BGP联盟综合实验
- 实验top
- 实验目的
1、AS1中存在两个环回,一个地址为192.168.1.0/24,该地址不能在任何协议中宣告;
AS3中存在两个环回,一个地址为192.168.2.0/24,该地址不能在任何协议中宣告,最终要求这两个环回可以ping通;
2、R1-R8的建邻环回用x.x.x.x/32表示;
3、 整个AS2的Ip地址为172.16.8.0/16,R3-R7上各有一个业务网段,请合理划分;并且其内部配置0SPF协议
4、AS间的骨干链路IP地址随意定制,
5、使用BGP协议让整个网络所有设备的环回可以互相访问,
6、减少路由条目数量,避免环路出现;
三、实验步骤
1、根据所给的ip地址配置ip
[R1]int g 0/0/0
[R1-GigabitEthernet0/0/0]ip add 12.1.1.1 24
[R1-GigabitEthernet0/0/0]int l0
[R1-LoopBack0]ip add 1.1.1.1 32
[R1-LoopBack0]int l1
[R1-LoopBack1]ip add 192.168.1.1 24
[R2]int g 0/0/0
[R2-GigabitEthernet0/0/0]ip add 12.1.1.2 24
[R2-GigabitEthernet0/0/0]int l1
[R2-LoopBack1]ip add 2.2.2.2 32
[R2-LoopBack1]int g 0/0/1
[R2-GigabitEthernet0/0/1]ip add 172.16.1.1 30
[R2-GigabitEthernet0/0/1]int g 0/0/2
[R2-GigabitEthernet0/0/2]ip add 172.16.1.21 30
[R3]int g 0/0/0
[R3-GigabitEthernet0/0/0]ip add 172.16.1.2 30
[R3-GigabitEthernet0/0/0]int g 0/0/1
[R3-GigabitEthernet0/0/1]ip add 172.16.1.5 30
[R3-GigabitEthernet0/0/1]int l0
[R3-LoopBack0]ip add 3.3.3.3 32
[R3-LoopBack0]int l1
[R3-LoopBack1]ip add 172.16.3.3 24
[R4]int g 0/0/0
[R4-GigabitEthernet0/0/0]ip add 172.16.1.6 30
[R4-GigabitEthernet0/0/0]int g 0/0/1
[R4-GigabitEthernet0/0/1]ip add 172.16.1.9 30
[R4-GigabitEthernet0/0/1]int l0
[R4-LoopBack0]ip add 4.4.4.4 32
[R4-LoopBack0]int l1
[R4-LoopBack1]ip add 172.16.4.4 24
[R5]int g 0/0/0
[R5-GigabitEthernet0/0/0]ip add 172.16.1.22 30
[R5-GigabitEthernet0/0/0]int g 0/0/1
[R5-GigabitEthernet0/0/1]ip add 172.16.1.17 30
[R5-GigabitEthernet0/0/1]int l0
[R5-LoopBack0]ip add 5.5.5.5 32
[R5-LoopBack0]int l1
[R5-LoopBack1]ip add 172.16.5.5 24
[R6]int g 0/0/0
[R6-GigabitEthernet0/0/0]ip add 172.16.1.18 30
[R6-GigabitEthernet0/0/0]int g 0/0/1
[R6-GigabitEthernet0/0/1]ip add 172.16.1.13 30
[R6-GigabitEthernet0/0/1]int l0
[R6-LoopBack0]ip add 6.6.6.6 32
[R6-LoopBack0]int l1
[R6-LoopBack1]ip add 172.16.6.6 24
[R7]int g 0/0/0
[R7-GigabitEthernet0/0/0]ip add 172.16.1.14 30
[R7-GigabitEthernet0/0/0]int g 0/0/1
[R7-GigabitEthernet0/0/1]ip add 172.16.1.10 30
[R7-GigabitEthernet0/0/1]int g 0/0/2
[R7-GigabitEthernet0/0/2]ip add 34.1.1.7 24
[R7-GigabitEthernet0/0/2]int l0
[R7-LoopBack0]ip add 7.7.7.7 32
[R7-LoopBack0]int l1
[R7-LoopBack1]ip add 172.16.7.7 24
[R8]int g 0/0/0
[R8-GigabitEthernet0/0/0]ip add 34.1.1.8 24
[R8-GigabitEthernet0/0/0]int l0
[R8-LoopBack0]ip add 8.8.8.8 32
[R8-LoopBack0]int l1
[R8-LoopBack1]ip add 192.168.2.8 24
2、宣告网段实现内部网通
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]a 0
[R2-ospf-1-area-0.0.0.0]net 2.2.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]net 172.16.1.0 0.0.0.255
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]a 0
[R3-ospf-1-area-0.0.0.0]net 3.3.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]net 172.16.1.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]net 172.16.3.0 0.0.0.255
[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]a 0
[R4-ospf-1-area-0.0.0.0]net 4.4.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]net 172.16.1.0 0.0.0.255
[R4-ospf-1-area-0.0.0.0]net 172.16.4.0 0.0.0.255
[R5]ospf 1 router-id 5.5.5.5
[R5-ospf-1]a 0
[R5-ospf-1-area-0.0.0.0]net 5.5.5.5 0.0.0.0
[R5-ospf-1-area-0.0.0.0]net 172.16.1.0 0.0.0.255
[R5-ospf-1-area-0.0.0.0]net 172.16.5.0 0.0.0.255
[R6]ospf 1 router-id 6.6.6.6
[R6-ospf-1]a 0
[R6-ospf-1-area-0.0.0.0]net
[R6-ospf-1-area-0.0.0.0]network 6.6.6.6 0.0.0.0
[R6-ospf-1-area-0.0.0.0]net 172.16.1.0 0.0.0.255
[R6-ospf-1-area-0.0.0.0]net 172.16.6.0 0.0.0.255
[R7]ospf 1 router-id 7.7.7.7.
[R7-ospf-1]a 0
[R7-ospf-1-area-0.0.0.0]network 7.7.7.7. 0.0.0.0
[R7-ospf-1-area-0.0.0.0]net 172.16.1.0 0.0.0.255
[R7-ospf-1-area-0.0.0.0]net 172.16.7.0 0.0.0.255
3、建立bgp邻居
[R1]bgp 1
[R1-bgp]peer 12.1.1.2 as-number 2
[R2]bgp 64512
[R2-bgp]confederation id 2
[R2-bgp]confederation peer-as 64513
[R2-bgp]peer 12.1.1.1 as 1
[R2-bgp]peer 3.3.3.3 as 64512
[R2-bgp]peer 3.3.3.3 connect-interface l0
[R2-bgp]peer 3.3.3.3 next-hop-local
[R2-bgp]peer 172.16.1.22 as 64513
[R2-bgp]peer 172.16.1.22 next-hop-local
[R3]bgp 64512
[R3-bgp]confederation id 2
[R3-bgp]peer 2.2.2.2 connect-interface l0
[R3-bgp]peer 4.4.4.4 as 64512
[R3-bgp]peer 4.4.4.4 connect-interface l0
[R4]bgp 64512
[R4-bgp]confederation id 2
[R4-bgp]peer 3.3.3.3 as 64512
[R4-bgp]peer 3.3.3.3 connect-interface l0
[R5]bgp 64513
[R5-bgp]confederation id 2
[R5-bgp]confederation peer-as 64512
[R5-bgp]peer 6.6.6.6 as 64513
[R5-bgp]peer 6.6.6.6 connect-interface l0
[R5-bgp]peer 6.6.6.6 next-hop-local
[R5-bgp]peer 172.16.1.21 as 64512
[R5-bgp]peer 172.16.1.21 next-hop-loca
[R6]bgp 64513
[R6-bgp]confederation id 2
[R6-bgp]peer 5.5.5.5 as 64513
[R6-bgp]peer 5.5.5.5 connect-interface l0
[R6-bgp]peer 7.7.7.7 as 64513
[R6-bgp]peer 7.7.7.7 connect-interface l0
[R7]bgp 64513
[R7-bgp]confederation id 2
[R7-bgp]peer 6.6.6.6 as 64513
[R7-bgp]peer 6.6.6.6 connect-interface l0
[R7-bgp]peer 6.6.6.6 next-hop-local
[R7-bgp]peer 34.1.1.8 as 3
[R8]bgp 3
[R8-bgp]peer 34.1.1.7 as 2
4、宣告业务网段
[R1]bgp 1
[R1-bgp]net 1.1.1.1 32
[R8]bgp 3
[R8-bgp]net 8.8.8.8 32
[R3]bgp 64512
[R3-bgp]net 172.16.3.0 24
[R4]bgp 64512
[R4-bgp]net 172.16.4.0 24
[R5]bgp 64513
[R5-bgp]net 172.16.5.0 24
[R6]bgp 64513
[R6-bgp]net 172.16.6.0 24
[R7]bgp 64513
[R7-bgp]net 172.16.7.0 24
因为水平分割,不能完整学习业务网段,用路由反射解决
[R3]bgp 64512
[R3-bgp]peer 2.2.2.2 re
[R3-bgp]peer 2.2.2.2 reflect-client
[R3-bgp]peer 4.4.4.4 reflect-client
[R3-bgp]reflector cluster-id 3.3.3.3
[R6]bgp 64513
[R6-bgp]peer 5.5.5.5 reflect-client
[R6-bgp]peer 7.7.7.7 reflect-client
[R6-bgp]reflector cluster-id 6.6.6.6
测试全网通:
5、路由聚合,减少路由条路
[R2]bgp 64512
[R2-bgp]aggregate 172.16.0.0 21 detail-suppressed as-set(as-set防环)
[R7]bgp 64513
[R7-bgp]aggregate 172.16.0.0 21 detail-suppressed as-set
聚合前后对比
6、建立隧道,实现r1和r8之间业务的互通
[R1]int t
[R1]int Tunnel 0/0/0
[R1-Tunnel0/0/0]ip add 10.1.1.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre
[R1-Tunnel0/0/0]source 1.1.1.1
[R1-Tunnel0/0/0]destination 8.8.8.8
[R1]ip route-static 192.168.2.0 24 Tunnel 0/0/0
[R8]int Tunnel 0/0/0
[R8-Tunnel0/0/0]ip add 10.1.1.2 24
[R8-Tunnel0/0/0]tunnel-protocol gre
[R8-Tunnel0/0/0]source 8.8.8.8
[R8-Tunnel0/0/0]destination 1.1.1.1
[R8]ip route-static 192.168.1.0 24 Tunnel 0/0/0