CCNP(BSCI)实验：配置BGP的路由过滤和默认路由

第一步：预配置
R1(config)#int lo0
R1(config-if)#ip add 1.1.1.1 255.255.255.0
R1(config-if)#int s2/1
R1(config-if)#ip add 12.0.0.1 255.255.255.0
R1(config-if)#no sh

R2(config)#int lo0
R2(config-if)#ip add 2.2.2.2 255.255.255.0
R2(config-if)#int s2/1
R2(config-if)#ip add 12.0.0.2 255.255.255.0
R2(config-if)#no sh
R2(config-if)#int s2/2
R2(config-if)#ip add 23.0.0.2 255.255.255.0
R2(config-if)#no sh

R3(config)#int lo0
R3(config-if)#ip add 3.3.3.3 255.255.255.0
R3(config-if)#int s2/1
R3(config-if)#ip add 23.0.0.3 255.255.255.0
R3(config-if)#no sh
R3(config-if)#int s2/2
R3(config-if)#ip add 34.0.0.3 255.255.255.0

第二步：配置BGP
R1(config)#router bgp 100
R1(config-router)#nei 12.0.0.2 remote-as 200
R1(config-router)#net 1.1.1.0 mask 255.255.255.0

R2(config)#router bgp 200
R2(config-router)#nei 12.0.0.1 remote-as 100
R2(config-router)#nei 23.0.0.3 remote-as 300
R2(config-router)#net 2.2.1.0 mask 255.255.255.0
R2(config-router)#net 2.2.2.0 mask 255.255.255.0

R3(config)#router bgp 300
R3(config-router)#nei 23.0.0.2 remote-as 200
R3(config-router)#net 3.3.3.0 mask 255.255.255.0
第三步：分别查看R1和R3的bgp表
R2#sh ip bgp
BGP table version is 5, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
> 1.1.1.0/24 12.0.0.1 0 0 100 i
> 2.2.1.0/24 0.0.0.0 0 32768 i
> 2.2.2.0/24 0.0.0.0 0 32768 i
> 3.3.3.0/24 23.0.0.3 0 0 300 i

R3#sh ip bgp
BGP table version is 5, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
> 1.1.1.0/24 23.0.0.2 0 200 100 i
> 2.2.1.0/24 23.0.0.2 0 0 200 i
> 2.2.2.0/24 23.0.0.2 0 0 200 i
> 3.3.3.0/24 0.0.0.0 0 32768 i
路由过滤
第三步：我们对路由进行过滤
R2(config)#access-list 1 permit 2.2.0.0 0.0.255.255
//抓取2.2.0.0 路由

access-list 1 permit 2.2.0.0 0.0.255.255
access-list 10 deny 1.1.1.0 0.0.0.255
access-list 10 permit any
//我们分别写了两个控制表，并用在了下列所示bgp 200中
//再一个请注意，acl最后一句是deny any的，不显示。
router bgp 200
…………………………
neighbor 12.0.0.1 distribute-list 10 in
neighbor 12.0.0.1 distribute-list 1 out
//这两句是配置命令，要写入R2
我们预计在R3 的bgp表中将没有1.1.1.0
在R1的bgp表中将没有3.3.3.0

R3#sh ip bgp
BGP table version is 4, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
> 2.2.1.0/24 23.0.0.2 0 0 200 i
> 2.2.2.0/24 23.0.0.2 0 0 200 i
*> 3.3.3.0/24 0.0.0.0 0 32768 i

R1#sh ip bgp
BGP table version is 4, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
> 1.1.1.0/24 0.0.0.0 0 32768 i
> 2.2.1.0/24 12.0.0.2 0 0 200 i
*> 2.2.2.0/24 12.0.0.2 0 0 200 i

第四步：我们又no掉一句neighbor 12.0.0.1 distribute-list 10 in
看看R3bgp表中有了1.1.1.0/24的路由
R3#sh ip bgp
BGP table version is 5, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
> 1.1.1.0/24 23.0.0.2 0 200 100 i
> 2.2.1.0/24 23.0.0.2 0 0 200 i
> 2.2.2.0/24 23.0.0.2 0 0 200 i
> 3.3.3.0/24 0.0.0.0 0 32768 i
默认路由
第五步：在R1上创建一个网络，并通过BGP通告出去
R1(config)#int lo 1
R1(config-if)#ip add 10.0.0.1 255.255.255.0

R1(config)#router bgp 100
R1(config-router)#net 10.0.0.0 mask 255.255.255.0

R2(config)#ip default-network 10.0.0.0
//把10.0.0.0作为默认网络
R2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is 12.0.0.1 to network 10.0.0.0

1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 12.0.0.1, 00:06:00
2.0.0.0/24 is subnetted, 2 subnets
C 2.2.1.0 is directly connected, Loopback1
C 2.2.2.0 is directly connected, Loopback0
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/0] via 23.0.0.3, 00:05:35
23.0.0.0/24 is subnetted, 1 subnets
C 23.0.0.0 is directly connected, Serial2/2

• 10.0.0.0/24 is subnetted, 1 subnets
  B* 10.0.0.0 [20/0] via 12.0.0.1, 00:06:00
  12.0.0.0/24 is subnetted, 1 subnets
  C 12.0.0.0 is directly connected, Serial2/1
  
  
  

第六步：测试
R1(config)#int lo 2
R1(config-if)#ip add 100.0.0.1 255.255.255.0

R2# ping 100.0.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/28/68 ms

来源：oschina

链接：https://my.oschina.net/u/4338498/blog/4655708