BGP综合实验
一、实验拓扑
二、实验需求
1、AS1中存在两个环回,一个地址为192.168.1.0/24,该地址不能在任何协议中宣告
AS3中存在两个环回,一个地址为192.168.2.0/24,该地址不能在任何协议中宣告,最终要求这两个环回可以ping通
2、R1-R8的建邻环回用x.x.x.x/32表示
3、整个A2的Ip地址为172.16.0.0/16,R3-R7上各有一个业务网段,请合理划分;并且其内部配置osPF协议
4、AS间的骨干链路IP地址随意定制;
5、使用BGP协议让整个网络所有设备的环回可以互相访问;
6、减少路由条目数量,避免环路出现;
三、实验配置
1、配置IP地址
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 12.1.1.1 24
[R1-LoopBack0]ip add 1.1.1.1 32
[R1-LoopBack1]ip add 192.168.1.1 24
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add 12.1.1.2 24
[R2]int g0/0/1
[R2-GigabitEthernet0/0/1]ip add 172.16.1.1 30
[R2-GigabitEthernet0/0/2]ip add 172.16.1.21 30
[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip add 172.16.1.2 30
[R3-GigabitEthernet0/0/1]ip add 172.16.1.5 30
[R3-LoopBack0]ip add 3.3.3.3 32
[R3-LoopBack1]ip add 172.16.3.3 24
[R4]int g0/0/0
[R4-GigabitEthernet0/0/0]ip add 172.16.1.6 30
[R4-GigabitEthernet0/0/1]ip add 172.16.1.9 30
[R4-LoopBack0]ip add 4.4.4.4 32
[R4-LoopBack1]ip add 172.16.4.4 24
[R5]int g 0/0/0
[R5-GigabitEthernet0/0/0]ip add 172.16.1.22 30
[R5-GigabitEthernet0/0/1]ip add 172.16.1.17 30
[R5-LoopBack0]ip add 5.5.5.5 32
[R5-LoopBack1]ip add 172.16.5.5 24
[R6]int g0/0/0
[R6-GigabitEthernet0/0/0]ip add 172.16.1.18 30
[R6-GigabitEthernet0/0/1]ip add 172.16.1.13 30
[R6-LoopBack0]ip add 6.6.6.6 32
[R6-LoopBack1]ip add 172.16.6.6 24
[R7]int g0/0/0
[R7-GigabitEthernet0/0/0]ip add 172.16.1.14 30
[R7-GigabitEthernet0/0/1]ip add 34.1.1.1 24
[R7-GigabitEthernet0/0/2]ip add 172.16.1.10 30
[R7-LoopBack0]ip add 7.7.7.7 32
[R7-LoopBack1]ip add 172.16.7.7 24
[R8]int g 0/0/0
[R8-GigabitEthernet0/0/0]ip add 34.1.1.2 24
[R8-LoopBack0]ip add 8.8.8.8 32
[R8-LoopBack1]ip add 192.168.2.2 24
2、配置OSPF
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]a 0
[R2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 172.16.1.0 0.0.0.255
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]a 0
[R3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 172.16.1.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 172.16.3.0 0.0.0.255
[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]a 0
[R4-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 172.16.1.0 0.0.0.255
[R4-ospf-1-area-0.0.0.0]network 172.16.4.0 0.0.0.255
[R5]ospf 1 router-id 5.5.5.5
[R5-ospf-1]a 0
[R5-ospf-1-area-0.0.0.0]network 5.5.5.5 0.0.0.0
[R5-ospf-1-area-0.0.0.0]network 172.16.1.0 0.0.0.255
[R5-ospf-1-area-0.0.0.0]network 172.16.5.0 0.0.0.255
[R6]ospf 1 router-id 6.6.6.6
[R6-ospf-1]a 0
[R6-ospf-1-area-0.0.0.0]network 6.6.6.6 0.0.0.0
[R6-ospf-1-area-0.0.0.0]network 172.16.1.0 0.0.0.255
[R6-ospf-1-area-0.0.0.0]network 172.16.6.0 0.0.0.255
[R7]ospf 1 router-id 7.7.7.7
[R7-ospf-1]a 0
[R7-ospf-1-area-0.0.0.0]network 7.7.7.7 0.0.0.0
[R7-ospf-1-area-0.0.0.0]network 172.16.1.0 0.0.0.255
[R7-ospf-1-area-0.0.0.0]network 172.16.7.0 0.0.0.255
3、配置BGP建邻
[R1]bgp 1
[R1-bgp]peer 12.1.1.2 as 2
[R2]bgp 64512
[R2-bgp]confederation id 2
[R2-bgp]confederation peer-as 64513
[R2-bgp]peer 12.1.1.1 as 1
[R2-bgp]peer 3.3.3.3 as 64512
[R2-bgp]peer 3.3.3.3 connect-interface l0
[R2-bgp]peer 3.3.3.3 next-hop-local
[R2-bgp]peer 172.16.1.22 as 64513
[R2-bgp]peer 172.16.1.22 next-hop-local
[R3]bgp 64512
[R3-bgp]confederation id 2
[R3-bgp]peer 2.2.2.2 as 64512
[R3-bgp]peer 2.2.2.2 connect-interface l0
[R3-bgp]peer 4.4.4.4 connect-interface l0
[R4]bgp 64512
[R4-bgp]confederation id 2
[R4-bgp]peer 3.3.3.3 as 64512
[R4-bgp]peer 3.3.3.3 connect-interface LoopBack 0
[R5]bgp 64513
[R5-bgp]confederation id 2
[R5-bgp]confederation peer-as 64512
[R5-bgp]peer 6.6.6.6 as 64513
[R5-bgp]peer 6.6.6.6 connect-interface l0
[R5-bgp]peer 6.6.6.6 next-hop-local
[R5-bgp]peer 172.16.1.21 as 64512
[R5-bgp]peer 172.16.1.21 next-hop-local
[R6]bgp 64513
[R6-bgp]confederation id 2
[R6-bgp]peer 5.5.5.5 as 64513
[R6-bgp]peer 5.5.5.5 connect-interface l0
[R6-bgp]peer 7.7.7.7 as 64513
[R6-bgp]peer 7.7.7.7 connect-interface l0
[R7]bgp 64513
[R7-bgp]confederation id 2
[R7-bgp]peer 6.6.6.6 as 64513
[R7-bgp]peer 6.6.6.6 connect-interface l0
[R7-bgp]peer 6.6.6.6 next-hop-local
[R7-bgp]peer 34.1.1.2 as 3
[R8]bgp 3
[R8-bgp]peer 34.1.1.1 as 2
4、bgp宣告网段
[R1-bgp]network 1.1.1.1 32
[R3-bgp]network 172.16.3.0 24
[R4-bgp]network 172.16.4.0 24
[R5-bgp]network 172.16.5.0 24
[R6-bgp]network 172.16.6.0 24
[R7-bgp]network 172.16.7.0 24
[R8-bgp]network 8.8.8.8 32
5、做BGP反射器,学全路由
[R3-bgp]peer 2.2.2.2 reflect-client
[R3-bgp]peer 4.4.4.4 reflect-client
[R3-bgp]reflector cluster-id 3.3.3.3
[R6-bgp]peer 5.5.5.5 reflect-client
[R6-bgp]peer 7.7.7.7 reflect-client
[R6-bgp]reflector cluster-id 6.6.6.6
6、做BGP汇总,减少路由条目数量
[R2-bgp]aggregate 172.16.0.0 21 detail-suppressed as-set
[R7-bgp]aggregate 172.16.0.0 21 detail-suppressed as-set
7、建VPN隧道,实现环回ping通
[R1]int Tunnel 0/0/0
[R1-Tunnel0/0/0]ip add 10.1.1.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre
[R1-Tunnel0/0/0]source 1.1.1.1
[R1-Tunnel0/0/0]description 8.8.8.8
[R8]int Tunnel 0/0/0
[R8-Tunnel0/0/0]ip address 10.1.1.2 24
[R8-Tunnel0/0/0]tunnel-protocol gre
[R8-Tunnel0/0/0]source 8.8.8.8
[R8-Tunnel0/0/0]description 1.1.1.1
8、传递私网路由
[R1]ip route-static 192.168.2.0 24 Tunnel 0/0/0
[R8]ip route-static 192.168.1.0 24 Tunnel 0/0/0
的方法与自动化操作)
