1,AS1存在两个环回,一个地址为192.168.1.0/24 该地址不嫩在任何协议中宣告
AS3中存在两个环回,一个地址为192.168.2.0/24该地址不能再任何协议中宣告,最终要求这两个环回可用互相通讯
AS1中的另一个环回为10.0.0.0 24,AS3中的另一个环回为11.0.0.0/24
2,整个AS2的IP地址为172.16.0.0/16,请合理划分
3,AS间的骨干链路IP地址随意指定
4,使用BGP协议让整个网络所有设备的环回可以互相访问
5,减少路由条目数量,避免环路出现
配置路由
R1Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.0.0.1/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
LoopBack0 10.0.0.1/24 up up(s)
LoopBack1 192.168.1.1/24 up up(s)
NULL0 unassigned up up(s) R2Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.0.1/30 up up
GigabitEthernet0/0/1 12.0.0.2/24 up up
GigabitEthernet0/0/2 172.16.0.22/30 up up
LoopBack0 172.16.2.1/24 up up(s)
NULL0 unassigned up up(s) R3Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.0.5/30 up up
GigabitEthernet0/0/1 172.16.0.2/30 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.3.1/24 up up(s)
NULL0 unassigned up up(s) R4Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.0.9/30 up up
GigabitEthernet0/0/1 172.16.0.6/30 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.4.1/24 up up(s)
NULL0 unassigned up up(s)R5Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.0.21/30 up up
GigabitEthernet0/0/1 172.16.0.18/30 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.5.1/24 up up(s)
NULL0 unassigned up up(s) R6Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.0.17/30 up up
GigabitEthernet0/0/1 172.16.0.14/30 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 172.16.6.1/24 up up(s)
NULL0 unassigned up up(s) R7Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 172.16.0.13/30 up up
GigabitEthernet0/0/1 78.0.0.1/24 up up
GigabitEthernet0/0/2 172.16.0.10/30 up up
LoopBack0 172.16.7.1/24 up up(s)
NULL0 unassigned up up(s) R8Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 78.0.0.2/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
LoopBack0 11.0.0.1/24 up up(s)
LoopBack1 192.168.2.1/24 up up(s)
NULL0 unassigned up up(s) 再内部网络(R2-R7)中运行IGP协议--ospf
R2
[r2]ospf 1 ro
[r2]ospf 1 router-id 2.2.2.2
[r2-ospf-1]area 0
[r2-ospf-1-area-0.0.0.0]net
[r2-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r2]dis ospf p bOSPF Process 1 with Router ID 2.2.2.2Peer Statistic Information----------------------------------------------------------------------------Area Id Interface Neighbor id State 0.0.0.0 GigabitEthernet0/0/0 3.3.3.3 Full 0.0.0.0 GigabitEthernet0/0/2 5.5.5.5 Full ----------------------------------------------------------------------------R3
[r3-LoopBack0]q
[r3]ospf 1 ro
[r3]ospf 1 router-id 3.3.3.3
[r3-ospf-1]net
[r3-ospf-1]area 0
[r3-ospf-1-area-0.0.0.0]net
[r3-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r3]dis ospf p bOSPF Process 1 with Router ID 3.3.3.3Peer Statistic Information----------------------------------------------------------------------------Area Id Interface Neighbor id State 0.0.0.0 GigabitEthernet0/0/0 4.4.4.4 Full 0.0.0.0 GigabitEthernet0/0/1 2.2.2.2 Full ----------------------------------------------------------------------------
[r3]R4
[r4-ospf-1-area-0.0.0.0]dis this
[V200R003C00]
#area 0.0.0.0 network 172.16.0.0 0.0.255.255
#
return
[r4-ospf-1-area-0.0.0.0]dis ospf p bOSPF Process 1 with Router ID 4.4.4.4Peer Statistic Information----------------------------------------------------------------------------Area Id Interface Neighbor id State 0.0.0.0 GigabitEthernet0/0/0 7.7.7.7 Full 0.0.0.0 GigabitEthernet0/0/1 3.3.3.3 Full ----------------------------------------------------------------------------R5
[r5]ospf 1 ro
[r5]ospf 1 router-id 5.5.5.5
[r5-ospf-1]AREA 0
[r5-ospf-1-area-0.0.0.0]net
[r5-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r5-ospf-1-area-0.0.0.0]dis ospf p bOSPF Process 1 with Router ID 5.5.5.5Peer Statistic Information----------------------------------------------------------------------------Area Id Interface Neighbor id State 0.0.0.0 GigabitEthernet0/0/0 2.2.2.2 Full 0.0.0.0 GigabitEthernet0/0/1 6.6.6.6 Full ----------------------------------------------------------------------------R6
[r6]ospf 1 ro
[r6]ospf 1 router-id 6.6.6.6
[r6-ospf-1]area 0
[r6-ospf-1-area-0.0.0.0]net
[r6-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r6-ospf-1-area-0.0.0.0]dis ospf p bOSPF Process 1 with Router ID 6.6.6.6Peer Statistic Information----------------------------------------------------------------------------Area Id Interface Neighbor id State 0.0.0.0 GigabitEthernet0/0/0 5.5.5.5 Full 0.0.0.0 GigabitEthernet0/0/1 7.7.7.7 Full ----------------------------------------------------------------------------R7
[r7]ospf 1 ro
[r7]ospf 1 router-id 7.7.7.7
[r7-ospf-1]area 0
[r7-ospf-1-area-0.0.0.0]net
[r7-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[r7-ospf-1-area-0.0.0.0]dis ospf p bOSPF Process 1 with Router ID 7.7.7.7Peer Statistic Information----------------------------------------------------------------------------Area Id Interface Neighbor id State 0.0.0.0 GigabitEthernet0/0/0 6.6.6.6 Full 0.0.0.0 GigabitEthernet0/0/2 4.4.4.4 Full ----------------------------------------------------------------------------进行BGP配置,并进行建邻操作
R1
[r1-bgp]ro
[r1-bgp]router-id 1.1.1.1
[r1-bgp]peer 12.0.0.2 as
[r1-bgp]peer 12.0.0.2 as-number 2
[r1-bgp]dis this
[V200R003C00]
#
bgp 1router-id 1.1.1.1peer 12.0.0.2 as-number 2 #ipv4-family unicastundo synchronizationpeer 12.0.0.2 enable
#
return
[r1-bgp]R2
[r2-bgp]ro
[r2-bgp]router-id 2.2.2.2
[r2-bgp]con
[r2-bgp]confederation id 2
[r2-bgp]peer 12.0.0.1 as
[r2-bgp]peer 12.0.0.1 as-number 1
[r2-bgp]peer 172.16.3.1 as
[r2-bgp]peer 172.16.3.1 as-path-filter
[r2-bgp]peer 172.16.3.1 as-number 64512
[r2-bgp]peer 172.16.3.1 connect-interface lo
[r2-bgp]peer 172.16.3.1 connect-interface LoopBack 0
[r2-bgp]dis this
[V200R003C00]
#
bgp 64512router-id 2.2.2.2confederation id 2peer 12.0.0.1 as-number 1 peer 172.16.3.1 as-number 64512 peer 172.16.3.1 connect-interface LoopBack0#ipv4-family unicastundo synchronizationpeer 12.0.0.1 enablepeer 172.16.3.1 enable
#
returnR3
[r3-bgp]con
[r3-bgp]confederation id 2
[r3-bgp]ro
[r3-bgp]router-id 3.3.3.3
[r3-bgp]peer 172.16.2.1 as-nu
[r3-bgp]peer 172.16.2.1 as-number 64512
[r3-bgp]peer 172.16.2.1 con
[r3-bgp]peer 172.16.2.1 connect-interface lo 0
[r3-bgp]peer 172.16.4.1 as-
[r3-bgp]peer 172.16.4.1 as-number 64512
[r3-bgp]peer 172.16.4.1 co
[r3-bgp]peer 172.16.4.1 connect-interface lo 0
[r3-bgp]dis this
[V200R003C00]
#
bgp 64512router-id 3.3.3.3confederation id 2peer 172.16.2.1 as-number 64512 peer 172.16.2.1 connect-interface LoopBack0peer 172.16.4.1 as-number 64512 peer 172.16.4.1 connect-interface LoopBack0#ipv4-family unicastundo synchronizationpeer 172.16.2.1 enablepeer 172.16.4.1 enable
#
returnR4
[r4-bgp]con
[r4-bgp]confederation id 2
[r4-bgp]ro
[r4-bgp]router-id 4.4.4.4
[r4-bgp]peer 172.16.3.1 as
[r4-bgp]peer 172.16.3.1 as-number 64512
[r4-bgp]peer 172.16.3.1 con
[r4-bgp]peer 172.16.3.1 connect-interface lo 0
[r4-bgp]dis this
[V200R003C00]
#
bgp 64512router-id 4.4.4.4confederation id 2peer 172.16.3.1 as-number 64512 peer 172.16.3.1 connect-interface LoopBack0#ipv4-family unicastundo synchronizationpeer 172.16.3.1 enable
#
returnR5
[r5-bgp]con
[r5-bgp]confederation id 2
[r5-bgp]ro
[r5-bgp]router-id 5.5.5.5
[r5-bgp]peer 172.16.6.1 as
[r5-bgp]peer 172.16.6.1 as-number 64513
[r5-bgp]peer 172.16.6.1 con
[r5-bgp]peer 172.16.6.1 connect-interface lo 0
[r5-bgp]dis this
[V200R003C00]
#
bgp 64513router-id 5.5.5.5confederation id 2peer 172.16.6.1 as-number 64513 peer 172.16.6.1 connect-interface LoopBack0#ipv4-family unicastundo synchronizationpeer 172.16.6.1 enable
#
returnR6
[r6-bgp]con
[r6-bgp]confederation id 2
[r6-bgp]ro
[r6-bgp]router-id 6.6.6.6
[r6-bgp]peer 172.16.5.1 as
[r6-bgp]peer 172.16.5.1 as-number 64513
[r6-bgp]peer 172.16.5.1 co
[r6-bgp]peer 172.16.5.1 connect-interface lo 0
[r6-bgp]peer 172.16.7.1 as
[r6-bgp]peer 172.16.7.1 as-number 64513
[r6-bgp]peer 172.16.7.1 con
[r6-bgp]peer 172.16.7.1 connect-interface lo 0
[r6-bgp]dis this
[V200R003C00]
#
bgp 64513router-id 6.6.6.6confederation id 2peer 172.16.5.1 as-number 64513 peer 172.16.5.1 connect-interface LoopBack0peer 172.16.7.1 as-number 64513 peer 172.16.7.1 connect-interface LoopBack0#ipv4-family unicastundo synchronizationpeer 172.16.5.1 enablepeer 172.16.7.1 enable
#
returnR7
[r7-bgp]con
[r7-bgp]confederation id 2
[r7-bgp]ro
[r7-bgp]router-id 7.7.7.7
[r7-bgp]peer 78.0.0.2 as
[r7-bgp]peer 78.0.0.2 as-number 3
[r7-bgp]peer 172.16.6.1 as
[r7-bgp]peer 172.16.6.1 as-path-filter
[r7-bgp]peer 172.16.6.1 co
[r7-bgp]peer 172.16.6.1 connect-interface lo 0
Error: The peer session does not exist.
[r7-bgp]peer 172.16.6.1 connect-interface lo
[r7-bgp]peer 172.16.6.1 connect-interface LoopBack 0
Error: The peer session does not exist.
[r7-bgp]dis this
[V200R003C00]
#
bgp 64513router-id 7.7.7.7confederation id 2peer 78.0.0.2 as-number 3 #ipv4-family unicastundo synchronizationpeer 78.0.0.2 enable
#
return
[r7-bgp]peer 172.16.6.1 as
[r7-bgp]peer 172.16.6.1 as-number 64513
[r7-bgp]peer 172.16.6.1 co
[r7-bgp]peer 172.16.6.1 connect-interface lo 0
[r7-bgp]dis this
[V200R003C00]
#
bgp 64513router-id 7.7.7.7confederation id 2peer 78.0.0.2 as-number 3 peer 172.16.6.1 as-number 64513 peer 172.16.6.1 connect-interface LoopBack0#ipv4-family unicastundo synchronizationpeer 78.0.0.2 enablepeer 172.16.6.1 enable
#
returnR8
[r8-bgp]ro
[r8-bgp]route-select
[r8-bgp]router-id 8.8.8.8
[r8-bgp]peer 78.0.0.1 as
[r8-bgp]peer 78.0.0.1 as-number 2
[r8-bgp]dis this
[V200R003C00]
#
bgp 3router-id 8.8.8.8peer 78.0.0.1 as-number 2 #ipv4-family unicastundo synchronizationpeer 78.0.0.1 enable
#
return再AS2内部进行AS联邦配置
[r2-bgp]confederation peer-as 64513
[r2-bgp]peer 172.16.5.1 as-number 64513
[r2-bgp]peer 172.16.5.1 connect-interface lo 0
[r2-bgp]peer 172.16.5.1 ebgp-max-hop [r4-bgp]confederation peer-as 64513
[r4-bgp]peer 172.16.7.1 as-number 64513
[r4-bgp]peer 172.16.7.1 connect-interface LoopBack 0
[r4-bgp]peer 172.16.7.1 ebgp-max-hop [r5-bgp]confederation peer-as 64512
[r5-bgp]peer 172.16.2.1 as-number 64512
[r5-bgp]peer 172.16.2.1 connect-interface lo 0
[r5-bgp]peer 172.16.2.1 ebgp-max-hop[r7-bgp]confederation peer-as 64512
[r7-bgp]peer 172.16.4.1 as-number 64512
[r7-bgp]peer 172.16.4.1 connect-interface LoopBack 0
[r7-bgp]peer 172.16.4.1 ebgp-max-hop查看建邻是否成功
[r2-bgp]dis bgp peer BGP local router ID : 2.2.2.2Local AS number : 64512Total number of peers : 3 Peers in established state : 3Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv12.0.0.1 4 1 27 27 0 00:25:39 Established 0172.16.3.1 4 64512 25 26 0 00:23:42 Established 0172.16.5.1 4 64513 6 10 0 00:05:00 Established 0
[r2-bgp][r7-bgp]dis bgp peerBGP local router ID : 7.7.7.7Local AS number : 64513Total number of peers : 3 Peers in established state : 3Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv78.0.0.2 4 3 18 19 0 00:16:39 Established 0172.16.4.1 4 64512 5 5 0 00:03:19 Established 0172.16.6.1 4 64513 19 19 0 00:17:12 Established 0
[r7-bgp]宣告10.0.0.0/24和11.0.0.0/24网段,以及修改在R2和R7上传输给AS 2内部的对等体的下一跳属性,并指定为自己与对等体的连接地址
[r1-bgp]network 10.0.0.0 24[r8-bgp]network 11.0.0.0 24[r2-bgp]peer 172.16.3.1 next-hop-local
[r2-bgp]peer 172.16.5.1 next-hop-local[r7-bgp]peer 172.16.4.1 next-hop-local
[r7-bgp]peer 172.16.6.1 next-hop-local指定R3和R6为路由反射器,并将R2和R7分别定为R3和R6的客户
[r3-bgp]peer 172.16.2.1 reflect-client [r6-bgp]peer 172.16.7.1 reflect-client [r4-bgp]dis bgp routing-table BGP Local router ID is 4.4.4.4 Status codes: * - valid, > - best, d - damped,h - history, i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteTotal Number of Routes: 3Network NextHop MED LocPrf PrefVal Path/Ogn*>i 10.0.0.0/24 172.16.2.1 0 100 0 1i*>i 11.0.0.0/24 172.16.7.1 0 100 0 (64513) 3i* i 172.16.7.1 0 100 0 (64513) 3i
[r4-bgp][r5-bgp]dis bgp routing-table BGP Local router ID is 5.5.5.5 Status codes: * - valid, > - best, d - damped,h - history, i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteTotal Number of Routes: 2Network NextHop MED LocPrf PrefVal Path/Ogn*>i 10.0.0.0/24 172.16.2.1 0 100 0 (64512) 1i*>i 11.0.0.0/24 172.16.7.1 0 100 0 3i
[r5-bgp]对AS 2区域内的路由进行聚合,并配置空接口
[r2]ip route-static 172.16.0.0 16 nu 0[r7]ip route-static 172.16.0.0 16 NULL 0[r7-bgp]network 172.16.0.0 16[r2-bgp]network 172.16.0.0 16再R2和R7上宣告其他AS区域的网段,使得全网可达
[r2-bgp]network 12.0.0.0 24[r7-bgp]network 78.0.0.0 24[r1-bgp]dis ip ro protocol bgp
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : BGPDestinations : 3 Routes : 3 BGP routing table status : <Active>Destinations : 3 Routes : 3Destination/Mask Proto Pre Cost Flags NextHop Interface11.0.0.0/24 EBGP 255 0 D 12.0.0.2 GigabitEthernet
0/0/078.0.0.0/24 EBGP 255 0 D 12.0.0.2 GigabitEthernet
0/0/0172.16.0.0/16 EBGP 255 0 D 12.0.0.2 GigabitEthernet
0/0/0BGP routing table status : <Inactive>Destinations : 0 Routes : 0[r1-bgp][r8-bgp]dis ip ro p bgp
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : BGPDestinations : 3 Routes : 3 BGP routing table status : <Active>Destinations : 3 Routes : 3Destination/Mask Proto Pre Cost Flags NextHop Interface10.0.0.0/24 EBGP 255 0 D 78.0.0.1 GigabitEthernet
0/0/012.0.0.0/24 EBGP 255 0 D 78.0.0.1 GigabitEthernet
0/0/0172.16.0.0/16 EBGP 255 0 D 78.0.0.1 GigabitEthernet
0/0/0BGP routing table status : <Inactive>Destinations : 0 Routes : 0[r8-bgp]为R1和R2的环回L1建立隧道,使得不宣告路由也可达
R1:[r1-Tunnel0/0/0]dis this
[V200R003C00]
#
interface Tunnel0/0/0ip address 18.0.0.1 255.255.255.0 tunnel-protocol gresource 10.0.0.1destination 11.0.0.1
#
returnR8:
[r8-Tunnel0/0/0]dis this
[V200R003C00]
#
interface Tunnel0/0/0ip address 18.0.0.2 255.255.255.0 tunnel-protocol gresource 11.0.0.1destination 10.0.0.1
#
return[r1-Tunnel0/0/0]ping -a 18.0.0.1 18.0.0.2PING 18.0.0.2: 56 data bytes, press CTRL_C to breakReply from 18.0.0.2: bytes=56 Sequence=1 ttl=255 time=90 msReply from 18.0.0.2: bytes=56 Sequence=2 ttl=255 time=40 msReply from 18.0.0.2: bytes=56 Sequence=3 ttl=255 time=50 msReply from 18.0.0.2: bytes=56 Sequence=4 ttl=255 time=40 msReply from 18.0.0.2: bytes=56 Sequence=5 ttl=255 time=60 ms--- 18.0.0.2 ping statistics ---5 packet(s) transmitted5 packet(s) received0.00% packet lossround-trip min/avg/max = 40/56/90 msR1:
[r1]ip route-static 192.168.2.0 24 18.0.0.2----在R1上配置静态指向隧道对端的入口地址R8:
[r8]ip route-static 192.168.1.0 24 18.0.0.1----在R8上配置静态指向隧道对端的入口地址[r1]ping -a 192.168.1.1 192.168.2.1PING 192.168.2.1: 56 data bytes, press CTRL_C to breakReply from 192.168.2.1: bytes=56 Sequence=1 ttl=255 time=70 msReply from 192.168.2.1: bytes=56 Sequence=2 ttl=255 time=50 msReply from 192.168.2.1: bytes=56 Sequence=3 ttl=255 time=50 msReply from 192.168.2.1: bytes=56 Sequence=4 ttl=255 time=50 msReply from 192.168.2.1: bytes=56 Sequence=5 ttl=255 time=60 ms--- 192.168.2.1 ping statistics ---5 packet(s) transmitted5 packet(s) received0.00% packet lossround-trip min/avg/max = 50/56/70 ms
