BGP实验:联邦和发射器实验
一、实验拓扑
二、实验要求及分析
实验要求:
1、AS1存在两个环回,一个地址为192.168.1.0/24,该地址不能再任何协议中宣告;
AS3存在两个环回,一个地址为192.168.2.0/24,该地址不能再任何协议中宣告;
AS1还有一个环回地址为10.1.1.0/24,AS3另一个环回地址是11.1.1.0/24;
最终要求这两个环回可以互相通讯。
2、整个AS2的IP地址为172.16.0.0/16
3、AS间的骨干链路IP地址随意分配
4、使用BGP协议让整个网络所有设备的环回可以互相访问
5、减少路由条目数量,避免环路出现
实验分析:
1、根据整个拓扑图及其要求对各设备接口和环回进行IP设置;
2、AS间的骨干链路的IP网段设置:AS 1–AS 2:12.0.0.0/24;AS 2–AS 3:78.0.0.0/24;
3、在配置联邦AS 2区域之前,可以先通过OSPF协议使AS 2区域的各设备之间网络全通;
4、各AS区域间分别设置对应的BGP对等体关系;
5、用VPN隧道使未宣告的网段接通。
三、IP规划
1、由于整个AS2的IP地址为172.16.0.0/16网段,为满足需求,需要将该网段进行划分,先根据骨干和非骨干进行划分,然后在骨干和非骨干内部进行划分,非骨干区域即为各设备的环回地址:
骨干:
172.16.0.0/30 ---- R2-R3
172.16.0.4/30 ---- R3-R4
172.16.0.8/30 ---- R4-R7
172.16.0.12/30 ---- R6-R7
172.16.0.16/30 ---- R5-R6
172.16.0.20/30 ---- R2-R5
非骨干:
172.16.2.0/24 ---- R2的环回
2.2.2.2/32
172.16.3.0/24 ---- R3的环回
3.3.3.3/32
172.16.4.0/24 ---- R4的环回
4.4.4.4/32
172.16.5.0/24 ---- R5的环回
5.5.5.5/32
172.16.6.0/24 ---- R6的环回
6.6.6.6/32
172.16.7.0/24 ---- R7的环回
7.7.7.7/32
2、AS间的骨干链路IP地址分配:
12.0.0.0/24 ----- R1-R2(AS 1-AS 2)
78.0.0.0/24 ----- R7-R8(AS 2-AS 3)
四、基础配置
1、IP配置
R1
[r1]interface GigabitEthernet 0/0/0
[r1-GigabitEthernet0/0/0]ip address 12.0.0.1 24
[r1-GigabitEthernet0/0/0]int l 0
[r1-LoopBack0]ip add 10.1.1.1 24
[r1-LoopBack0]int l 1
[r1-LoopBack1]ip add 192.168.1.1 24
R2
[r2]int g 0/0/0
[r2-GigabitEthernet0/0/0]ip add 12.0.0.2 24
[r2-GigabitEthernet0/0/0]int g 0/0/1
[r2-GigabitEthernet0/0/1]ip add 172.16.0.1 30
[r2-GigabitEthernet0/0/1]int g 0/0/2
[r2-GigabitEthernet0/0/2]ip add 172.16.0.21 30
[r2-GigabitEthernet0/0/2]int l 0
[r2-LoopBack0]ip add 2.2.2.2 32
[r2-LoopBack0]int l 1
[r2-LoopBack1]ip add 172.16.2.1 24
R3
[r3]int g 0/0/0
[r3-GigabitEthernet0/0/0]ip add 172.16.0.2 30
[r3-GigabitEthernet0/0/0]int g 0/0/1
[r3-GigabitEthernet0/0/1]ip add 172.16.0.5 30
[r3-LoopBack1]int l 0
[r3-LoopBack0]ip add 3.3.3.3 32
[r3-LoopBack0]int l 1
[r3-LoopBack1]ip add 172.16.3.1 24
R4
[r4]int g 0/0/0
[r4-GigabitEthernet0/0/0]ip add 172.16.0.6 30
[r4-GigabitEthernet0/0/0]int g 0/0/1
[r4-GigabitEthernet0/0/1]ip add 172.16.0.9 30
[r4-GigabitEthernet0/0/1]int l 0
[r4-LoopBack0]ip add 4.4.4.4 32
[r4-LoopBack0]int l 1
[r4-LoopBack1]ip add 172.16.4.1 24
R5
[r5]int g 0/0/0
[r5-GigabitEthernet0/0/0]ip add 172.16.0.22 30
[r5-GigabitEthernet0/0/0]int g 0/0/1
[r5-GigabitEthernet0/0/1]ip add 172.16.0.17 30
[r5-GigabitEthernet0/0/1]int l 0
[r5-LoopBack0]ip add 5.5.5.5 32
[r5-LoopBack0]int l 1
[r5-LoopBack1]ip add 172.16.5.1 24
R6
[r6]int g 0/0/0
[r6-GigabitEthernet0/0/0]ip add 172.16.0.18 30
[r6-GigabitEthernet0/0/0]int g 0/0/1
[r6-GigabitEthernet0/0/1]ip add 172.16.0.13 30
[r6-GigabitEthernet0/0/1]int l 0
[r6-LoopBack0]ip add 6.6.6.6 32
[r6-LoopBack0]int l 1
[r6-LoopBack1]ip add 172.16.6.1 24
R7
[r7]int g 0/0/0
[r7-GigabitEthernet0/0/0]ip add 172.16.0.14 30
[r7-GigabitEthernet0/0/0]int g 0/0/1
[r7-GigabitEthernet0/0/1]ip add 172.16.0.10 30
[r7-GigabitEthernet0/0/1]int g 0/0/2
[r7-GigabitEthernet0/0/2]ip add 78.0.0.7 24
[r7-GigabitEthernet0/0/2]int l 0
[r7-LoopBack0]ip add 7.7.7.7 32
[r7-LoopBack0]int l 1
[r7-LoopBack1]ip add 172.16.7.1 24
R8
[r8]int g 0/0/0
[r8-GigabitEthernet0/0/0]ip add 78.0.0.8 24
[r8-GigabitEthernet0/0/0]int l 0
[r8-LoopBack0]ip add 11.1.1.1 24
[r8-LoopBack0]int l 1
[r8-LoopBack1]ip add 192.168.2.1 24
2、OSPF配置
[r2]ospf 1 router-id 2.2.2.2
[r2-ospf-1]area 0
[r2-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.0.255
[r2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0[r3]ospf 1 router-id 3.3.3.3
[r3-ospf-1]area 0
[r3-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.0.255
[r3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0[r4]ospf 1 router-id 4.4.4.4
[r4-ospf-1]area 0
[r4-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.0.255
[r4-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0[r5]ospf 1 router-id 5.5.5.5
[r5-ospf-1]area 0
[r5-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.0.255
[r5-ospf-1-area-0.0.0.0]network 5.5.5.5 0.0.0.0[r6]ospf 1 router-id 6.6.6.6
[r6-ospf-1]area 0
[r6-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.0.255
[r6-ospf-1-area-0.0.0.0]network 6.6.6.6 0.0.0.0[r7]ospf 1 router-id 7.7.7.7
[r7-ospf-1]area 0
[r7-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.0.255
[r7-ospf-1-area-0.0.0.0]network 7.7.7.7 0.0.0.0
查看OSPF路由表:
五、BGP实验配置
1、AS 1区域与联邦AS 2区域间建立EBGP对等体关系:
[r1]bgp 1
[r1-bgp]router-id 1.1.1.1
[r1-bgp]peer 12.0.0.2 as-number 2[r2]bgp 64512
[r2-bgp]router-id 2.2.2.2
[r2-bgp]confederation id 2
[r2-bgp]peer 12.0.0.1 as-number 1
2、联邦AS 2区域与AS 3区域间建立EBGP对等体关系:
[r7]bgp 64513
[r7-bgp]confederation id 2
[r7-bgp]router-id 7.7.7.7
[r7-bgp]peer 78.0.0.8 as-number 3[r8]bgp 3
[r8-bgp]router-id 8.8.8.8
[r8-bgp]peer 78.0.0.7 as-number 2
3、AS 64512成员间建立IBGP对等体关系:
[r2-bgp]peer 3.3.3.3 as-number 64512
[r2-bgp]peer 3.3.3.3 connect-interface LoopBack 0
[r2-bgp]peer 3.3.3.3 next-hop-local[r3]bgp 64512
[r3-bgp]con
[r3-bgp]confederation id 2
[r3-bgp]router-id 3.3.3.3
[r3-bgp]peer 2.2.2.2 as-number 64512
[r3-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[r3-bgp]peer 4.4.4.4 as-number 64512
[r3-bgp]peer 4.4.4.4 connect-interface LoopBack 0[r4]bgp 64512
[r4-bgp]confederation id 2
[r4-bgp]router-id 4.4.4.4
[r4-bgp]peer 3.3.3.3 as-number 64512
[r4-bgp]peer 3.3.3.3 connect-interface LoopBack 0
[r4-bgp]peer 3.3.3.3 next-hop-local
4、AS 64513成员间建立IBGP对等体关系:
[r5]bgp 64513
[r5-bgp]confederation id 2
[r5-bgp]router-id 5.5.5.5
[r5-bgp]peer 6.6.6.6 as-number 64513
[r5-bgp]peer 6.6.6.6 connect-interface LoopBack 0
[r5-bgp]peer 6.6.6.6 next-hop-local[r6]bgp 64513
[r6-bgp]confederation id 2
[r6-bgp]router-id 6.6.6.6
[r6-bgp]peer 5.5.5.5 as-number 64513
[r6-bgp]peer 5.5.5.5 connect-interface LoopBack 0
[r6-bgp]peer 7.7.7.7 as-number 64513
[r6-bgp]peer 7.7.7.7 connect-interface LoopBack 0[r7-bgp]peer 6.6.6.6 as-number 64513
[r7-bgp]peer 6.6.6.6 connect-interface LoopBack 0
[r7-bgp]peer 6.6.6.6 next-hop-local
5、AS 64512区域与AS 64513区域间建立EBGP对等体关系:
[r2-bgp]confederation peer-as 64513
[r2-bgp]peer 5.5.5.5 as-number 64513
[r2-bgp]peer 5.5.5.5 connect-interface LoopBack 0
[r2-bgp]peer 5.5.5.5 next-hop-local
[r2-bgp]peer 5.5.5.5 ebgp-max-hop 255[r5-bgp]confederation peer-as 64512
[r5-bgp]peer 2.2.2.2 as-number 64512
[r5-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[r5-bgp]peer 2.2.2.2 next-hop-local
[r5-bgp]peer 2.2.2.2 ebgp-max-hop 255[r4]bgp 64512
[r4-bgp]confederation peer-as 64513
[r4-bgp]peer 7.7.7.7 as-number 64513
[r4-bgp]peer 7.7.7.7 connect-interface LoopBack 0
[r4-bgp]peer 7.7.7.7 next-hop-local
[r4-bgp]peer 7.7.7.7 ebgp-max-hop 255[r7]bgp 64513
[r7-bgp]confederation peer-as 64512
[r7-bgp]peer 4.4.4.4 as-number 64512
[r7-bgp]peer 4.4.4.4 connect-interface LoopBack 0
[r7-bgp]peer 4.4.4.4 next-hop-local
[r7-bgp]peer 4.4.4.4 ebgp-max-hop 255
6、将R3、R6设置成发射器
[r3-bgp]peer 2.2.2.2 reflect-client
[r3-bgp]peer 4.4.4.4 reflect-client [r6-bgp]peer 5.5.5.5 reflect-client
[r6-bgp]peer 7.7.7.7 reflect-client
7、宣告网段
[r1-bgp]network 10.1.1.0 24
[r8-bgp]network 11.1.1.0 24[r2-bgp]network 172.16.0.0 24
[r2]ip route-static 172.16.0.0 16 NULL 0 ----防环
[r2-bgp]network 172.16.0.0 16[r7-bgp]network 172.16.0.0 24
[r7]ip route-static 172.16.0.0 16 NULL 0
[r7-bgp]network 172.16.0.0 16
8、查看BGP邻居:
9、查看BGP路由表
10、创建VPN隧道
[r1]interface Tunnel 0/0/0
[r1-Tunnel0/0/0]ip add 18.1.1.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre //修改接口类型
[r1-Tunnel0/0/0]source 10.1.1.1
[r1-Tunnel0/0/0]destination 11.1.1.1
[r1]ip route-static 192.168.2.0 18.1.1.2[r8]interface Tunnel 0/0/0
[r8-Tunnel0/0/0]ip add 18.1.1.2 24
[r8-Tunnel0/0/0]tunnel-protocol gre
[r8-Tunnel0/0/0]source 11.1.1.1
[r8-Tunnel0/0/0]destination 10.1.1.1
[r8]ip route-static 192.168.1.0 24 18.1.1.1
六、测试