實驗拓撲:
實驗目的:
R1訪問外網的流量分別通過R2、R3實現負載分擔;
R1訪問AS400的流量僅通過R2,其他的流量通過R3;
R4不向R2通告113.59.69.4/30段的路由;
R6只通告202.100.192.0/24的聚合路由;
實驗過程:
如圖所示,配置各路由器的接口地址;
⑴ R1的接口配置:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R1
[R1]inter LoopBack 0
[R1-LoopBack0]ip address 10.10.10.10 32
[R1-LoopBack0]quit
[R1]inter g0/0/1
[R1-GigabitEthernet0/0/1]ip address 10.147.140.1 30
[R1-GigabitEthernet0/0/1]quit
[R1]inter g0/0/2
[R1-GigabitEthernet0/0/2]ip address 10.147.140.5 30
[R1-GigabitEthernet0/0/2]quit
⑵ R2的接口配置:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R2
[R2]inter LoopBack 0
[R2-LoopBack0]ip address 1.1.1.1 32
[R2-LoopBack0]quit
[R2]inter g0/0/1
[R2-GigabitEthernet0/0/1]ip address 10.147.140.2 30
[R2-GigabitEthernet0/0/1]quit
[R2]inter g0/0/0
[R2-GigabitEthernet0/0/0]ip address 10.147.140.9 30
[R2-GigabitEthernet0/0/0]quit
[R2]interface serial 0/0/0
[R2-Serial0/0/0]link-protocol ppp
[R2-Serial0/0/0]ip address 59.49.241.1 30
[R2-Serial0/0/0]quit
⑶ R3的接口配置:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R3
[R3]inter LoopBack 0
[R3-LoopBack0]ip address 2.2.2.2 32
[R3-LoopBack0]quit
[R3]inter g0/0/2
[R3-GigabitEthernet0/0/2]ip address 10.147.140.6 30
[R3-GigabitEthernet0/0/2]quit
[R3]inter g0/0/0
[R3-GigabitEthernet0/0/0]ip address 10.147.140.10 30
[R3-GigabitEthernet0/0/0]quit
[R3]interface serial 0/0/0
[R3-Serial0/0/0]link-protocol ppp
[R3-Serial0/0/0]ip address 113.59.60.1 30
[R3-Serial0/0/0]quit
⑷ R4的接口配置:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R4
[R4]inter LoopBack 0
[R4-LoopBack0]ip address 59.59.59.59 32
[R4-LoopBack0]quit
[R4]inter g0/0/0
[R4-GigabitEthernet0/0/0]ip address 59.49.241.5 30
[R4-GigabitEthernet0/0/0]quit
[R4]interface serial 0/0/0
[R4-Serial0/0/0]link-protocol ppp
[R4-Serial0/0/0]ip address 59.49.241.2 30
[R4-Serial0/0/0]quit
⑸ R5的接口配置:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R5
[R5]inter LoopBack 0
[R5-LoopBack0]ip address 113.113.113.113 32
[R5-LoopBack0]quit
[R5]inter g0/0/0
[R5-GigabitEthernet0/0/0]ip address 113.59.69.5 30
[R5-GigabitEthernet0/0/0]quit
[R5]interface serial 0/0/0
[R5-Serial0/0/0]link-protocol ppp
[R5-Serial0/0/0]ip address 113.59.60.2 30
[R5-Serial0/0/0]quit
⑹ R6的接口配置:
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]undo info-center enable
Info: Information center is disabled.
[Huawei]sysname R6
[R6]inter LoopBack 0
[R6-LoopBack0]ip address 100.100.100.100 32
[R6-LoopBack0]quit
[R6]inter LoopBack 1
[R6-LoopBack1]ip address 202.100.192.68 32
[R6-LoopBack1]quit
[R6]inter g0/0/0
[R6-GigabitEthernet0/0/0]ip address 59.49.241.6 30
[R6-GigabitEthernet0/0/0]quit
[R6]inter g0/0/1
[R6-GigabitEthernet0/0/1]ip address 113.59.69.6 30
[R6-GigabitEthernet0/0/1]quit
2.內網路由器的OSPF配置
⑴ R1的OSPF配置:
[R1]OSPF 1 router-id 10.10.10.10
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.10.10.10 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.147.140.0 0.0.0.3
[R1-ospf-1-area-0.0.0.0]network 10.147.140.4 0.0.0.3
[R1-ospf-1-area-0.0.0.0]return
<R1>save
⑵ R2的OSPF配置:
[R2]OSPF 1 router-id 10.10.10.10
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.147.140.0 0.0.0.3
[R2-ospf-1-area-0.0.0.0]network 10.147.140.8 0.0.0.3
[R2-ospf-1-area-0.0.0.0]return
<R2>save
⑶ R3的OSPF配置:
[R3]OSPF 1 router-id 10.10.10.10
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.147.140.4 0.0.0.3
[R3-ospf-1-area-0.0.0.0]network 10.147.140.8 0.0.0.3
[R3-ospf-1-area-0.0.0.0]return
<R3>save
3.路由器的BGP配置
⑴ R2的BGP配置:
[R2]BGP 65510
[R2-bgp]undo synchronization
[R2-bgp]PEER 2.2.2.2 as-number 65510
[R2-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[R2-bgp]peer 2.2.2.2 next-hop-local
[R2-bgp]peer 59.49.241.2 as-number 400
[R2-bgp]network 10.10.10.10 255.255.255.255
[R2-bgp]network 1.1.1.1 255.255.255.255
[R2-bgp]network 10.147.140.0 255.255.255.252
[R2-bgp]network 10.147.140.8 255.255.255.252
[R2-bgp]network 59.49.241.0 255.255.255.252
[R2-bgp]quit
⑵ R3的BGP配置:
[R3]BGP 65510
[R3-bgp]undo synchronization
[R3-bgp]PEER 1.1.1.1 as-number 65510
[R3-bgp]peer 1.1.1.1 connect-interface LoopBack 0
[R3-bgp]peer 1.1.1.1 next-hop-local
[R3-bgp]peer 113.59.60.2 as-number 500
[R3-bgp]network 2.2.2.2 255.255.255.255
[R3-bgp]network 1.1.1.1 255.255.255.255
[R3-bgp]network 10.147.140.4 255.255.255.252
[R3-bgp]network 10.147.140.8 255.255.255.252
[R3-bgp]network 113.59.60.0 255.255.255.252
[R3-bgp]quit
⑶ R4的BGP配置:
[R4]BGP 400
[R4-bgp]undo synchronization
[R4-bgp]PEER 59.49.241.1 as-number 65510
[R4-bgp]peer 59.49.241.6 as-number 600
[R4-bgp]network 59.59.59.59 255.255.255.255
[R4-bgp]network 59.49.241.0 255.255.255.252
[R4-bgp]network 59.49.241.4 255.255.255.252
[R4-bgp]quit
⑷ R5的BGP配置:
[R5]BGP 500
[R5-bgp]undo synchronization
[R5-bgp]PEER 113.59.60.1 as-number 65510
[R5-bgp]peer 113.59.69.6 as-number 600
[R5-bgp]network 113.113.113.113 255.255.255.255
[R5-bgp]network 113.59.60.0 255.255.255.252
[R5-bgp]network 113.59.69.4 255.255.255.252
[R5-bgp]quit
⑸ R6的BGP配置:
[R6]BGP 600
[R6-bgp]undo synchronization
[R6-bgp]PEER 59.49.241.5 as-number 400
[R6-bgp]peer 113.59.69.5 as-number 500
[R6-bgp]network 100.100.100.100 255.255.255.255
[R6-bgp]network 202.100.192.68 255.255.255.255
[R6-bgp]network 59.49.241.4 255.255.255.252
[R6-bgp]network 113.59.69.4 255.255.255.252
[R6-bgp]quit
4.查看各路由器的BGP路由情況
⑴ R2的BGP路由信息: ⑵ R3的BGP路由信息:
⑶ R4的BGP路由信息: ⑷ R5的BGP路由信息:
⑸ R6的BGP路由信息:
● R1訪問外網的流量分別通過R2、R3實現負載分擔
如果內網路由器都運行BGP協議,都建立了IBGP關係,可以使用路由策略設置local-preference值來實現;
R2、R3通過發佈缺省路由,設置相同的OSPF COST值來實現。
在R2上設置:
[R2]ospf 1
[R2-ospf-1]default-route-advertise always
在R3上設置:
[R3]ospf 1
[R3-ospf-1]default-route-advertise always
在R1上查看IP路由表:
可以發現,在R1上有兩條去往外部的等價默認路由。
● R1訪問AS400的流量僅通過R2,其他的流量通過R3
流量離開同一個AS的不同IBGP路由器時,可以通過設置不同的local-pref值來實現路由選擇,local-pref默認值是100.值越大越優。
在R2上配置route-policy,設置去往AS400的local-pref值爲300,去往其他網段的值爲默認值;在R3上配置默認local-pref值爲200。
在R2上配置:
[R2]ip as-path-filter 1 permit ^400$ ///使用ACL可以達到同樣的效果\\\
[R2]route-policy only_as400 permit node 10
[R2-route-policy]if-match as-path-filter 1
[R2-route-policy]apply local-preference 300
[R2]route-policy only_as400 permit node 20
[R2-route-policy]quit
[R2]bgp 65510
[R2-bgp]peer 59.49.241.2 route-policy only_as400 import
[R2-bgp]quit
在R3上配置:
[R3]bgp 65510
[R3-bgp]default local-preference 200
[R3-bgp]quit
在R2上檢驗結果:
未配置route-policy之前:路由跟蹤顯示經過R4→R6
![wKiom1OyEAKQnYNmAAC8fLVC92Q637.jpg]( "1.jpg")
配置route-policy之後:路由跟蹤顯示經過R3→R5→R6
![wKiom1OyEDbwjzd_AAFkZkaZR4s497.jpg]( "2.jpg")
R2上的BGP路由表:
● R4不向R2通告113.59.69.4/30段的路由
在R6上配置route-policy+community實現
在R6配置:
[R6]acl number 2001
[R6-acl-basic-2001]rule 0 permit source 113.59.69.4 255.255.255.252
[R6-acl-basic-2001]quit
[R6]route-policy 1 permit node 10
Info: New Sequence of this List.
[R6-route-policy]if-match acl 2001
[R6-route-policy]apply community no-export
[R6-route-policy]quit
[R6]route-policy 1 permit node 20
Info: New Sequence of this List.
[R6]bgp 600
[R6-bgp]peer 59.49.241.5 route-policy 1 export
[R6-bgp]peer 59.49.241.5 advertise-community
[R6-bgp]quit
在R2檢測結果:發現R2僅能從其IBGP對等體收到113.59.69.4/30的路由通告。
● R6只通告202.100.192.0/24的聚合路由;
使用命令aggregate手動聚合
在R6配置:
[R6]bgp 600
[R6-bgp]aggregate 202.100.192.0 24 detail-suppressed
[R6-bgp]quit
在R2檢測結果:發現R2上存在202.100.192.0的聚合路由信息,無詳細路由信息。
