实验拓扑图
本实验涉及的知识点:
- 中转AS;
- 路由黑洞问题,BGP水平分割原理,如何解决路由黑洞?见3
- 逻辑全互联,指定下一跳 next-hop-local ,因为宣告路由器和接收路由器是内部对等体,且 update 消息的 NLRI 指向的是外部 AS 的目的地,那么 NEXT_HOP 是外部对等体的IP地址。也就是说R2将R1的路由器通告给R3的时候,它的下一跳地址为R1的接口IP,但R3并没有去往R1接口IP的路由,所以需要对R3进行指定下一跳,同时由于 BGP 水平分割原则,R3知道如何去往R1的路由时,它并不会传递给R4,所以此时可以进行逻辑全互联(并不是最优方案,通常可以使用 路由反射器或 BGP 联邦)
- 转发路径上的每台BGP路由器都必须知道路由器与外部对等体使用的BGP路由,也就是说转发AS内的每台路由器要知道外部BGP路由,否则无法通信。
- EBGP多跳问题(默认状态下 EBGP 之间 TTL=1)
<code>R1配置:
interface GigabitEthernet0/0/0
ip address 12.1.1.1 255.255.255.0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface LoopBack1
ip address 1.1.1.3 255.255.255.255
#
bgp 100
router-id 1.1.1.1
peer 2.2.2.2 as-number 200
peer 2.2.2.2 ebgp-max-hop 2
peer 2.2.2.2 connect-interface LoopBack0
peer 2.2.2.2 password cipher cisco
#
ipv4-family unicast
undo synchronization
network 1.1.1.3 255.255.255.255
peer 2.2.2.2 enable
#
ip route-static 2.2.2.2 255.255.255.255 12.1.1.2
#
R2配置:
interface GigabitEthernet0/0/0
ip address 12.1.1.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 23.1.1.2 255.255.255.0
ospf authentication-mode hmac-md5 1 cipher cisco
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
bgp 200
router-id 2.2.2.2
peer 1.1.1.1 as-number 100
peer 1.1.1.1 ebgp-max-hop 2
peer 1.1.1.1 connect-interface LoopBack0
peer 1.1.1.1 password cipher cisco
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
peer 3.3.3.3 enable
peer 3.3.3.3 next-hop-local
peer 4.4.4.4 enable
peer 4.4.4.4 next-hop-local
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
authentication-mode md5 1 cipher cisco
network 2.2.2.2 0.0.0.0
network 23.1.1.0 0.0.0.255
#
ip route-static 1.1.1.1 255.255.255.255 12.1.1.1
#
R3配置:
interface GigabitEthernet0/0/1
ip address 23.1.1.3 255.255.255.0
ospf authentication-mode hmac-md5 1 cipher cisco
#
interface GigabitEthernet0/0/2
ip address 34.1.1.3 255.255.255.0
ospf authentication-mode hmac-md5 1 cipher cisco
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
bgp 200
router-id 3.3.3.3
peer 2.2.2.2 as-number 200
peer 2.2.2.2 connect-interface LoopBack0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 4.4.4.4 enable
#
ospf 1 router-id 3.3.3.3
area 0.0.0.0
authentication-mode md5 1 cipher cisco
network 3.3.3.3 0.0.0.0
network 23.1.1.0 0.0.0.255
network 34.1.1.0 0.0.0.255
#
R4配置:
interface GigabitEthernet0/0/0
ip address 45.1.1.4 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 34.1.1.4 255.255.255.0
ospf authentication-mode hmac-md5 1 cipher cisco
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
bgp 200
router-id 4.4.4.4
peer 2.2.2.2 as-number 200
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
peer 45.1.1.5 as-number 300
peer 45.1.1.5 password cipher cisco
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 2.2.2.2 next-hop-local
peer 3.3.3.3 enable
peer 3.3.3.3 next-hop-local
peer 45.1.1.5 enable
#
ospf 1 router-id 4.4.4.4
area 0.0.0.0
authentication-mode md5 1 cipher cisco
network 4.4.4.4 0.0.0.0
network 34.1.1.0 0.0.0.255
#
R5配置:
interface GigabitEthernet0/0/0
ip address 45.1.1.5 255.255.255.0
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
#
bgp 300
router-id 5.5.5.5
peer 45.1.1.4 as-number 200
peer 45.1.1.4 password cipher cisco
ipv4-family unicast
undo synchronization
network 5.5.5.5 255.255.255.255
peer 45.1.1.4 enable
#/<code>
分享到:
閱讀更多 牛奶芝麻醬 的文章
