华为 bgp案例
1、实验拓扑图
2、实验步骤
1、配置设备的ip地址
1、R1 sys sysname R1 [R1] int g0/0/0 [R1] ip add 10.0.12.1 24 [R1] undo shut [R1] int g0/0/1 [R1] ip add 10.0.13.1 24 [R1] int loop0 [R1] ip add 1.1.1.1 32 2、R2 sys sysname R2 [R2] int g0/0/0 [R2] ip add 10.0.12.2 24 [R2] int g0/0/1 [R2] ip add 10.0.24.2 24 [R2] int loop0 [R2] ip add 2.2.2.2 32 3、R3 sys sysname R3 [R3] int g0/0/0 [R3] ip add 10.0.13.3 24 [R3] int g0/0/1 [R3] ip add 10.0.34.3 24 [R3] int loop0 [R3] ip add 3.3.3.3 32 4、R4 sys sysname R4 [R4] int g0/0/0 [R4] ip add 10.0.24.4 24 [R4] int g0/0/1 [R4] ip add 10.0.34.4 24 [R4] int loop0 [R4] ip add 4.4.4.4 32
2、配置OSPF协议,使内网可互访
R2 [R2] ospf 1 [R2] area 0 [R2] network 10.0.24.0 0.0.0.255 [R2] network 2.2.2.2 0.0.0.0 R3 [R3] ospf 1 [R3] area 0 [R3] network 10.0.34.0 0.0.0.255 [R3] network 3.3.3.3 0.0.0.0 R4 [R4] ospf 1 [R4] area 0 [R4] network 10.0.24.0 0.0.0.255 [R4] network 10.0.34.0 0.0.0.255 [R4] network 4.4.4.4 0.0.0.0
3、配置BGP
[R1] bgp 100 [R1] router-id 1.1.1.1 [R1] peer 10.0.12.2 as-number 200 [R1] peer 10.0.13.3 as-number 200 [R1] network 1.1.1.1 32 [R2] bgp 200 [R2] router-id 2.2.2.2 [R2] peer 10.0.12.1 as-number 100 [R2] peer 10.0.24.4 as-number 200 [R2] peer 10.0.24.4 next-hop-local [R3] import-route ospf 1 [R3] bgp 200 [R3] router-id 3.3.3.3 [R3] peer 10.0.13.1 as-number 100 [R3] peer 10.0.34.4 as-number 200 [R3] peer 10.0.34.4 next-hop-local [R3] import-route ospf 1 [R4] bgp 200 [R4] router-id 4.4.4.4 [R4] peer 10.0.24.2 as-number 200 [R4] peer 10.0.34.3 as-number 200 [R4] network 4.4.4.4 32
4、查看BGP路由
[R1] dis bgp routing-table [R1] dis ip routing-table [R1] dis ospf routing
5、使用BGP属性控制选路
从R4到R1的通信,通过R3来传递
方法1:修改本地优先级(local-preference属性),默认值100,越大越优先
1、修改 [R3] route-policy lop permit node 10 [R3] apply local-preference 222 [R3] bgp 200 [R3] peer 10.0.34.4 route-policy lop export
2、查看 [R4] dis bgp routing-table
方法2:修改AS-PATH属性,越小越优先
1、删除前面的路由策略 [R3] bgp 200 [R3] undo peer 10.0.34.4 route-policy lop export
2、修改 [R2] route-policy as permit node 10 [R2] apply as-path 123 123 123 additive [R2] bgp 200 [R2] peer 10.0.24.4 route-policy as export
3、刷新bgp路由表 <R2> reset bgp all
4、查看 [R4] dis bgp routing-table 5、注意:方法1和方法2,修改的是从R4到R1的通信
方法3:修改MED属性,越小越优先
1、删除前面的路由策略 [R2] bgp 200 [R2] undo peer 10.0.24.4 route-policy as export
2、修改 [R2] route-policy med permit node 10 [R2] apply cost + 500 [R2] bgp 200 [R2] peer 10.0.12.1 route-policy med export
3、刷新bgp路由表 <R2> reset bgp all
4、查看 [R1] dis bgp routing-table
5、注意:方法3,修改的是从R1到R4的通信
案例二:
步骤:
1、添加静态路由
[R1] ip route-static 2.2.2.2 255.255.255.255 10.0.11.2 [R2] ip route-static 1.1.1.1 255.255.255.255 10.0.11.1 ip route-static 3.3.3.3 255.255.255.255 10.0.22.3 [R3] ip route-static 2.2.2.2 255.255.255.255 10.0.22.2 2、配置BGP [R1] bgp 100 [R1] router-id 1.1.1.1 [R1] peer 2.2.2.2 as-number 200 [R1] peer 2.2.2.2 ebgp-max-hop 10 [R1] peer 2.2.2.2 connect-interface LoopBack0 [R1] network 192.168.1.0 24 [R2] bgp 200 [R2] router-id 2.2.2.2 [R2] peer 1.1.1.1 as-number 100 [R2] peer 1.1.1.1 ebgp-max-hop 10 [R2] peer 1.1.1.1 connect-interface LoopBack0 [R2] peer 3.3.3.3 as-number 300 [R2] peer 3.3.3.3 ebgp-max-hop 20 [R2] peer 3.3.3.3 connect-interface LoopBack0 [R3] bgp 300 [R3] router-id 3.3.3.3 [R3] peer 2.2.2.2 as-number 200 [R3] peer 2.2.2.2 ebgp-max-hop 20 [R3] peer 2.2.2.2 connect-interface LoopBack0 [R3] network 192.168.2.0 24
案例3
步骤
1、配置vlan和ip地址 sysname SW1 [SW1] vlan10 [SW1] vlan100 [SW1] interface vlan10 [SW1] ip add 192.168.10.1 24 [SW1] interface vlan 100 [SW1] ip add 192.168.1.2 24 [SW1] interface g0/0/1 [SW1] port link-type access [SW1] port default vlan 100 [SW1] interface g0/0/2 [SW1] port link-type access [SW1] port default vlan 10 sysname SW2 [SW2] vlan10 [SW2] vlan100 [SW2] interface vlan10 [SW2] ip add 192.168.11.1 24 [SW2] interface vlan 100 [SW2] ip add 192.168.2.2 24 [SW2] interface g0/0/1 [SW2] port link-type access [SW2] port default vlan 100 [SW2] interface g0/0/2 [SW2] port link-type access [SW2] port default vlan 10 2、添加静态路由 [SW1] ip route-static 192.168.11.0 255.255.255.0 192.168.1.1 出方向 [R1] ip route-static 192.168.10.0 255.255.255.0 192.168.1.2 入方向 [SW2] ip route-static 192.168.10.0 255.255.255.0 192.168.2.1 出方向 [R2] ip route-static 192.168.11.0 255.255.255.0 192.168.2.2 入方向
4、vpn实例
配置 sysname R1 [R1] ip vpn-instance aa route-distinguisher 1:1 vpn-target 1:1 [R1] ip vpn-instance bb route-distinguisher 2:2 vpn-target 2:2 [R1] inter g0/0/0 ip add 1.1.1.1 30 [R1] inter g0/0/1 ip binding vpn-instance aa ip add 192.168.1.0 24 [R1] inter g0/0/2 ip binding vpn-instance bb ip add 192.168.2.0 24 sysname R2 [R2] ip vpn-instance cc route-distinguisher 3:3 vpn-target 3:3 [R2] inter g0/0/0 ip add 1.1.1.2 30 [R2] inter g0/0/1 ip binding vpn-instance cc ip add 192.168.3.0 24 1.0网段路由 [R1] ip route-static 192.168.1.0 24 vpn-instance aa 192.168.1.2 入方向 [R1] ip route-static vpn-instance aa 192.168.3.0 24 1.1.1.2 public 出方向 3.0网络路由 [R2] ip route-static 192.168.3.0 24 vpn-instance cc 192.168.3.2 人方向 [R2] ip route-static vpn-instance cc 192.168.1.0 24 1.1.1.1 public 出方向 vpn之间的路由 [R1] ip route-static vpn-instance aa 192.168.2.0 24 vpn-instance bb 192.168.2.2 出方向 [R1] ip route-static vpn-instance bb 192.168.1.0 24 vpn-instance aa 192.168.1.2 出方向
5、bgp + vpn
1、北京接入交换机 sysname SW1 [SW1] vlan 10 ip add 10.10.10.1 24 [SW1] vlan 20 ip add 10.10.20.1 24 [SW1] inter g0/0/1 port link-type trunk port trunk allow-pass vlan 10 20 [SW1] inter g0/0/10 port link-type access port default vlan 10 [SW1] inter g0/0/20 port link-type access port default vlan 20 [SW1] lldp enable [SW1] ip route-static 10.11.10.0 255.255.255.0 10.10.10.2 管理路由 ip route-static 10.11.20.0 255.255.255.0 10.10.20.2 业务路由 -------------------------------------------------------------------------- 2、天津接入交换机 sysnaem SW3 [SW3] vlan 10 ip add 10.11.10.1 24 [SW3] vlan 20 ip add 10.11.20.1 24 [SW3] inter g0/0/1 port link-type trunk port trunk allow-pass vlan 10 20 [SW3] inter g0/0/10 port link-type access port default vlan 10 [SW3] inter g0/0/20 port link-type access port default vlan 20 [SW3] lldp enable [SW3] ip route-static 10.10.10.0 255.255.255.0 10.11.10.2 管理路由 ip route-static 10.10.20.0 255.255.255.0 10.11.20.2 业务路由 ------------------------------------------------------------------------- 3、北京汇聚交换机 sysname SW2 [SW2] vlan 10 ip add 10.10.10.2 24 [SW2] vlan 20 ip add 10.10.20.2 24 [SW2] vlan 100 ip add 10.10.100.1 30 [SW2] vlan 200 ip add 10.10.200.1 30 [SW2] inter g0/0/1 port link-type trunk port trunk allow-pass vlan 2 to 4094 [SW2] inter g0/0/3 port link-type trunk port trunk allow-pass vlan 2 to 4094 [SW2] lldp enable [SW2] ip route-static 10.11.10.0 255.255.255.0 10.10.100.2 ip route-static 10.11.20.0 255.255.255.0 10.10.200.2 ------------------------------------------------------------------ 4、天津汇聚交换机 sysname SW4 [SW4] vlan 10 ip add 10.11.10.2 24 [SW4] vlan 20 ip add 10.11.20.2 24 [SW4] vlan 100 ip add 10.11.100.1 30 [SW4] vlan 200 ip add 10.11.200.1 30 [SW4] inter g0/0/1 port link-type trunk port trunk allow-pass vlan 2 to 4094 [SW4] inter g0/0/3 port link-type trunk port trunk allow-pass vlan 2 to 4094 [SW4] lldp enable [SW4] ip route-static 10.10.10.0 255.255.255.0 10.11.100.2 ip route-static 10.10.20.0 255.255.255.0 10.11.200.2 ---------------------------------------------------------- 5、北京路由器 sysname R1 [R1] ip vpn-instance video route-distinguisher 100:1 vpn-target 100:1 [R1] mpls lsr-id 1.1.1.1 mpls mpls ldp [R1] inter g0/0/0.100 dot1q termination vid 100 ip add 10.10.100.2 30 arp broadcast enable [R1] inter g0/0/0.200 dot1q termination vid 200 ip binding vpn-instance video ip add 10.10.200.2 30 arp broadcast enable [R1] inter g0/0/2 ip add 30.0.0.1 30 mpls mpls ldp [R1] inter LoopBack 0 ip add 1.1.1.1 32 [R1] lldp enable [R1] bgp 100 router-id 1.1.1.1 peer 2.2.2.2 as-number 100 peer 2.2.2.2 connect-interface LoopBack0 ipv4-family vpnv4 policy vpn-target peer 2.2.2.2 enable ipv4-family vpn-instance video import-route static [R1] ospf 1 router-id 1.1.1.1 import-route static cost 10 type 1 silent-interface LoopBack0 area 0.0.0.0 network 1.1.1.1 0.0.0.0 network 10.10.100.2 0.0.0.0 network 30.0.0.1 0.0.0.0 [R1] ip route-static 10.10.10.0 24 10.10.100.1 ip route-static vpn-instance video 10.10.20.0 255.255.255.0 10.10.200.1 --------------------------------------------------------------------------------- 6、天津路由器 sysname R2 [R2] ip vpn-instance video route-distinguisher 100:1 vpn-target 100:1 [R2] mpls lsr-id 2.2.2.2 mpls mpls ldp [R2] inter g0/0/0.100 dot1q termination vid 100 ip add 10.11.100.2 30 arp broadcast enable [R2] inter g0/0/0.200 dot1q termination vid 200 ip binding vpn-instance video ip add 10.11.200.2 30 arp broadcast enable [R2] inter g0/0/2 ip add 30.0.0.2 30 mpls mpls ldp [R2] inter LoopBack 0 ip add 2.2.2.2 32 [R2] lldp enable [R2] bgp 100 router-id 2.2.2.2 peer 1.1.1.1 as-number 100 peer 1.1.1.1 connect-interface LoopBack0 ipv4-family vpnv4 policy vpn-target peer 1.1.1.1 enable ipv4-family vpn-instance video import-route static [R2] ospf 1 router-id 2.2.2.2 import-route static cost 10 type 1 silent-interface LoopBack0 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 30.0.0.2 0.0.0.0 network 10.11.100.2 0.0.0.0 [R2] ip route-static 10.11.10.0 24 10.11.100.1 [R2] ip route-static vpn-instance video 10.11.20.0 255.255.255.0 10.11.200.1
QQ:328864113 微信:wuhg2008
