要求:
1.AS1存在两个环回,一个地址为192.168.1.0/24该地址不能在任何协议中宣告
AS3存在两个环回,一个地址为192.168.2.0/24该地址不能在任何协议中宣告
最终要求这两个环回可以互相通讯
AS的另一个环回为10.1.1.0/24,AS3的另一个环回为10.1.2.0/24
2.整个AS2的IP地址为172.16.0.0进行合理划分
3.AS的骨干链路IP地址随意定制
4.使用BGP协议让整个网络所有设备的环回可以相互访问
5.减少路由条目,避免环路出现
配置思路:
1.划分并配置IP地址 2.AS2区域用ospf建立邻居
R2 ospf 1 router-id 2.2.2.2 area 0.0.0.0 network 172.16.1.1 0.0.0.0 network 172.16.2.1 0.0.0.0 network 172.16.6.1 0.0.0.0 R3 ospf 1 router-id 3.3.3.3 area 0.0.0.0 network 172.16.2.2 0.0.0.0 network 172.16.3.1 0.0.0.0 network 172.16.4.1 0.0.0.0 R4 ospf 1 router-id 4.4.4.4 area 0.0.0.0 network 172.16.4.2 0.0.0.0 network 172.16.5.1 0.0.0.0 network 172.16.134.1 0.0.0.0 R5 ospf 1 router-id 5.5.5.5 area 0.0.0.0 network 172.16.6.2 0.0.0.0 network 172.16.129.1 0.0.0.0 network 172.16.130.1 0.0.0.0 R6 ospf 1 router-id 6.6.6.6 area 0.0.0.0 network 172.16.130.2 0.0.0.0 network 172.16.131.1 0.0.0.0 network 172.16.132.1 0.0.0.0 R7 ospf 1 router-id 7.7.7.7 area 0.0.0.0 network 172.16.132.2 0.0.0.0 network 172.16.133.1 0.0.0.0 network 172.16.134.2 0.0.0.0 3.建立BGP邻居,宣告路由 R1 bgp 1 router-id 1.1.1.1 peer 12.1.1.2 as-number 2 network 10.1.1.0 255.255.255.0 R2 bgp 64172 router-id 2.2.2.2 confederation id 2 生明本地的大AS confederation peer-as 64513 告知本地直连的其他小AS号,若没有直连到其他小AS不用配置 peer 12.1.1.1 as-number 1 peer 172.16.3.1 as-number 64172 小AS间的BGP设备需要告知对端的小AS号 peer 172.16.3.1 connect-interface LoopBack1 采用环回建邻 peer 172.16.3.1 next-hop-local 将路由传递给本地的邻居时修改下一跳地址为本地与建立邻居关系的源ip地址 peer 172.16.129.1 as-number 64513 peer 172.16.129.1 ebgp-max-hop 255 修改TTL值,否则无法建立邻居 peer 172.16.129.1 connect-interface LoopBack1 network 172.16.1.0 255.255.255.0 R3 bgp 64172 router-id 3.3.3.3 confederation id 2 peer 172.16.1.1 as-number 64172 peer 172.16.1.1 connect-interface LoopBack1 peer 172.16.1.1 reflect-client 应用路由反射器打破IBGP水平分割 peer 172.16.5.1 as-number 64172 peer 172.16.5.1 connect-interface LoopBack1 network 172.16.3.0 255.255.255.0 R4 bgp 64172 router-id 4.4.4.4 confederation id 2 confederation peer-as 64513 peer 172.16.3.1 as-number 64172 peer 172.16.3.1 connect-interface LoopBack1 peer 172.16.133.1 as-number 64513 peer 172.16.133.1 ebgp-max-hop 255 peer 172.16.133.1 connect-interface LoopBack1 network 172.16.5.0 255.255.255.0 R5 bgp 64513 router-id 5.5.5.5 confederation id 2 confederation peer-as 64172 peer 172.16.1.1 as-number 64172 peer 172.16.1.1 ebgp-max-hop 255 peer 172.16.1.1 connect-interface LoopBack1 peer 172.16.131.1 as-number 64513 peer 172.16.131.1 connect-interface LoopBack1 peer 172.16.131.1 reflect-client network 172.16.129.0 255.255.255.0 R6 bgp 64513 router-id 6.6.6.6 confederation id 2 peer 172.16.129.1 as-number 64513 peer 172.16.129.1 connect-interface LoopBack1 peer 172.16.133.1 as-number 64513 peer 172.16.133.1 connect-interface LoopBack1 network 172.16.131.0 255.255.255.0 R7 bgp 64513 router-id 7.7.7.7 confederation id 2 confederation peer-as 64172 peer 78.1.1.2 as-number 3 peer 172.16.5.1 as-number 64172 peer 172.16.5.1 ebgp-max-hop 255 peer 172.16.5.1 connect-interface LoopBack1 peer 172.16.131.1 as-number 64513 peer 172.16.131.1 connect-interface LoopBack1 peer 172.16.131.1 next-hop-local network 172.16.133.0 255.255.255.0 R8 bgp 3 router-id 8.8.8.8 peer 78.1.1.1 as-number 2 network 10.1.2.0 255.255.255.0 4.路由汇总 1.先逐条宣告所有的明细路由 2.再在更新源路由上进行聚合配置,自动产生空接口防环路由 [r2-bgp]aggregate 172.16.0.0 16 此时聚合与所有明细条目均传递 [r2-bgp]aggregate 172.16.0.0 detail-suppressed 仅传递聚合条目,所有明细路由被抑制 R7也需配置 4.应用GRE,并配置静态路由实现,R1环回10.1.1.1与R8环回10.1.2.1互通 R1 interface Tunnel0/0/0 ip address 192.168.3.1 255.255.255.0 tunnel-protocol gre source 10.1.1.1 destination 10.1.2.1 ip route-static 192.168.2.0 255.255.255.0 10.1.2.1 R8 interface Tunnel0/0/0 ip address 192.168.3.2 255.255.255.0 tunnel-protocol gre source 10.1.2.1 destination 10.1.1.1 ip route-static 192.168.1.0 255.255.255.0 10.1.1.1
测试:
