实验拓扑
实验需求
现有三个自治系统,需要对R1访问R4的loopback-X数据走向进行精确控制:
R1访问R4的loopback0走R2,通过在R1上修改本地优先级实现
R1访问R4的loopback1走R3,通过在R2上修改MED实现
R1访问R4的loopback2走R2,通过在R4上修改AS-path实现
R1访问R4的loopback3走R3,通过在R3上修改origi属性实现
实验步骤
1.配置IP地址及环回口地址
2.配置OSPF 使全网互通(略)
3.R1访问R4的loopback0走R2,通过在R1上修改本地优先级实现
R1
[R1]ip ip-prefix 2 index 10 permit 4.4.4.1 32 [R1]route-policy c permit node 10 [R1-route-policy]if-match ip-prefix 2 [R1-route-policy]apply local-preference 200 [R1]route-policy c permit node 20 [R1]bgp 100 [R1-bgp]peer 192.168.1.2 route-policy c import
4. R1查看BGP协议路由表
[R1]dis bgp routing-table
BGP Local router ID is 192.168.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 4.4.4.1/32 192.168.1.2 200 0 200 300i
* 192.168.2.2 0 200 300i
*> 4.4.4.2/32 192.168.1.2 0 200 300i
* 192.168.2.2 0 200 300i
*> 4.4.4.3/32 192.168.1.2 0 200 300i
* 192.168.2.2 0 200 300 30
0 300 300i
5. R1访问R4的loopback1走R3,通过在R2上修改MED实现
R2
[Huawei]ip ip-prefix 3 index 10 permit 4.4.4.2 32 [Huawei]route-policy h permit node 10 [Huawei-route-policy]if-match ip-prefix 3 [Huawei-route-policy]apply cost 100 [Huawei]route-policy h permit node 20 [Huawei]bgp 200 [Huawei-bgp]peer 192.168.1.1 route-policy h export
分析:当路由器学习到多条去往相同目的网段的BGP路由时,在其他条件都相同的情况下,BGP将比较这些路由的MED 属性,越小越优。其实可理解为就是改开销
6. 在R1上查看BGP协议路由表
[R1]dis bgp routing-table
BGP Local router ID is 192.168.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 4.4.4.1/32 192.168.1.2 200 0 200 300i
* 192.168.2.2 0 200 300i
*> 4.4.4.2/32 192.168.2.2 0 200 300i
* 192.168.1.2 100 0 200 300i
*> 4.4.4.3/32 192.168.1.2 0 200 300i
* 192.168.2.2 0 200 300 30
0 300 300i
7. 在R1上检查一下BGP的详细信息表
[R1]dis bgp routing-table 4.4.4.2
BGP local router ID : 192.168.1.1
Local AS number : 100
Paths: 2 available, 1 best, 1 select
BGP routing table entry information of 4.4.4.2/32:
From: 192.168.2.2 (192.168.2.2)
Route Duration: 00h21m07s
Direct Out-interface: GigabitEthernet0/0/1
Original nexthop: 192.168.2.2
Qos information : 0x0
AS-path 200 300, origin igp, pref-val 0, valid, external, best, select, active,
pre 255
Advertised to such 2 peers:
192.168.1.2
192.168.2.2
BGP routing table entry information of 4.4.4.2/32:
From: 192.168.1.2 (192.168.1.2)
Route Duration: 00h09m37s
Direct Out-interface: GigabitEthernet0/0/0
Original nexthop: 192.168.1.2
Qos information : 0x0
AS-path 200 300, origin igp, MED 100, pref-val 0, valid, external, pre 255, not
preferred for MED
Not advertised to any peer yet
//发现我们修改的MED 值 已生效,在这里可以检查核对。
8. R1访问R4的loopback2走R2,通过在R4上修改AS-path实现
R4
[Huawei]ip ip-prefix s index 10 permit 4.4.4.3 32 [Huawei]route-policy s permit node 10 [Huawei-route-policy]if-match ip-prefix s [Huawei-route-policy]apply as-path 300 300 300 additive [Huawei]route-policy s permit node 20 [Huawei]bgp 300 [Huawei-bgp]peer 192.168.200.2 route-policy s export
分析:BGP 优选AS-path 属性最短的路由,我把AS-path 属性变长(增加了AS号),达到实验需求。
9. R1上查看BGP路由表,发现在表中可以观察到已生效.
[R1]dis bgp routing-table
BGP Local router ID is 192.168.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 4.4.4.1/32 192.168.1.2 200 0 200 300i
* 192.168.2.2 0 200 300i
*> 4.4.4.2/32 192.168.2.2 0 200 300i
* 192.168.1.2 100 0 200 300i
*> 4.4.4.3/32 192.168.1.2 0 200 300i
* 192.168.2.2 0 200 300 30
0 300 300i
10. R1访问R4的loopback3走R3,通过在R3上修改origi属性实现
做这道题,首先要搞清楚BGP的Origin属性的优先级
BGP属性 - Origin ;3种Origin属性的优先级为:i>e>Incomplete(?)
Origin的3种属性: i 表明BGP路由通过network命令注入; e 表明BGP路由是从EGP学来的,EGP协议在现网中很难见到,但可以通过路由策略将路由的Origin属性修改为e; ? 即Incomplete表明BGP路由通过其它方式学到路由信息,如使用import命令引入的路由。
把loopback3引入BGP 300中,只引入4.4.4.4 的路由,不想产生其他路由条目。
[Huawei]ip ip-prefix huawei permit 4.4.4.4 32 [Huawei]route-policy huawei permit node 10 [Huawei-route-policy]if-match ip-prefix huawei [Huawei]route-policy huawei permit node 10 [Huawei]bgp 300 [Huawei-bgp]import-route direct route-policy huawei
11. 在AR1上查看BGP路由表,发现学习到的4.4.4.4路由为 ? ,此时只需要到R3上更改Origin属性为IGP 即可
R3
[R3] ip ip-prefix 321 permit 4.4.4.4 32 [R3] route-policy 321 permit node 10 [R3-route-policy]if-match ip-prefix 321 [R3-route-policy]apply origin igp //修改属性 [R3]route-policy 321 permit node 20 [R3]bgp 200 [R3-bgp]peer 192.168.2.1 route-policy 321 export //出方向
12. R1上查看BGP路由表
[R1]dis bgp routing-table
BGP Local router ID is 192.168.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 8
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 4.4.4.1/32 192.168.1.2 200 0 200 300i
* 192.168.2.2 0 200 300i
*> 4.4.4.2/32 192.168.2.2 0 200 300i
* 192.168.1.2 100 0 200 300i
*> 4.4.4.3/32 192.168.1.2 0 200 300i
* 192.168.2.2 0 200 300 30
0 300 300i
*> 4.4.4.4/32 192.168.2.2 0 200 300i
* 192.168.1.2 0 200 300?