终于完成了sybex的bgp的实验。想象8台跑着bgp的7200,只能屈就在我的sp2800+和1g ddr400里。不过若是真实的环境,估计这辈子也没多少机会用上。
拓扑图我就不画了(主要是懒),描述如下:
R1到R7的连接为:R(n)的S1/1连接R(n+1)的S1/0。R8的S1/2与R2的S1/2通过frame-relay连接。
R(n)的lo0的ip为n.n.n.n
R1#show run
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
ip address 192.168.24.1 255.255.255.0
!
interface Loopback2
ip address 192.168.30.1 255.255.255.0
!
ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
ip address 192.168.24.1 255.255.255.0
!
interface Loopback2
ip address 192.168.30.1 255.255.255.0
!
interface Serial1/1
description DCE,BGP 100,R2's S1/0,ip 10.1.255.2/30
ip address 10.1.255.1 255.255.255.252
clock rate 64000
!
description DCE,BGP 100,R2's S1/0,ip 10.1.255.2/30
ip address 10.1.255.1 255.255.255.252
clock rate 64000
!
router bgp 100
no synchronization
network 1.1.1.1 mask 255.255.255.255
network 10.1.255.0 mask 255.255.255.252
network 192.168.24.0
network 192.168.30.0
neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 ebgp-multihop 2
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
ip route 2.2.2.2 255.255.255.255 Serial1/1
no synchronization
network 1.1.1.1 mask 255.255.255.255
network 10.1.255.0 mask 255.255.255.252
network 192.168.24.0
network 192.168.30.0
neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 ebgp-multihop 2
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
ip route 2.2.2.2 255.255.255.255 Serial1/1
#####
R2#show run
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Loopback1
ip address 192.168.100.1 255.255.255.0
!
interface Serial1/0
description DTE,BGP 200 mAS 65000,R1's S1/1,ip 10.1.255.1/30
ip address 10.1.255.2 255.255.255.252
!
interface Serial1/1
description DCE,BGP 200 mAS 65000,R3's S1/0,ip 10.1.255.6/30
ip address 10.1.255.5 255.255.255.252
clock rate 64000
!
interface Serial1/2
no ip address
encapsulation frame-relay
!
interface Serial1/2.1 point-to-point
description FR,BGP 200 mAS 65000,R8's S1/2.1,ip 10.1.255.26/30
ip address 10.1.255.25 255.255.255.252
frame-relay interface-dlci 208
!
ip address 2.2.2.2 255.255.255.255
!
interface Loopback1
ip address 192.168.100.1 255.255.255.0
!
interface Serial1/0
description DTE,BGP 200 mAS 65000,R1's S1/1,ip 10.1.255.1/30
ip address 10.1.255.2 255.255.255.252
!
interface Serial1/1
description DCE,BGP 200 mAS 65000,R3's S1/0,ip 10.1.255.6/30
ip address 10.1.255.5 255.255.255.252
clock rate 64000
!
interface Serial1/2
no ip address
encapsulation frame-relay
!
interface Serial1/2.1 point-to-point
description FR,BGP 200 mAS 65000,R8's S1/2.1,ip 10.1.255.26/30
ip address 10.1.255.25 255.255.255.252
frame-relay interface-dlci 208
!
router bgp 65000
no synchronization
bgp confederation identifier 200
bgp confederation peers 65001 65002
network 2.2.2.2 mask 255.255.255.255
network 10.1.255.4 mask 255.255.255.252
network 10.1.255.24 mask 255.255.255.252
network 192.168.100.0
neighbor peer_group peer-group
neighbor peer_group remote-as 65000
neighbor peer_group update-source Loopback0
neighbor peer_group route-reflector-client
neighbor peer_group next-hop-self
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback0
neighbor 3.3.3.3 peer-group peer_group
neighbor 8.8.8.8 remote-as 65000
neighbor 8.8.8.8 update-source Loopback0
neighbor 8.8.8.8 route-reflector-client
neighbor 8.8.8.8 next-hop-self
neighbor 8.8.8.8 distribute-list sybex_bgp_R2_dl out
no auto-summary
!
ip route 1.1.1.1 255.255.255.255 Serial1/0
ip route 3.3.3.3 255.255.255.255 Serial1/1
ip route 8.8.8.8 255.255.255.255 Serial1/2.1
!
ip access-list standard sybex_bgp_R2_dl
deny 192.168.24.0 0.0.0.255
permit any
!
no synchronization
bgp confederation identifier 200
bgp confederation peers 65001 65002
network 2.2.2.2 mask 255.255.255.255
network 10.1.255.4 mask 255.255.255.252
network 10.1.255.24 mask 255.255.255.252
network 192.168.100.0
neighbor peer_group peer-group
neighbor peer_group remote-as 65000
neighbor peer_group update-source Loopback0
neighbor peer_group route-reflector-client
neighbor peer_group next-hop-self
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback0
neighbor 3.3.3.3 peer-group peer_group
neighbor 8.8.8.8 remote-as 65000
neighbor 8.8.8.8 update-source Loopback0
neighbor 8.8.8.8 route-reflector-client
neighbor 8.8.8.8 next-hop-self
neighbor 8.8.8.8 distribute-list sybex_bgp_R2_dl out
no auto-summary
!
ip route 1.1.1.1 255.255.255.255 Serial1/0
ip route 3.3.3.3 255.255.255.255 Serial1/1
ip route 8.8.8.8 255.255.255.255 Serial1/2.1
!
ip access-list standard sybex_bgp_R2_dl
deny 192.168.24.0 0.0.0.255
permit any
!
#####
R3#show run
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ip address 3.3.3.3 255.255.255.255
!
interface Serial1/0
description DTE,BGP 200 mAS 65000,R2's S1/1,ip 10.1.255.5/30
ip address 10.1.255.6 255.255.255.252
!
interface Serial1/1
description DCE,BGP 200 mAS 65000,R4's S1/0,ip 10.1.255.10/30
ip address 10.1.255.9 255.255.255.252
clock rate 64000
!
interface Serial1/0
description DTE,BGP 200 mAS 65000,R2's S1/1,ip 10.1.255.5/30
ip address 10.1.255.6 255.255.255.252
!
interface Serial1/1
description DCE,BGP 200 mAS 65000,R4's S1/0,ip 10.1.255.10/30
ip address 10.1.255.9 255.255.255.252
clock rate 64000
!
router bgp 65000
no synchronization
bgp confederation identifier 200
bgp confederation peers 65001 65002
network 3.3.3.3 mask 255.255.255.255
network 10.1.255.4 mask 255.255.255.252
network 10.1.255.8 mask 255.255.255.252
neighbor 2.2.2.2 remote-as 65000
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 4.4.4.4 remote-as 65001
neighbor 4.4.4.4 ebgp-multihop 2
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 next-hop-self
no auto-summary
!
ip route 2.2.2.2 255.255.255.255 Serial1/0
ip route 4.4.4.4 255.255.255.255 Serial1/1
ip route 8.8.8.8 255.255.255.255 Serial1/0
no synchronization
bgp confederation identifier 200
bgp confederation peers 65001 65002
network 3.3.3.3 mask 255.255.255.255
network 10.1.255.4 mask 255.255.255.252
network 10.1.255.8 mask 255.255.255.252
neighbor 2.2.2.2 remote-as 65000
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 4.4.4.4 remote-as 65001
neighbor 4.4.4.4 ebgp-multihop 2
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 next-hop-self
no auto-summary
!
ip route 2.2.2.2 255.255.255.255 Serial1/0
ip route 4.4.4.4 255.255.255.255 Serial1/1
ip route 8.8.8.8 255.255.255.255 Serial1/0
!
#####
R4#show run
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface Loopback1
ip address 192.168.200.1 255.255.255.0
!
interface Serial1/0
description DTE,BGP 200 mAS 65001,R3's S1/1,ip 10.1.255.9/30
ip address 10.1.255.10 255.255.255.252
!
interface Serial1/1
description DCE,BGP 200 mAS 65001,R5's S1/0,ip 10.1.255.14/30
ip address 10.1.255.13 255.255.255.252
clock rate 64000
!
router bgp 65001
no synchronization
bgp confederation identifier 200
bgp confederation peers 65000 65002
network 4.4.4.4 mask 255.255.255.255
network 10.1.255.8 mask 255.255.255.252
network 10.1.255.12 mask 255.255.255.252
network 192.168.200.0
neighbor 3.3.3.3 remote-as 65000
neighbor 3.3.3.3 ebgp-multihop 2
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self
neighbor 5.5.5.5 remote-as 65002
neighbor 5.5.5.5 ebgp-multihop 2
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 next-hop-self
no auto-summary
!
ip route 3.3.3.3 255.255.255.255 Serial1/0
ip route 5.5.5.5 255.255.255.255 Serial1/1
!
#####
ip address 4.4.4.4 255.255.255.255
!
interface Loopback1
ip address 192.168.200.1 255.255.255.0
!
interface Serial1/0
description DTE,BGP 200 mAS 65001,R3's S1/1,ip 10.1.255.9/30
ip address 10.1.255.10 255.255.255.252
!
interface Serial1/1
description DCE,BGP 200 mAS 65001,R5's S1/0,ip 10.1.255.14/30
ip address 10.1.255.13 255.255.255.252
clock rate 64000
!
router bgp 65001
no synchronization
bgp confederation identifier 200
bgp confederation peers 65000 65002
network 4.4.4.4 mask 255.255.255.255
network 10.1.255.8 mask 255.255.255.252
network 10.1.255.12 mask 255.255.255.252
network 192.168.200.0
neighbor 3.3.3.3 remote-as 65000
neighbor 3.3.3.3 ebgp-multihop 2
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self
neighbor 5.5.5.5 remote-as 65002
neighbor 5.5.5.5 ebgp-multihop 2
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 next-hop-self
no auto-summary
!
ip route 3.3.3.3 255.255.255.255 Serial1/0
ip route 5.5.5.5 255.255.255.255 Serial1/1
!
#####
R5#show run
interface Loopback0
ip address 5.5.5.5 255.255.255.255
!
interface Serial1/0
description DTE,BGP 200 mAS 65002,R4's S1/1,ip 10.1.255.13/30
ip address 10.1.255.14 255.255.255.252
!
interface Serial1/1
description DCE,BGP 200 mAS 65002,R6's S1/0,ip 10.1.255.18/30
ip address 10.1.255.17 255.255.255.252
clock rate 64000
!
router bgp 65002
no synchronization
bgp confederation identifier 200
bgp confederation peers 65000 65001
network 5.5.5.5 mask 255.255.255.255
network 10.1.255.12 mask 255.255.255.252
network 10.1.255.16 mask 255.255.255.252
neighbor 4.4.4.4 remote-as 65001
neighbor 4.4.4.4 ebgp-multihop 2
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 next-hop-self
neighbor 4.4.4.4 prefix-list sybex_bgp_R5_pl out
neighbor 6.6.6.6 remote-as 65002
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 next-hop-self
no auto-summary
!
ip route 4.4.4.4 255.255.255.255 Serial1/0
ip route 6.6.6.6 255.255.255.255 Serial1/1
!
ip prefix-list sybex_bgp_R5_pl seq 10 deny 192.168.15.0/24 le 32
ip prefix-list sybex_bgp_R5_pl seq 20 permit 0.0.0.0/0 le 32
!
ip address 5.5.5.5 255.255.255.255
!
interface Serial1/0
description DTE,BGP 200 mAS 65002,R4's S1/1,ip 10.1.255.13/30
ip address 10.1.255.14 255.255.255.252
!
interface Serial1/1
description DCE,BGP 200 mAS 65002,R6's S1/0,ip 10.1.255.18/30
ip address 10.1.255.17 255.255.255.252
clock rate 64000
!
router bgp 65002
no synchronization
bgp confederation identifier 200
bgp confederation peers 65000 65001
network 5.5.5.5 mask 255.255.255.255
network 10.1.255.12 mask 255.255.255.252
network 10.1.255.16 mask 255.255.255.252
neighbor 4.4.4.4 remote-as 65001
neighbor 4.4.4.4 ebgp-multihop 2
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 next-hop-self
neighbor 4.4.4.4 prefix-list sybex_bgp_R5_pl out
neighbor 6.6.6.6 remote-as 65002
neighbor 6.6.6.6 update-source Loopback0
neighbor 6.6.6.6 next-hop-self
no auto-summary
!
ip route 4.4.4.4 255.255.255.255 Serial1/0
ip route 6.6.6.6 255.255.255.255 Serial1/1
!
ip prefix-list sybex_bgp_R5_pl seq 10 deny 192.168.15.0/24 le 32
ip prefix-list sybex_bgp_R5_pl seq 20 permit 0.0.0.0/0 le 32
!
#####
R6#show run
interface Loopback0
ip address 6.6.6.6 255.255.255.255
!
interface Loopback1
ip address 192.168.15.1 255.255.255.0
!
interface Serial1/0
description DTE,BGP 200 mAS 65002,R5's S1/1,ip 10.1.255.17/30
ip address 10.1.255.18 255.255.255.252
!
interface Serial1/1
description DCE,BGP 200 mAS 65002,R7's S1/0,ip 10.1.255.22/30
ip address 10.1.255.21 255.255.255.252
clock rate 64000
!
router bgp 65002
no synchronization
bgp confederation identifier 200
bgp confederation peers 65000 65001
network 6.6.6.6 mask 255.255.255.255
network 10.1.255.16 mask 255.255.255.252
network 10.1.255.20 mask 255.255.255.252
network 192.168.15.0
neighbor 5.5.5.5 remote-as 65002
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 next-hop-self
neighbor 7.7.7.7 remote-as 300
neighbor 7.7.7.7 ebgp-multihop 2
neighbor 7.7.7.7 update-source Loopback0
neighbor 7.7.7.7 route-map sybex_bgp_R6_rm in
no auto-summary
!
ip route 5.5.5.5 255.255.255.255 Serial1/0
ip route 7.7.7.7 255.255.255.255 Serial1/1
!
access-list 10 permit 192.168.1.0 0.0.0.255
route-map sybex_bgp_R6_rm permit 10
match ip address 10
set community no-advertise
!
route-map sybex_bgp_R6_rm permit 20
!
ip address 6.6.6.6 255.255.255.255
!
interface Loopback1
ip address 192.168.15.1 255.255.255.0
!
interface Serial1/0
description DTE,BGP 200 mAS 65002,R5's S1/1,ip 10.1.255.17/30
ip address 10.1.255.18 255.255.255.252
!
interface Serial1/1
description DCE,BGP 200 mAS 65002,R7's S1/0,ip 10.1.255.22/30
ip address 10.1.255.21 255.255.255.252
clock rate 64000
!
router bgp 65002
no synchronization
bgp confederation identifier 200
bgp confederation peers 65000 65001
network 6.6.6.6 mask 255.255.255.255
network 10.1.255.16 mask 255.255.255.252
network 10.1.255.20 mask 255.255.255.252
network 192.168.15.0
neighbor 5.5.5.5 remote-as 65002
neighbor 5.5.5.5 update-source Loopback0
neighbor 5.5.5.5 next-hop-self
neighbor 7.7.7.7 remote-as 300
neighbor 7.7.7.7 ebgp-multihop 2
neighbor 7.7.7.7 update-source Loopback0
neighbor 7.7.7.7 route-map sybex_bgp_R6_rm in
no auto-summary
!
ip route 5.5.5.5 255.255.255.255 Serial1/0
ip route 7.7.7.7 255.255.255.255 Serial1/1
!
access-list 10 permit 192.168.1.0 0.0.0.255
route-map sybex_bgp_R6_rm permit 10
match ip address 10
set community no-advertise
!
route-map sybex_bgp_R6_rm permit 20
!
#####
R7#show run
interface Loopback0
ip address 7.7.7.7 255.255.255.255
!
interface Loopback1
ip address 192.168.1.1 255.255.255.0
!
interface Loopback2
ip address 192.168.10.1 255.255.255.0
!
interface Serial1/0
description DTE,BGP 300,R6's S1/1,ip 10.1.255.21/30
ip address 10.1.255.22 255.255.255.252
!
router bgp 300
no synchronization
network 7.7.7.7 mask 255.255.255.255
network 10.1.255.20 mask 255.255.255.252
network 192.168.1.0
network 192.168.10.0
neighbor 6.6.6.6 remote-as 200
neighbor 6.6.6.6 ebgp-multihop 2
neighbor 6.6.6.6 update-source Loopback0
no auto-summary
!
ip route 6.6.6.6 255.255.255.255 Serial1/0
ip address 7.7.7.7 255.255.255.255
!
interface Loopback1
ip address 192.168.1.1 255.255.255.0
!
interface Loopback2
ip address 192.168.10.1 255.255.255.0
!
interface Serial1/0
description DTE,BGP 300,R6's S1/1,ip 10.1.255.21/30
ip address 10.1.255.22 255.255.255.252
!
router bgp 300
no synchronization
network 7.7.7.7 mask 255.255.255.255
network 10.1.255.20 mask 255.255.255.252
network 192.168.1.0
network 192.168.10.0
neighbor 6.6.6.6 remote-as 200
neighbor 6.6.6.6 ebgp-multihop 2
neighbor 6.6.6.6 update-source Loopback0
no auto-summary
!
ip route 6.6.6.6 255.255.255.255 Serial1/0
#####
R8#show run
interface Loopback0
ip address 8.8.8.8 255.255.255.255
!
interface Loopback1
ip address 192.168.150.1 255.255.255.0
!
interface Serial1/2
no ip address
encapsulation frame-relay
!
interface Serial1/2.1 point-to-point
description FR,BGP 200 mAS 65000,R2's S1/2.1,ip 10.1.255.25/30
ip address 10.1.255.26 255.255.255.252
frame-relay interface-dlci 802
!
router bgp 65000
no synchronization
bgp confederation identifier 200
bgp confederation peers 65001 65002
network 8.8.8.8 mask 255.255.255.255
network 10.1.255.24 mask 255.255.255.252
network 192.168.150.0
neighbor 2.2.2.2 remote-as 65000
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
ip route 2.2.2.2 255.255.255.255 Serial1/2.1
ip route 3.3.3.3 255.255.255.255 Serial1/2.1
ip address 8.8.8.8 255.255.255.255
!
interface Loopback1
ip address 192.168.150.1 255.255.255.0
!
interface Serial1/2
no ip address
encapsulation frame-relay
!
interface Serial1/2.1 point-to-point
description FR,BGP 200 mAS 65000,R2's S1/2.1,ip 10.1.255.25/30
ip address 10.1.255.26 255.255.255.252
frame-relay interface-dlci 802
!
router bgp 65000
no synchronization
bgp confederation identifier 200
bgp confederation peers 65001 65002
network 8.8.8.8 mask 255.255.255.255
network 10.1.255.24 mask 255.255.255.252
network 192.168.150.0
neighbor 2.2.2.2 remote-as 65000
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
ip route 2.2.2.2 255.255.255.255 Serial1/2.1
ip route 3.3.3.3 255.255.255.255 Serial1/2.1
#####
Sybex的实验并不难,只是知识点考的很广。像peer group、路由反射(route-reflector)、联邦(confederation)、分配、前缀控制列表、路由图(route map),还有团体等。
值得注意的地方如下:
1、所有存在eBGP peer的speaker,包括了AS或者联邦内mini AS不相同的,若其eBGP peer使用了update-source loopback 0命令,则本speaker必须对其iBGP peer邻居使用命令neighbor *.*.*.* next-hop-self。否则会由于iBGP peer不知道如何连接到eBGP peer而无法获取其路由。
2、这里的reflector没有配置簇。正常情况下应该配置簇的。
3、团体属性比较少见,不过很有用。R6上使用了no advertise是其中一种知名属性,其余还有local等等。
本文转自 gole_huang 51CTO博客,原文链接:http://blog.51cto.com/golehuang/83859
