实验拓扑:
实验目的:
R1访问外网的流量分别通过R2、R3实现负载分担;
R1访问AS400的流量仅通过R2,其他的流量通过R3;
R4不向R2通告113.59.69.4/30段的路由;
R6只通告202.100.192.0/24的聚合路由;
实验过程:
如图所示,配置各路由器的接口地址;
⑴ R1的接口配置:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R1
[R1]inter LoopBack 0
[R1-LoopBack0]ip address 10.10.10.10 32
[R1-LoopBack0]quit
[R1]inter g0/0/1
[R1-GigabitEthernet0/0/1]ip address 10.147.140.1 30
[R1-GigabitEthernet0/0/1]quit
[R1]inter g0/0/2
[R1-GigabitEthernet0/0/2]ip address 10.147.140.5 30
[R1-GigabitEthernet0/0/2]quit
⑵ R2的接口配置:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R2
[R2]inter LoopBack 0
[R2-LoopBack0]ip address 1.1.1.1 32
[R2-LoopBack0]quit
[R2]inter g0/0/1
[R2-GigabitEthernet0/0/1]ip address 10.147.140.2 30
[R2-GigabitEthernet0/0/1]quit
[R2]inter g0/0/0
[R2-GigabitEthernet0/0/0]ip address 10.147.140.9 30
[R2-GigabitEthernet0/0/0]quit
[R2]interface serial 0/0/0
[R2-Serial0/0/0]link-protocol ppp
[R2-Serial0/0/0]ip address 59.49.241.1 30
[R2-Serial0/0/0]quit
⑶ R3的接口配置:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R3
[R3]inter LoopBack 0
[R3-LoopBack0]ip address 2.2.2.2 32
[R3-LoopBack0]quit
[R3]inter g0/0/2
[R3-GigabitEthernet0/0/2]ip address 10.147.140.6 30
[R3-GigabitEthernet0/0/2]quit
[R3]inter g0/0/0
[R3-GigabitEthernet0/0/0]ip address 10.147.140.10 30
[R3-GigabitEthernet0/0/0]quit
[R3]interface serial 0/0/0
[R3-Serial0/0/0]link-protocol ppp
[R3-Serial0/0/0]ip address 113.59.60.1 30
[R3-Serial0/0/0]quit
⑷ R4的接口配置:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R4
[R4]inter LoopBack 0
[R4-LoopBack0]ip address 59.59.59.59 32
[R4-LoopBack0]quit
[R4]inter g0/0/0
[R4-GigabitEthernet0/0/0]ip address 59.49.241.5 30
[R4-GigabitEthernet0/0/0]quit
[R4]interface serial 0/0/0
[R4-Serial0/0/0]link-protocol ppp
[R4-Serial0/0/0]ip address 59.49.241.2 30
[R4-Serial0/0/0]quit
⑸ R5的接口配置:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R5
[R5]inter LoopBack 0
[R5-LoopBack0]ip address 113.113.113.113 32
[R5-LoopBack0]quit
[R5]inter g0/0/0
[R5-GigabitEthernet0/0/0]ip address 113.59.69.5 30
[R5-GigabitEthernet0/0/0]quit
[R5]interface serial 0/0/0
[R5-Serial0/0/0]link-protocol ppp
[R5-Serial0/0/0]ip address 113.59.60.2 30
[R5-Serial0/0/0]quit
⑹ R6的接口配置:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R6
[R6]inter LoopBack 0
[R6-LoopBack0]ip address 100.100.100.100 32
[R6-LoopBack0]quit
[R6]inter LoopBack 1
[R6-LoopBack1]ip address 202.100.192.68 32
[R6-LoopBack1]quit
[R6]inter g0/0/0
[R6-GigabitEthernet0/0/0]ip address 59.49.241.6 30
[R6-GigabitEthernet0/0/0]quit
[R6]inter g0/0/1
[R6-GigabitEthernet0/0/1]ip address 113.59.69.6 30
[R6-GigabitEthernet0/0/1]quit
2.内网路由器的OSPF配置
⑴ R1的OSPF配置:
[R1]OSPF 1 router-id 10.10.10.10
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.10.10.10 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.147.140.0 0.0.0.3
[R1-ospf-1-area-0.0.0.0]network 10.147.140.4 0.0.0.3
[R1-ospf-1-area-0.0.0.0]return
<R1>save
⑵ R2的OSPF配置:
[R2]OSPF 1 router-id 10.10.10.10
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.147.140.0 0.0.0.3
[R2-ospf-1-area-0.0.0.0]network 10.147.140.8 0.0.0.3
[R2-ospf-1-area-0.0.0.0]return
<R2>save
⑶ R3的OSPF配置:
[R3]OSPF 1 router-id 10.10.10.10
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.147.140.4 0.0.0.3
[R3-ospf-1-area-0.0.0.0]network 10.147.140.8 0.0.0.3
[R3-ospf-1-area-0.0.0.0]return
<R3>save
3.路由器的BGP配置
⑴ R2的BGP配置:
[R2]BGP 65510
[R2-bgp]undo synchronization
[R2-bgp]PEER 2.2.2.2 as-number 65510
[R2-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[R2-bgp]peer 2.2.2.2 next-hop-local
[R2-bgp]peer 59.49.241.2 as-number 400
[R2-bgp]network 10.10.10.10 255.255.255.255
[R2-bgp]network 1.1.1.1 255.255.255.255
[R2-bgp]network 10.147.140.0 255.255.255.252
[R2-bgp]network 10.147.140.8 255.255.255.252
[R2-bgp]network 59.49.241.0 255.255.255.252
[R2-bgp]quit
⑵ R3的BGP配置:
[R3]BGP 65510
[R3-bgp]undo synchronization
[R3-bgp]PEER 1.1.1.1 as-number 65510
[R3-bgp]peer 1.1.1.1 connect-interface LoopBack 0
[R3-bgp]peer 1.1.1.1 next-hop-local
[R3-bgp]peer 113.59.60.2 as-number 500
[R3-bgp]network 2.2.2.2 255.255.255.255
[R3-bgp]network 1.1.1.1 255.255.255.255
[R3-bgp]network 10.147.140.4 255.255.255.252
[R3-bgp]network 10.147.140.8 255.255.255.252
[R3-bgp]network 113.59.60.0 255.255.255.252
[R3-bgp]quit
⑶ R4的BGP配置:
[R4]BGP 400
[R4-bgp]undo synchronization
[R4-bgp]PEER 59.49.241.1 as-number 65510
[R4-bgp]peer 59.49.241.6 as-number 600
[R4-bgp]network 59.59.59.59 255.255.255.255
[R4-bgp]network 59.49.241.0 255.255.255.252
[R4-bgp]network 59.49.241.4 255.255.255.252
[R4-bgp]quit
⑷ R5的BGP配置:
[R5]BGP 500
[R5-bgp]undo synchronization
[R5-bgp]PEER 113.59.60.1 as-number 65510
[R5-bgp]peer 113.59.69.6 as-number 600
[R5-bgp]network 113.113.113.113 255.255.255.255
[R5-bgp]network 113.59.60.0 255.255.255.252
[R5-bgp]network 113.59.69.4 255.255.255.252
[R5-bgp]quit
⑸ R6的BGP配置:
[R6]BGP 600
[R6-bgp]undo synchronization
[R6-bgp]PEER 59.49.241.5 as-number 400
[R6-bgp]peer 113.59.69.5 as-number 500
[R6-bgp]network 100.100.100.100 255.255.255.255
[R6-bgp]network 202.100.192.68 255.255.255.255
[R6-bgp]network 59.49.241.4 255.255.255.252
[R6-bgp]network 113.59.69.4 255.255.255.252
[R6-bgp]quit
4.查看各路由器的BGP路由情况
⑴ R2的BGP路由信息: ⑵ R3的BGP路由信息:
⑶ R4的BGP路由信息: ⑷ R5的BGP路由信息:
⑸ R6的BGP路由信息:
● R1访问外网的流量分别通过R2、R3实现负载分担
如果内网路由器都运行BGP协议,都建立了IBGP关系,可以使用路由策略设置local-preference值来实现;
R2、R3通过发布缺省路由,设置相同的OSPF COST值来实现。
在R2上设置:
[R2]ospf 1
[R2-ospf-1]default-route-advertise always
在R3上设置:
[R3]ospf 1
[R3-ospf-1]default-route-advertise always
在R1上查看IP路由表:
可以发现,在R1上有两条去往外部的等价默认路由。
● R1访问AS400的流量仅通过R2,其他的流量通过R3
流量离开同一个AS的不同IBGP路由器时,可以通过设置不同的local-pref值来实现路由选择,local-pref默认值是100.值越大越优。
在R2上配置route-policy,设置去往AS400的local-pref值为300,去往其他网段的值为默认值;在R3上配置默认local-pref值为200。
在R2上配置:
[R2]ip as-path-filter 1 permit ^400$ ///使用ACL可以达到同样的效果\\\
[R2]route-policy only_as400 permit node 10
[R2-route-policy]if-match as-path-filter 1
[R2-route-policy]apply local-preference 300
[R2]route-policy only_as400 permit node 20
[R2-route-policy]quit
[R2]bgp 65510
[R2-bgp]peer 59.49.241.2 route-policy only_as400 import
[R2-bgp]quit
在R3上配置:
[R3]bgp 65510
[R3-bgp]default local-preference 200
[R3-bgp]quit
在R2上检验结果:
未配置route-policy之前:路由跟踪显示经过R4→R6
配置route-policy之后:路由跟踪显示经过R3→R5→R6
R2上的BGP路由表:
● R4不向R2通告113.59.69.4/30段的路由
在R6上配置route-policy+community实现
在R6配置:
[R6]acl number 2001
[R6-acl-basic-2001]rule 0 permit source 113.59.69.4 255.255.255.252
[R6-acl-basic-2001]quit
[R6]route-policy 1 permit node 10
Info: New Sequence of this List.
[R6-route-policy]if-match acl 2001
[R6-route-policy]apply community no-export
[R6-route-policy]quit
[R6]route-policy 1 permit node 20
Info: New Sequence of this List.
[R6]bgp 600
[R6-bgp]peer 59.49.241.5 route-policy 1 export
[R6-bgp]peer 59.49.241.5 advertise-community
[R6-bgp]quit
在R2检测结果:发现R2仅能从其IBGP对等体收到113.59.69.4/30的路由通告。
● R6只通告202.100.192.0/24的聚合路由;
使用命令aggregate手动聚合
在R6配置:
[R6]bgp 600
[R6-bgp]aggregate 202.100.192.0 24 detail-suppressed
[R6-bgp]quit
在R2检测结果:发现R2上存在202.100.192.0的聚合路由信息,无详细路由信息。
本文出自 “每天进步一点点” 博客,请务必保留此出处http://pthahnil.blog.51cto.com/814988/1432974
原文地址:http://pthahnil.blog.51cto.com/814988/1432974
