255.252
interface LoopBack0
ip address 10.7.7.7 255.255.255.0
quitAR8 配置
system-view
sysname AR8
interface GigabitEthernet0/0/0
ip address 192.168.104.2 255.255.255.252
interface LoopBack0
ip address 10.8.8.8 255.255.255.0
quit四、BGP联邦配置
1. 配置联邦ID与子AS
在联邦内的设备上进行配置。
AR2、AR3、AR4(子AS 64512):
bgp 64512
confederation id 2
confederation peer-as 64513AR5、AR6、AR7(子AS 64513):
bgp 64513
confederation id 2
confederation peer-as 645122. 建立BGP邻居关系
AR2 配置:
bgp 64512
peer 192.168.100.1 as-number 1 # 连接AS 1
peer 192.168.101.2 as-number 64512 # 连接AR3
peer 192.168.105.2 as-number 64513 # 连接子AS 64513AR3 配置:
bgp 64512
peer 192.168.101.1 as-number 64512 # 连接AR2
peer 192.168.102.2 as-number 64512 # 连接AR4AR4 配置:
bgp 64512
peer 192.168.102.1 as-number 64512 # 连接AR3
peer 192.168.103.2 as-number 64513 # 连接AR7AR5 配置:
bgp 64513
peer 192.168.105.1 as-number 64512 # 连接AR2
peer 192.168.106.2 as-number 64513 # 连接AR6AR6 配置:
bgp 64513
peer 192.168.106.1 as-number 64513 # 连接AR5
peer 192.168.107.2 as-number 64513 # 连接AR7AR7 配置:
bgp 64513
peer 192.168.103.1 as-number 64512 # 连接AR4
peer 192.168.107.1 as-number 64513 # 连接AR6
peer 192.168.104.2 as-number 3 # 连接AS 3AR8 配置:
bgp 3
peer 192.168.104.1 as-number 2 # 连接联邦AS 2五、路由反射器(RR)配置
为了减少IBGP连接数,在子AS内部署路由反射器。
AR2 作为 RR
bgp 64512
peer 192.168.101.2 reflect-client # AR3为客户端
peer 192.168.105.2 reflect-client # AR5为客户端AR5 作为 RR
bgp 64513
peer 192.168.106.2 reflect-client # AR6为客户端六、路由宣告
在每个设备上宣告本地Loopback网段。
# AR1
bgp 1
network 10.1.1.0 255.255.255.0
# AR2
bgp 64512
network 10.2.2.0 255.255.255.0
# AR3
bgp 64512
network 10.3.3.0 255.255.255.0
# AR4
bgp 64512
network 10.4.4.0 255.255.255.0
# AR5
bgp 64513
network 10.5.5.0 255.255.255.0
# AR6
bgp 64513
network 10.6.6.0 255.255.255.0
# AR7
bgp 64513
network 10.7.7.0 255.255.255.0
# AR8
bgp 3
network 10.8.8.0 255.255.255.0七、验证与测试
1. 查看BGP路由表
在AR1上使用 display bgp routing-table命令:
[AR1] display bgp routing-table
BGP Local router ID is 10.1.1.1
Status codes: * - valid, > - best
Network NextHop Path/Ogn
*> 10.1.1.0/24 0.0.0.0 0 32768 i
*> 10.2.2.0/24 192.168.100.2 0 64512 i
*> 10.3.3.0/24 192.168.100.2 0 64512 i
*> 10.4.4.0/24 192.168.100.2 0 64512 i
*> 10.5.5.0/24 192.168.100.2 0 64512 64513 i
*> 10.6.6.0/24 192.168.100.2 0 64512 64513 i
*> 10.7.7.0/24 192.168.100.2 0 64512 64513 i
*> 10.8.8.0/24 192.168.100.2 0 64512 64513 3 i2. 连通性测试
从AR1 Ping 远端AR8的Loopback地址:
<AR1> ping -a 10.1.1.1 10.8.8.8
PING 10.8.8.8: 56 data bytes, press CTRL_C to break
Reply from 10.8.8.8: bytes=56 Sequence=1 ttl=252 time=38 ms
Reply from 10.8.8.8: bytes=56 Sequence=2 ttl=252 time=31 ms
Reply from 10.8.8.8: bytes=56 Sequence=3 ttl=252 time=29 ms
Reply from 10.8.8.8: bytes=56 Sequence=4 ttl=252 time=34 ms
Reply from 10.8.8.8: bytes=56 Sequence=5 ttl=252 time=33 ms
--- 10.8.8.8 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
八、实验总结
-
联邦优势:通过将大AS拆分为私有子AS,有效降低了IBGP邻居管理的复杂度。
-
路由反射器:在子AS内部通过RR反射路由,避免了全互联,简化了配置。
-
注意事项:联邦EBGP邻居之间默认TTL为1,需确保物理直连或通过静态路由保证可达性。
通过本实验,成功验证了BGP联邦与路由反射器在多AS环境下的协同工作能力。