当前位置：首页 > news >正文

BGP团体属性实验案例

news 2025/8/2 0:05:39

一、实验一基本团体属性

拓扑

实验要求:AS100中的路由传递给AS200时不得向其他AS发布,但可以在本AS内传递,AR1的loopback3不受影响

配置思路:既然要求我们不能向其他AS传递但可以在本AS内进行传递,就不能使用No advertise团体属性,使用No export属性即可

1、基本配置

AR1
system
sysname AR1
int g 0/0/0
ip add 10.0.12.1 24
int l 1
ip add 1.1.1.1 32
int l 2
ip add 1.1.1.2 32
int l 3
ip add 1.1.1.3 32AR2
system
sysname AR2
int g 0/0/0
ip add 10.0.12.1 24
int g 0/0/1
ip add 10.0.23.2 24
int g 0/0/2
ip add 10.0.24.2 24AR3
system
sysname AR3
int g 0/0/1
ip add 10.0.23.3 24AR4
system
sysname AR4
int g 0/0/0
ip add 10.0.24.4 24

2、BGP路由配置

AR1
bgp 100
router-id 1.1.1.1
peer 10.0.12.2 as 200
netw 1.1.1.1 32
netw 1.1.1.2 32
netw 1.1.1.3 32AR2
bgp 200
router-id 2.2.2.2
peer 10.0.12.1 as 100
peer 10.0.24.4 as 200
peer 10.0.23.3 as 300AR4
bgp 200
router-id 4.4.4.4
peer 10.0.24.2 as 200AR3
bgp 300
router-id 3.3.3.3
peer 10.0.23.2 as 200

查看BGP邻居状态

[AR2]display bgp peer BGP local router ID : 2.2.2.2Local AS number : 200Total number of peers : 3		  Peers in established state : 3Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State Pre
fRcv10.0.12.1       4         100        4        5     0 00:00:15 Established    310.0.23.3       4         300        3        4     0 00:01:16 Established    010.0.24.4       4         200        3        5     0 00:01:14 Established    0

3、路由策略配置

ip ip-prefix 3 index 10 permit 1.1.1.3 32
route-policy community permit node 10 
if-match ip-prefix 3 
route-policy community permit node 20 
apply community no-export 
bgp 100
peer 10.0.12.2 route-policy community export

AR2上查看BGP路由属性

<AR2>display bgp routing-table 1.1.1.1BGP local router ID : 2.2.2.2Local AS number : 200Paths:   1 available, 1 best, 1 selectBGP routing table entry information of 1.1.1.1/32:From: 10.0.12.1 (1.1.1.1)Route Duration: 00h00m06s  Direct Out-interface: GigabitEthernet0/0/0Original nexthop: 10.0.12.1Qos information : 0x0AS-path 100, origin igp, MED 0, pref-val 0, valid, external, best, select, acti
ve, pre 255Advertised to such 3 peers:10.0.23.310.0.12.110.0.24.4

可以看到此时AR2上收到的路由中并没有携带团体属性,这是为什么?

因为我们AR1上还没有配置携带团体属性命令,如果只配置了策略没有配置携带团体属性命令就无法在传递路由时携带团体属性。

AR1
bgp 100
peer 10.0.12.2 advertise-community

此时再去AR2上查看路由的属性

[AR2]display bgp routing-table 1.1.1.1BGP local router ID : 2.2.2.2Local AS number : 200Paths:   1 available, 1 best, 1 selectBGP routing table entry information of 1.1.1.1/32:From: 10.0.12.1 (1.1.1.1)Route Duration: 00h01m31s  Direct Out-interface: GigabitEthernet0/0/0Original nexthop: 10.0.12.1Qos information : 0x0Community:no-exportAS-path 100, origin igp, MED 0, pref-val 0, valid, external, best, select, acti
ve, pre 255Advertised to such 1 peers:10.0.24.4

<AR2>display bgp routing-table 1.1.1.3BGP local router ID : 2.2.2.2Local AS number : 200Paths:   1 available, 1 best, 1 selectBGP routing table entry information of 1.1.1.3/32:From: 10.0.12.1 (1.1.1.1)Route Duration: 00h01m12s  Direct Out-interface: GigabitEthernet0/0/0Original nexthop: 10.0.12.1Qos information : 0x0AS-path 100, origin igp, MED 0, pref-val 0, valid, external, best, select, acti
ve, pre 255Advertised to such 3 peers:10.0.23.310.0.12.110.0.24.4

可以看到此时AR2收到的路由中就携带了no-export团体属性,并且loopback3没有受影响

<AR3>display bgp routing-table BGP Local router ID is 3.3.3.3 Status codes: * - valid, > - best, d - damped,h - history,  i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteTotal Number of Routes: 1Network            NextHop        MED        LocPrf    PrefVal Path/Ogn*>   1.1.1.3/32         10.0.23.2                             0      200 100i

我们在AR3上仍然可以接收到loopback3的路由信息

[AR4]display bgp routing-tableBGP Local router ID is 4.4.4.4 Status codes: * - valid, > - best, d - damped,h - history,  i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteTotal Number of Routes: 3Network            NextHop        MED        LocPrf    PrefVal Path/Ogn*>i  1.1.1.1/32         10.0.24.2       0          100        0      100i*>i  1.1.1.2/32         10.0.24.2       0          100        0      100i*>i  1.1.1.3/32         10.0.24.2       0          100        0      100i

AR4可以接收到所有的路由信息

假如此时拓扑为以下

AR4与AR3也建立EBGP邻居关系,那么此时AR3上能够学习到几条路由呢?

AR3
int g 0/0/0
ip add 10.0.34.3 24
bgp 300
peer 10.0.34.4 as 200AR4
int g 0/0/1
ip add 10.0.34.4 24
bgp 200
peer 10.0.34.3 as 300

查看AR3上的路由信息

<AR3>dis bgp routing-table BGP Local router ID is 3.3.3.3 Status codes: * - valid, > - best, d - damped,h - history,  i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteTotal Number of Routes: 4Network            NextHop        MED        LocPrf    PrefVal Path/Ogn*>   1.1.1.1/32         10.0.34.4                             0      200 100i*>   1.1.1.2/32         10.0.34.4                             0      200 100i*>   1.1.1.3/32         10.0.23.2                             0      200 100i*                       10.0.34.4                             0      200 100i

可以看到此时AR3学习到了所有的路由,这是为什么?

因为我们在AR2上并没有配置携带团体属性命令,所以AR2在传递给AR4路由的时候并不会去携带团体属性,所以AR4收到路由后就会正常去进行传递。

二、实验二扩展团体属性

拓扑

本实验拓扑与上实验一致,基础配置与BGP路由配置一致这里不过多赘述

实验目的:使用扩展团体属性实现AR1的路由传递给AR2时不会传递给其他AS,Loopback3的路由不受影响

1、路由策略配置

ip ip-prefix 3 index 10 permit 1.1.1.3 32
route-policy 1 permit node 10 
if-match ip-prefix 3 
route-policy 1 permit node 20 
apply community 100:200 
q
bgp 100
peer 10.0.12.2 route-policy 1 export

查看AR2上的路由信息

<AR2>dis bgp routing-table BGP Local router ID is 2.2.2.2 Status codes: * - valid, > - best, d - damped,h - history,  i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteTotal Number of Routes: 3Network            NextHop        MED        LocPrf    PrefVal Path/Ogn*>   1.1.1.1/32         10.0.12.1       0                     0      100i*>   1.1.1.2/32         10.0.12.1       0                     0      100i*>   1.1.1.3/32         10.0.12.1       0                     0      100i

<AR2>display bgp routing-table communityBGP Local router ID is 2.2.2.2 Status codes: * - valid, > - best, d - damped,h - history,  i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteTotal Number of Routes: 2Network            NextHop        MED        LocPrf    PrefVal Community*>   1.1.1.1/32         10.0.12.1       0                     0      <100:200>*>   1.1.1.2/32         10.0.12.1       0                     0      <100:200>

可以看到此时AR1传递路由时已经携带了扩展团体属性,此时我们就可以根据扩展团体属性来进行路由过滤

AR2
ip community-filter 1 permit 100:200
route-policy 1 deny node 10 
if-match community-filter 1
q
route-policy 1 permit node 20 
q
bgp 200
peer 10.0.12.1 route-policy 1 import

查看AR4和AR3的路由信息

<AR4>dis bgp routing-table BGP Local router ID is 4.4.4.4 Status codes: * - valid, > - best, d - damped,h - history,  i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteTotal Number of Routes: 3Network            NextHop        MED        LocPrf    PrefVal Path/Ogn*>i  1.1.1.1/32         10.0.24.2       0          100        0      100i*>i  1.1.1.2/32         10.0.24.2       0          100        0      100i*>i  1.1.1.3/32         10.0.24.2       0          100        0      100i

<AR3>dis bgp routing-table BGP Local router ID is 3.3.3.3 Status codes: * - valid, > - best, d - damped,h - history,  i - internal, s - suppressed, S - StaleOrigin : i - IGP, e - EGP, ? - incompleteTotal Number of Routes: 1Network            NextHop        MED        LocPrf    PrefVal Path/Ogn*>   1.1.1.3/32         10.0.23.2                             0      200 100i

以上就是本章的全部内容了,感谢大家的浏览观看!文章若有错误或疑问可联系博主删除更改。

查看全文

http://www.dtcms.com/a/305322.html