<Community>主要用來控制路由的傳播範圍
社團屬性,也叫共同體屬性,是可選傳遞屬性
·“可選”:意味着並不是所有的路由器都能識別這個社團屬性。
·“傳遞”:意味着路由器即使不能識別這個屬性,也能將這條路由繼續傳遞下去。
·社團屬性類似於tag標記,它允許路由器能夠使用一個指示符來標記路由,並且允許其它路由器根據這個標記來控制路由的傳播範圍,或者對含有標記的路由做一些處理。一條路由可以設置多個社團屬性,也就是說允許同時打上多個標記
要去:
1.證明團體屬性的區別及其傳播範圍
2.聯盟的應用
3.反射器的應用
R1配置
interface Loopback0
ip address 1.1.1.1 255.255.255.0
interface Loopback1
ip address 1.1.2.1 255.255.255.0
interface Loopback2
ip address 1.1.3.1 255.255.255.0
interface Loopback3
ip address 1.1.4.1 255.255.255.0
interface Serial0/0
ip address 12.1.1.1 255.255.255.0
serial restart-delay 0
router ospf 10
router-id 1.1.1.1
log-adjacency-changes
network 1.1.1.0 0.0.0.255 area 0
network 1.1.2.0 0.0.0.255 area 0
network 1.1.3.0 0.0.0.255 area 0
network 1.1.4.0 0.0.0.255 area 0
network 12.1.1.0 0.0.0.255 area 0
!router bgp 65535
no synchronization
bgp router-id 1.1.1.1
bgp log-neighbor-changes
bgp confederation identifier 1
network 1.1.1.0 mask 255.255.255.0
network 1.1.2.0 mask 255.255.255.0
network 1.1.3.0 mask 255.255.255.0
network 1.1.4.0 mask 255.255.255.0
neighbor 2.2.2.2 remote-as 65535
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 2.2.2.2 send-community
neighbor 2.2.2.2 route-map liang out
no auto-summary
ip bgp-community new-format
access-list 10 permit 1.1.1.0
access-list 20 permit 1.1.2.0
access-list 30 permit 1.1.3.0
access-list 40 permit 1.1.4.0
route-map liang permit 10
match ip address 10
set community no-advertise
route-map liang permit 20
match ip address 20
set community no-export
route-map liang permit 30
match ip address 30
set community local-AS
route-map liang permit 40
match ip address 40
set community internet
R2的配置
interface Loopback0
ip address 2.2.2.2 255.255.255.0
interface Serial0/0
ip address 12.1.1.2 255.255.255.0
serial restart-delay 0
interface Serial0/1
ip address 23.1.1.2 255.255.255.0
serial restart-delay 0
interface Serial0/2
ip address 24.1.1.2 255.255.255.0
serial restart-delay 0
router ospf 10
router-id 2.2.2.2
log-adjacency-changes
network 2.2.2.0 0.0.0.255 area 0
network 12.1.1.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 0
router bgp 65535
no synchronization
bgp router-id 2.2.2.2
bgp log-neighbor-changes
bgp confederation identifier 1
bgp confederation peers 65534
neighbor 1.1.1.1 remote-as 65535
neighbor 1.1.1.1 update-source Loopback0
neighbor 3.3.3.3 remote-as 65535
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 route-reflector-client
neighbor 3.3.3.3 next-hop-self
neighbor 3.3.3.3 send-community
neighbor 4.4.4.4 remote-as 65534
neighbor 4.4.4.4 send-community
neighbor 24.1.1.4 remote-as 65534
neighbor 24.1.1.4 ebgp-multihop 255
neighbor 24.1.1.4 next-hop-self
neighbor 24.1.1.4 send-community
no auto-summary
ip bgp-community new-format
R3的配置
interface Loopback0
ip address 3.3.3.3 255.255.255.0
interface Serial0/1
ip address 23.1.1.3 255.255.255.0
serial restart-delay 0
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.0 0.0.0.255 area 0
network 23.1.1.0 0.0.0.255 area 0
router bgp 65535
no synchronization
bgp router-id 3.3.3.3
bgp log-neighbor-changes
bgp confederation identifier 1
neighbor 2.2.2.2 remote-as 65535
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
R4的配置
interface Loopback0
ip address 4.4.4.4 255.255.255.0
interface Serial0/2
ip address 24.1.1.4 255.255.255.0
serial restart-delay 0
interface Serial0/3
ip address 45.1.1.4 255.255.255.0
serial restart-delay 0
router bgp 65534
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
bgp confederation identifier 1
bgp confederation peers 65535
neighbor 24.1.1.2 remote-as 65535
neighbor 24.1.1.2 ebgp-multihop 255
neighbor 45.1.1.5 remote-as 2
neighbor 45.1.1.5 ebgp-multihop 255
neighbor 45.1.1.5 send-community
no auto-summary
R5的配置
interface Serial0/3
ip address 45.1.1.5 255.255.255.0
serial restart-delay 0
router bgp 2
no synchronization
bgp router-id 5.5.5.5
bgp log-neighbor-changes
neighbor 45.1.1.4 remote-as 1
no auto-summary
我們是在R1上起四個路由條目並通過route-map抓住打上四個不同的團體屬性值
·社團屬性分以下兩種:
1、well-known communities 公認團體
2、Private communities 私有團體
·社團屬性中已經預定義好的三類well-known屬性:
no-advertise:攜帶此屬性的路由不會通告給任何BGP鄰居。也就是說只傳達給一個鄰居
no-export: 攜帶此屬性的路由不會傳出本AS外,只會傳給IBGP。(聯邦中的小AS會傳遞)。
local-AS: 攜帶此屬性的路由不會傳出小AS。
internat 攜帶此屬性的可以任意傳播不受AS的限制
R2#show ip bgp 四條都有
BGP table version is 7, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i1.1.1.0/24 1.1.1.1 0 100 0 i
*>i1.1.2.0/24 1.1.1.1 0 100 0 i
*>i1.1.3.0/24 1.1.1.1 0 100 0 i
*>i1.1.4.0/24 1.1.1.1 0 100 0 i
R3# show ip bgp 因爲1.1.1.0打上的是no-ad的屬性只會傳一跳所以R3上收不到
BGP table version is 8, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i1.1.2.0/24 1.1.1.1 0 100 0 i
*>i1.1.3.0/24 1.1.1.1 0 100 0 i
*>i1.1.4.0/24 1.1.1.1 0 100 0 i
R4#show ip bgp 1.1.3.0 打上的是local屬性不會傳出小AS(聯盟)所以R4屬於另一個聯盟收不到
BGP table version is 15, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.2.0/24 24.1.1.2 0 100 0 (65535) i
*> 1.1.4.0/24 24.1.1.2 0 100 0 (65535) i
R5# show ip bgp
BGP table version is 25, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.4.0/24 45.1.1.4 0 1 i
在R5上只收到一條internet屬性的條目 no-export 會在大AS內傳播但不會給公有EBGP傳播