问题描述:
一.配置ip与ospfr1:
[Huawei]sys r1 [r1-GigabitEthernet0/0/0]ip add 13.0.0.1 24 [r1-LoopBack0]ip add 1.1.1.1 24
r2:
[Huawei]sys r2 [r2-LoopBack0]ip add 2.2.2.2 24 [r2-GigabitEthernet0/0/0]ip add 24.0.0.1 24
r3:
[Huawei]sys r3 [r3-GigabitEthernet0/0/0]ip add 13.0.0.2 24 [r3-GigabitEthernet0/0/1]ip add 35.0.0.1 24 [r3-LoopBack0]ip add 3.3.3.3 24 [r3]ospf 1 router-id 3.3.3.3 [r3-ospf-1]area 0 [r3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0 [r3-ospf-1-area-0.0.0.0]network 35.0.0.0 0.0.0.255
r4:
[Huawei]sys r4 [r4-GigabitEthernet0/0/0]ip add 46.0.0.1 24 [r4-GigabitEthernet0/0/1]ip add 24.0.0.2 24 [r4-LoopBack0]ip add 4.4.4.4 24 [r4]ospf 1 router-id 4.4.4.4 [r4-ospf-1]area 0 [r4-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0 [r4-ospf-1-area-0.0.0.0]network 46.0.0.0 0.0.0.255
r5:
[Huawei]sys r5 [r5-GigabitEthernet0/0/0]ip add 35.0.0.2 24 [r5-GigabitEthernet0/0/1]ip add 46.0.0.2 24 [r5-LoopBack0]ip add 5.5.5.5 24 [r5]ospf 1 router-id 5.5.5.5 [r5-ospf-1]area 0 [r5-ospf-1-area-0.0.0.0]network 5.5.5.5 0.0.0.0 [r5-ospf-1-area-0.0.0.0]network 35.0.0.0 0.0.0.255 [r5-ospf-1-area-0.0.0.0]network 46.0.0.0 0.0.0.255二.建邻-----r1-r3与r2-r4为直连建邻;r3-r4为环回建邻-----需要修改建邻跳数
r1:
[r1]bgp 100 [r1-bgp]router-id 1.1.1.1 [r1-bgp]peer 13.0.0.2 as-number 300 [r1-bgp]peer 13.0.0.2 ebgp-max-hop 2
r2:
[r2]bgp 200 [r2-bgp]router-id 2.2.2.2 [r2-bgp]peer 24.0.0.2 as-number 300
r3:
[r3]bgp 300 [r3-bgp]router-id 3.3.3.3 [r3-bgp]peer 13.0.0.1 as-number 100 [r3-bgp]peer 4.4.4.4 as-number 300 [r3-bgp]peer 4.4.4.4 connect-interface LoopBack 0
r4;
[r4]bgp 300 [r4-bgp]router-id 4.4.4.4 [r4-bgp]peer 24.0.0.1 as-number 200 [r4-bgp]peer 3.3.3.3 as-number 300 [r4-bgp]peer 3.3.3.3 connect-interface LoopBack 0三.配置路由(使用network命令与import命令)
r1:
[r1]bgp 100 [r1-bgp]network 1.1.1.0 255.255.255.0
r2:
[r2]bgp 200 [r2-bgp]network 2.2.2.0 255.255.255.0
r3:
[r3]route-policy direct permit node 10 [r3-route-policy]if-match interface LoopBack 0 [r3-route-policy]if-match interface GigabitEthernet 0/0/0 [r3-route-policy]if-match interface GigabitEthernet 0/0/1 [r3]bgp 300 [r3-bgp]import-route direct route-policy direct [r3-bgp]peer 4.4.4.4 next-hop-local
r4:
[r4]route-policy direct permit node 10 [r4-route-policy]if-match interface LoopBack 0 [r4-route-policy]if-match interface GigabitEthernet 0/0/0 [r4-route-policy]if-match interface GigabitEthernet 0/0/1 [r4]bgp 300 [r4-bgp]import-route direct route-policy direct [r4-bgp]peer 3.3.3.3 next-hop-local
注意:bgp传递路由时需要将下一跳改成local,这样下一跳信息才会改变
四.全网可达因为r5路由表里没有到2.2.2.2网段信息-------重发布解决
[r3]ospf 1 [r3-ospf-1]import-route bgp [r3-ospf-1]import-route direct
[r4]ospf 1 [r4-ospf-1]import-route bgp [r4-ospf-1]import-route direct
除此之外,给r1、r2下发一条缺省,连通r5
[r1]ip route-static 0.0.0.0 0 13.0.0.2
[r2]ip route-static 0.0.0.0 0 24.0.0.2五.过滤操作
r1上新增三个环回:
[r1]int LoopBack 1 [r1-LoopBack1]ip add 10.1.1.1 24 [r1]int LoopBack 2 [r1-LoopBack2]ip add 10.2.2.2 24 [r1]int LoopBack 3 [r1-LoopBack3]ip add 10.3.3.3 24 [r1]bgp 100 [r1-bgp]network 10.1.1.0 255.255.255.0 [r1-bgp]network 10.2.2.0 255.255.255.0 [r1-bgp]network 10.3.3.0 255.255.255.0
使用前缀列表进行过滤
r1:
[r1]ip ip-prefix a deny 10.3.3.3 24 //出口上过滤 [r1]ip ip-prefix a permit 0.0.0.0 0 less-equal 32 [r1-bgp]peer 13.0.0.2 ip-prefix a export
r3:
[r3]ip ip-prefix a deny 10.3.3.3 24 //入口上过滤 [r3]ip ip-prefix a permit 0.0.0.0 0 less-equal 32 [r3-bgp]peer 13.0.0.1 ip-prefix a import
使用route-policy进行过滤
r4:
[r4]ip ip-prefix a permit 10.2.2.2 24 //出方向进行过滤 [r4]route-policy aa deny node 10 [r4-route-policy]if-match ip-prefix a [r4]route-policy aa permit node 20 [r4]bgp 300 [r4-bgp]peer 24.0.0.1 route-policy aa export
r2:
[r2]ip ip-prefix a permit 10.2.2.2 24 //出接口过滤 [r2]route-policy aa deny node 10 [r2-route-policy]if-match ip-prefix a [r2]route-policy aa permit node 20 [r2]bgp 200 [r2-bgp]peer 24.0.0.2 route-policy aa import
