标签:
SanJose(config)#router bgp 100
SanJose(config-router)#neighbor 192.168.1.6 remote-as 300
SanJose(config-router)#netwrok 10.1.1.0 mask 255.255.255.0
ISP(config)#router bgp 300
ISP(config-router)#neighbor 192.168.1.5 remote-as 100
ISP(config-router)#neighbor 172.24.1.18 remote-as 65000
ISP(config-router)#network 10.2.2.0 mask 255.255.255.0
CustRtr(config)#router bgp 65000
CustRtr(config-router)#neighbor 172.24.1.17 remote-as 300
CustRtr(config-router)#network 10.3.3.0 mask 255.255.255.0
ISP#show ip bgp
BGP table version is 4, local router ID is 10.2.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.1.1.0/24 192.168.1.5 0 0 100 i
*> 10.2.2.0/24 0.0.0.0 0 32768 i
*> 10.3.3.0/24 172.24.1.18 0 0 65000 i
R1#show ip route bgp
10.0.0.0/24 is subnetted, 3 subnets
B 10.3.3.0 [20/0] via 192.168.1.6, 00:03:01
B 10.2.2.0 [20/0] via 192.168.1.6, 00:03:01
R1#ping 10.3.3.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.3.3.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Why Does this ping fail?
R1#ping 10.3.3.1 sou 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.3.3.1, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/44/88 ms
R1#show ip bgp | b Net
Network Next Hop Metric LocPrf Weight Path
*> 10.1.1.0/24 0.0.0.0 0 32768 i
*> 10.2.2.0/24 192.168.1.6 0 0 300 i
*> 10.3.3.0/24 192.168.1.6 0 300 65000 i
ISP(config)#router bgp 300
ISP(config-router)#neighbor 192.168.1.5 remove-private-as
R1#show ip bgp | begin Net
Network Next Hop Metric LocPrf Weight Path
*> 10.1.1.0/24 0.0.0.0 0 32768 i
*> 10.2.2.0/24 192.168.1.6 0 0 300 i
*> 10.3.3.0/24 192.168.1.6 0 300 i
use the AS_PATH attribute to filter routes based on their origin.
在R3上过滤掉R1的loopback 0: 10.1.1.1/24 的路由
AS-path access lists are read like regular access lists. The statements are read sequentially, and there is an implicit deny at the end. Rather than matching an address in each statement like a conventional access list, AS path access lists match on something called a regular expression. Regular expressions are a way of matching text patterns and have many uses. In this case, you will be using them in the AS path access list to match text patterns in AS paths.
ISP(config)#ip as-path access-list 1 deny ^100$
ISP(config)#ip as-apth access-list 1 permit .*
^ 表示AS PATH 必须以100开始
& 表示AS PATH 必须以100结尾
. 是反掩码通配符
* 是重复的反掩码通配符
.* 表示匹配任意AS PATH 属性
ISP(config)#router bgp 300
ISP(config-router)#neighbor 172.24.1.18 filter-list 1 out
R2#show ip bgp regexp ^100$
BGP table version is 4, local router ID is 10.2.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.1.1.0/24 192.168.1.5 0 0 100 i
R3#show ip route | b Ga
Gateway of last resort is not set
172.24.0.0/30 is subnetted, 1 subnets
C 172.24.1.16 is directly connected, Serial1/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.3.3.0 is directly connected, Loopback0
B 10.2.2.0 [20/0] via 172.24.1.17, 00:00:24
foreach address {
10.1.1.1
10.2.2.1
10.3.3.1
192.168.1.5
192.168.1.6
172.24.1.17
172.24.1.18
} {
ping $address }
LAB - CCNP Using the BGP AS_PATH Attribute
标签:
原文地址:http://www.cnblogs.com/elewei/p/4713845.html
