要求
1 使用PreVal策略,确保R4通过R2到达192.168.10.0/24
2 使用AS_Path策略,确保R4通过R3到达192.168.11.0/24
3 配置MED策略,确保R4通过R3到达192.168.12.0/24
4 使用Local Preference策略,确保R1通过R2到达192.168.1.0/24
5 使用Local Preference策略,确保R1通过R3到达192.168.2.0/24
6 配置负载均衡,确保R1通过R2和R3到达192.168.3.0/24
7 使用AS策略,AS 500不接受任何始发于AS 123的路由
8 使用自定义Community策略,确保192.168.3.0/24路由不会被发布到AS 500
9 IBGP 使用环回接口建邻,EBGP使用物理接口建邻
10 修改AS 123中的用户网段为Broadcast,方便后续在BGP中宣告
11 BGP宣告路由时,仅宣告24 网段的用户路由
R1
[V200R003C00]
#sysname R1
#snmp-agent local-engineid 800007DB03000000000000snmp-agent
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#drop illegal-mac alarm
#wlan ac-global carrier id other ac id 0
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 12.0.0.1 255.255.255.0
#
interface GigabitEthernet0/0/1ip address 13.0.0.1 255.255.255.0
#
interface GigabitEthernet0/0/2ip address 15.0.0.1 255.255.255.0
#
interface NULL0
#
interface LoopBack0ip address 1.1.1.1 255.255.255.255
#
interface LoopBack1ip address 192.168.100.1 255.255.255.0
#
bgp 123peer 2.2.2.2 as-number 123 peer 2.2.2.2 connect-interface LoopBack0peer 3.3.3.3 as-number 123 peer 3.3.3.3 connect-interface LoopBack0peer 15.0.0.5 as-number 500 #ipv4-family unicastundo synchronizationnetwork 192.168.20.0 network 192.168.30.0 network 192.168.100.0 maximum load-balancing 2peer 2.2.2.2 enablepeer 2.2.2.2 route-policy aa importpeer 2.2.2.2 next-hop-local peer 3.3.3.3 enablepeer 3.3.3.3 route-policy bb importpeer 3.3.3.3 next-hop-local peer 15.0.0.5 enablepeer 15.0.0.5 route-policy com export
#
ospf 1 router-id 1.1.1.1 area 0.0.0.0 network 1.1.1.0 0.0.0.255 network 12.0.0.0 0.0.0.255 network 13.0.0.0 0.0.0.255 network 192.168.100.0 0.0.0.255
#
route-policy aa permit node 10 if-match ip-prefix LP apply local-preference 200
#
route-policy aa permit node 20
#
route-policy bb permit node 10 if-match ip-prefix LP2 apply local-preference 200
#
route-policy bb permit node 20
#
route-policy com deny node 10 if-match community-filter 1
#
route-policy com permit node 20
#
ip ip-prefix LP index 10 permit 192.168.1.0 24
ip ip-prefix LP2 index 10 permit 192.168.2.0 24
#
ip community-filter 1 permit 400:500
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R2
[V200R003C00]
#sysname R2
#snmp-agent local-engineid 800007DB03000000000000snmp-agent
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#drop illegal-mac alarm
#wlan ac-global carrier id other ac id 0
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 24.0.0.2 255.255.255.0
#
interface GigabitEthernet0/0/1ip address 12.0.0.2 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0ip address 2.2.2.2 255.255.255.255
#
interface LoopBack1ip address 192.168.20.1 255.255.255.0
#
bgp 123router-id 2.2.2.2peer 1.1.1.1 as-number 123 peer 1.1.1.1 connect-interface LoopBack0peer 24.0.0.4 as-number 400 #ipv4-family unicastundo synchronizationnetwork 192.168.20.0 network 192.168.30.0 network 192.168.100.0 peer 1.1.1.1 enablepeer 1.1.1.1 next-hop-local peer 1.1.1.1 advertise-communitypeer 24.0.0.4 enable
#
ospf 1 router-id 2.2.2.2 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 12.0.0.0 0.0.0.255 network 192.168.20.0 0.0.0.255
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R3
[V200R003C00]
#sysname R3
#snmp-agent local-engineid 800007DB03000000000000snmp-agent
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#drop illegal-mac alarm
#wlan ac-global carrier id other ac id 0
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 34.0.0.3 255.255.255.0
#
interface GigabitEthernet0/0/1ip address 13.0.0.3 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0ip address 3.3.3.3 255.255.255.255
#
interface LoopBack1ip address 192.168.30.1 255.255.255.0
#
bgp 123router-id 3.3.3.3peer 1.1.1.1 as-number 123 peer 1.1.1.1 connect-interface LoopBack0peer 34.0.0.4 as-number 400 #ipv4-family unicastundo synchronizationnetwork 192.168.20.0 network 192.168.30.0 network 192.168.100.0 peer 1.1.1.1 enablepeer 1.1.1.1 next-hop-local peer 1.1.1.1 advertise-communitypeer 34.0.0.4 enable
#
ospf 1 router-id 3.3.3.3 area 0.0.0.0 network 3.3.3.3 0.0.0.0 network 13.0.0.0 0.0.0.255 network 192.168.30.0 0.0.0.255
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R4
[V200R003C00]
#sysname R4
#snmp-agent local-engineid 800007DB03000000000000snmp-agent
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#drop illegal-mac alarm
#wlan ac-global carrier id other ac id 0
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 24.0.0.4 255.255.255.0
#
interface GigabitEthernet0/0/1ip address 34.0.0.4 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0ip address 192.168.1.1 255.255.255.0
#
interface LoopBack1ip address 192.168.2.1 255.255.255.0
#
interface LoopBack2ip address 192.168.3.1 255.255.255.0
#
bgp 400router-id 4.4.4.4peer 24.0.0.2 as-number 123 peer 34.0.0.3 as-number 123 #ipv4-family unicastundo synchronizationnetwork 192.168.1.0 network 192.168.2.0 network 192.168.3.0 route-policy com peer 24.0.0.2 enablepeer 24.0.0.2 route-policy aa importpeer 24.0.0.2 advertise-communitypeer 34.0.0.3 enablepeer 34.0.0.3 route-policy bb importpeer 34.0.0.3 advertise-community
#
route-policy aa permit node 10 if-match ip-prefix aa apply preferred-value 1000
#
route-policy aa permit node 15 if-match ip-prefix bb apply as-path 123 123 500 500 overwrite
#
route-policy aa permit node 16 if-match ip-prefix MED apply cost 500
#
route-policy aa permit node 20
#
route-policy bb permit node 10 if-match ip-prefix MED apply cost 200
#
route-policy bb permit node 20
#
route-policy com permit node 10 apply community 400:500
#
ip ip-prefix aa index 10 permit 192.168.10.0 24
ip ip-prefix bb index 10 permit 192.168.11.0 24
ip ip-prefix MED index 10 permit 192.168.12.0 24
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R5
[V200R003C00]
#sysname R5
#snmp-agent local-engineid 800007DB03000000000000snmp-agent
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#drop illegal-mac alarm
#wlan ac-global carrier id other ac id 0
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 15.0.0.5 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0ip address 192.168.10.1 255.255.255.0
#
interface LoopBack1ip address 192.168.11.1 255.255.255.0
#
interface LoopBack2ip address 192.168.12.1 255.255.255.0
#
bgp 500peer 15.0.0.1 as-number 123 #ipv4-family unicastundo synchronizationnetwork 192.168.10.0 network 192.168.11.0 network 192.168.12.0 peer 15.0.0.1 enablepeer 15.0.0.1 as-path-filter 1 import
#
ip as-path-filter 1 deny ^123$
ip as-path-filter 1 permit .*
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
![[架构之路-253]:目标系统 - 设计方法 - 软件工程 - 软件设计 - 结构化设计的主要评估指标:高内聚(模块内部)、低耦合(模块之间)的含义](https://img-blog.csdnimg.cn/7b19b78f610a4ca1a94d03f7cf4c745c.png)
