实验练习:
如图配置:两BGP自治系统,要求建立相关BGP邻居关系
1. 建立BGP邻居关系 要求使用BGP对等体组完成(IBGP要求使用loopback接口作为TCP建立的源接口) 2. R3 R4 R5 分别起源两BGP路由信息(保证BGP路由互通) 3. AS 65002中不能够存在 172网络的5网段,可以存在192网络的5网段(但起源属性为incomeplete) 4. AS 65001中不能存在 起源于 AS 65002中172网络的路由,其他路由正常学习步骤:
1、 完成基本的配置
2、 AS 65002完成OSPF单区域的配置
[RT1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[RT1-ospf-1-area-0.0.0.0]network 10.1.12.1 0.0.0.0
[RT1-ospf-1-area-0.0.0.0]network 10.1.15.1 0.0.0.0
[RT2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[RT2-ospf-1-area-0.0.0.0]network 10.1.12.2 0.0.0.0
[RT2-ospf-1-area-0.0.0.0]network 10.1.25.2 0.0.0.0
[RT2-ospf-1-area-0.0.0.0]network 10.1.23.1 0.0.0.0
[RT5-ospf-1-area-0.0.0.0]network 5.5.5.5 0.0.0.0
[RT5-ospf-1-area-0.0.0.0]network 10.1.15.2 0.0.0.0
[RT3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[RT3-ospf-1-area-0.0.0.0]network 10.1.23.2 0.0.0.0
3、 完成BGP对等体关系配置
[RT4-bgp]group ex external
[RT4-bgp]peer 10.1.14.2 group ex as-number 65002
[RT1-bgp]group ex external
[RT1-bgp]group in internal
[RT1-bgp]peer 10.1.14.1 group ex as-number 65001
[RT1-bgp]peer 2.2.2.2 group in as 65002
[RT1-bgp]peer 5.5.5.5 group in as 65002
[RT1-bgp]peer 3.3.3.3 group in as 65002
[RT1-bgp]peer in connect-interface LoopBack 1
[RT2-bgp]group in internal
[RT2-bgp]peer 1.1.1.1 group in as 65002
[RT2-bgp]peer 5.5.5.5 group in as 65002
[RT2-bgp]peer 3.3.3.3 group in as 65002
[RT2-bgp]peer in connect-interface LoopBack 1
[RT5-bgp]peer 1.1.1.1 group in as 65002
[RT5-bgp]peer 2.2.2.2 group in as 65002
[RT5-bgp]peer in connect-interface LoopBack 1
[RT3-bgp]group in internal
[RT3-bgp]peer 2.2.2.2 group in as 65002
[RT3-bgp]peer 5.5.5.5 group in as 65002
[RT3-bgp]peer 1.1.1.1 group in as 65002
[RT3-bgp]peer in connect-interface LoopBack 1
4、 注入BGP业务流
[RT4-bgp]network 172.16.4.100 32
[RT4-bgp]network 192.168.4.100 32
[RT5-bgp]network 172.16.5.100 32
[RT5-bgp]network 192.168.5.100 32
[RT3-bgp]network 172.16.3.100 32
[RT3-bgp]network 192.168.3.100 32
[RT1-bgp]peer in next-hop-local
5、 过滤172的网段,并修改192的5网段的源属
[RT5]ip ip-prefix filter_a permit 172.168.5.100 32
[RT5]ip ip-prefix filter_b permit 192.168.5.100 32
[RT5]route-policy filter_a deny node 10
[RT5-route-policy]if-match ip-prefix filter_a
[RT5]route-policy filter_a permit node 20
[RT5-route-policy]if-match ip-prefix filter_b
[RT5-route-policy]apply origin incomplete
[RT5]route-policy filter_a permit node 30
[RT5-bgp]peer in route-policy filter_a export
6、 过滤AS65002发布的172网段的路由
[RT4-acl-basic-2000]rule deny source 172.16.0.0 0.0.255.255
[RT4-acl-basic-2000]rule permit
[RT4-bgp]peer ex filter-policy 2000 import
7、 测试
查看RT2的BGP路由表
查看RT4的IP 路由表的BGP路由条目