完成下图实验

实验要求：

1.合理IP地址 
2.AS 1 2 3 内部使用OSPF 协议 , AS 1 AS 2内部建立全互联的IBGP邻居 ,AS之间建立全部的EBGP邻居
3.PC 1 3 5 属于电信的路由,通信时必须使用电信AS 1 ;PC 2 4 6 属于联通的路由,通信时必须使用联通的 AS 2
4.若 R1-R9之间链路断开,电信的路由依然通过电信 AS 1 通信

 Plan the experimental topology map divisionIP地址

配置各个 The router interface is legalIP地址

r1

r2

r3

r4

r5

r6

r7

r8

r9

r10

r11

 pc1-pc6的IP地址分别为10.0.1.2  10.0.2.2  10.0.3.2  10.0.4.2  10.0.5.2  10.0.6.2  

在配置完ipAfter the address, you can test the directly connected device checkIPWhether the address is configured incorrectly

将每个asThe routers in the area start upospfThe protocol is completed and the route is reachable and the loopback interface type is modified

as1:

r1：

[r1]ospf 100 router-id 1.1.1.1                  

[r1-ospf-100]area 0
[r1-ospf-100-area-0.0.0.0]network 1.1.1.1 0.0.0.0 
[r1-ospf-100-area-0.0.0.0]network 10.0.15.1 0.0.0.0    宣告
[r1-ospf-100-area-0.0.0.0]network 10.1.13.1 0.0.0.0

[r1]int lo0
[r1-LoopBack0]ospf network-type broadcast          修改接口类型

r3：

[r3]ospf 100 router-id 3.3.3.3
[r3-ospf-100]area 0
[r3-ospf-100-area-0.0.0.0]network 10.1.13.2 0.0.0.0 
[r3-ospf-100-area-0.0.0.0]network 10.0.37.1 0.0.0.0
[r3-ospf-100-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[r3]int lo0
[r3-LoopBack0]ospf network-type broadcast 

r5:
[r5]ospf 100 router-id 5.5.5.5
[r5-ospf-100]area 0
[r5-ospf-100-area-0.0.0.0]network 10.0.15.2 0.0.0.0 
[r5-ospf-100-area-0.0.0.0]network 10.1.57.1 0.0.0.0
[r5-ospf-100-area-0.0.0.0]network 5.5.5.5 0.0.0.0
[r5]int l0
[r5-LoopBack0]ospf network-type broadcast 

r7:
[r7]ospf 100 router-id 7.7.7.7
[r7-ospf-100]area 0
[r7-ospf-100-area-0.0.0.0]network 7.7.7.7 0.0.0.0 
[r7-ospf-100-area-0.0.0.0]network 10.1.57.2 0.0.0.0
[r7-ospf-100-area-0.0.0.0]network 10.0.37.2 0.0.0.0
[r7]int l0
[r7-LoopBack0]ospf network-type broadcast 

as2:

r2:

[r2]ospf 200 router-id 2.2.2.2
[r2-ospf-200]area 0
[r2-ospf-200-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[r2-ospf-200-area-0.0.0.0]network 10.0.26.1 0.0.0.0         宣告
[r2-ospf-200-area-0.0.0.0]network 10.1.24.1 0.0.0.0
[r2]int l0                                                                
[r2-LoopBack0]ospf network-type broadcast                       修改接口类型

r4: 
[r4]ospf 200 router-id 4.4.4.4
[r4-ospf-200]area 0
[r4-ospf-200-area-0.0.0.0]network 4.4.4.4 0.0.0.0
[r4-ospf-200-area-0.0.0.0]network 10.1.24.2 0.0.0.0 
[r4-ospf-200-area-0.0.0.0]network 10.0.48.1 0.0.0.0
[r4]int l0
[r4-LoopBack0]ospf network-type broadcast 

 r6:
[r6]ospf 200 router-id 6.6.6.6
[r6-ospf-200]area 0
[r6-ospf-200-area-0.0.0.0]network 6.6.6.6 0.0.0.0
[r6-ospf-200-area-0.0.0.0]network 10.0.26.2 0.0.0.0
[r6-ospf-200-area-0.0.0.0]network 10.1.68.1 0.0.0.0
[r6]int l0
[r6-LoopBack0]ospf network-type broadcast 

r8: 
[r8]ospf 200 router-id 8.8.8.8
[r8-ospf-200]area 0
[r8-ospf-200-area-0.0.0.0]network 8.8.8.8 0.0.0.0 
[r8-ospf-200-area-0.0.0.0]network 10.0.48.2 0.0.0.0 
[r8-ospf-200-area-0.0.0.0]network 10.1.68.2 0.0.0.0
[r8]int l0
[r8-LoopBack0]ospf network-type broadcast 

as3:

r9:

[r9]ospf 300 router-id 9.9.9.9
[r9-ospf-300]area 0
[r9-ospf-300-area-0.0.0.0]network 9.9.9.9 0.0.0.0
[r9-ospf-300-area-0.0.0.0]network 10.0.9.1 0.0.0.0            宣告        
[r9]int l0
[r9-LoopBack0]ospf network-type broadcast               修改接口类型

r10:
[r10]ospf 300 router-id 10.10.10.10
[r10-ospf-300]area 0
[r10-ospf-300-area-0.0.0.0]network 10.10.10.10 0.0.0.0
[r10-ospf-300-area-0.0.0.0]network 10.0.9.2 0.0.0.0
[r10-ospf-300-area-0.0.0.0]q
[r10-LoopBack0]ospf network-type broadcast 

在配置完成ospfcan be viewed after the announcementospfCheck the neighbor table for configuration errors

例如下图：

在各个asPeer-to-peer groups are used within the regionpeer group定义BGP邻居关系建立

在各个as内建立ibgp邻居关系 as之间建立ebgp邻居关系

as1:

r1:

[r1]bgp 1    
[r1-bgp]router-id 1.1.1.1
[r1-bgp]peer 10.0.19.2 as-number 3              ebgp 邻居关系建立
[r1-bgp]peer 10.2.18.2 as-number 2         

[r1-bgp]group r1      
[r1-bgp]peer r1 connect-interface lo0         使用peer group 建立ibgp邻居关系
[r1-bgp]peer r1 next-hop-local
[r1-bgp]peer r1 advertise-community
[r1-bgp]peer 3.3.3.3 group r1
[r1-bgp]peer 5.5.5.5 group r1
[r1-bgp]peer 7.7.7.7 group r1
[r1-bgp]peer 10.0.19.2 advertise-community
[r1-bgp]peer 10.2.12.2 advertise-community

r3:

[r3]bgp 1
[r3-bgp]router-id 3.3.3.3
[r3-bgp]peer 10.2.34.2 as-number 2
[r3-bgp]group r2
[r3-bgp]peer r2 connect-interface lo0
[r3-bgp]peer r2 next-hop-local
[r3-bgp]peer r2 advertise-community
[r3-bgp]peer 1.1.1.1 group r2
[r3-bgp]peer 5.5.5.5 group r2  
[r3-bgp]peer 7.7.7.7 group r2  
[r3-bgp]peer 10.2.34.2 advertise-community

r5: 
[r5]bgp 1
[r5-bgp]router-id 5.5.5.5
[r5-bgp]peer 10.0.11.2 as-number 4                         ebgp 邻居关系建立
[r5-bgp]peer 10.2.56.2 as-number 2                           

[r5-bgp]group r5
[r5-bgp]peer r5 connect-interface lo0                                  
[r5-bgp]peer r5 next-hop-local
[r5-bgp]peer r5 advertise-community                使用peer group 建立ibgp邻居关系
[r5-bgp]peer 1.1.1.1 group r5
[r5-bgp]peer 3.3.3.3 group r5
[r5-bgp]peer 7.7.7.7 group r5
[r5-bgp]peer 10.0.11.2 advertise-community
[r5-bgp]peer 10.2.56.2 advertise-community
 

r7:
[r7]bgp 1
[r7-bgp]router-id 7.7.7.7
[r7-bgp]peer 10.2.78.2 as-number 2
[r7-bgp]peer 10.2.78.2 advertise-community
[r7-bgp]group r7
[r7-bgp]peer r7 connect-interface lo0
[r7-bgp]peer r7 next-hop-local
[r7-bgp]peer r7 advertise-community
[r7-bgp]peer 1.1.1.1 group r7
[r7-bgp]peer 3.3.3.3 group r7
[r7-bgp]peer 5.5.5.5 group r7

as2:

r2:

[r2]bgp 2
[r2-bgp]router-id 2.2.2.2
[r2-bgp]peer 10.2.12.1 as-number 1                                
[r2-bgp]peer 10.2.12.1 advertise-community
[r2-bgp]group r2
[r2-bgp]peer r2 connect-interface lo0
[r2-bgp]peer r2 next-hop-local
[r2-bgp]peer r2 advertise-community
[r2-bgp]peer 4.4.4.4 group r2
[r2-bgp]peer 6.6.6.6 group r2
[r2-bgp]peer 8.8.8.8 group r2
 

r4:
[r4]bgp 2
[r4-bgp]router-id 4.4.4.4
[r4-bgp]peer 10.0.10.2 as-number 3           
[r4-bgp]peer 10.2.34.1 as-number 1                         ebgp 邻居关系建立
[r4-bgp]peer 10.2.34.1 advertise-community             开启ebgpCommunity attributes of neighbors
[r4-bgp]peer 10.0.10.2 advertise-community

[r4-bgp]group r4
[r4-bgp]peer r4 connect-interface lo0
[r4-bgp]peer r4 next-hop-local
[r4-bgp]peer r4 advertise-community                   使用peer group 建立ibgp邻居关系
[r4-bgp]peer 2.2.2.2 group r4
[r4-bgp]peer 6.6.6.6 group r4
[r4-bgp]peer 8.8.8.8 group r4

r6: 
[r6]bgp 2
[r6-bgp]router-id 6.6.6.6
[r6-bgp]peer 10.2.56.1 as-number 1
[r6-bgp]peer 10.2.56.1 advertise-community
[r6-bgp]group r6
[r6-bgp]peer r6 connect-interface lo0
[r6-bgp]peer r6 next-hop-local
[r6-bgp]peer r6 advertise-community
[r6-bgp]peer 2.2.2.2 group r6
[r6-bgp]peer 4.4.4.4 group r6
[r6-bgp]peer 8.8.8.8 group r6

r8: 
[r8]bgp 2
[r8-bgp]router-id 8.8.8.8
[r8-bgp]peer 10.2.78.1 as-number 1 s
[r8-bgp]peer 10.0.18.2 as-number 4            ebgp 邻居关系建立
[r8-bgp]peer 10.2.78.1 advertise-community          开启ebgpCommunity attributes of neighbors
[r8-bgp]peer 10.0.18.2 advertise-community

[r8-bgp]group r8
[r8-bgp]peer r8 connect-interface lo0
[r8-bgp]peer r8 next-hop-local
[r8-bgp]peer r8 advertise-community           使用peer group 建立ibgp邻居关系
[r8-bgp]peer 2.2.2.2 group r8
[r8-bgp]peer 4.4.4.4 group r8
[r8-bgp]peer 6.6.6.6 group r8

as3:

r9:

[r9]bgp 3
[r9-bgp]router-id 9.9.9.9
[r9-bgp]peer 10.0.19.1 as-number 1
[r9-bgp]peer 10.0.19.1 advertise-community      开启ebgpCommunity attributes of neighbors
[r9-bgp]peer 10.10.10.10 as-number 3
[r9-bgp]peer 10.10.10.10 next-hop-local
[r9-bgp]peer 10.10.10.10 connect-interface lo0
[r9-bgp]peer 10.10.10.10 advertise-community       开启ebgpCommunity attributes of neighbors

r10: 
[r10]bgp 3 
[r10-bgp]router-id 10.10.10.10
[r10-bgp]peer 9.9.9.9 as-number 3
[r10-bgp]peer 9.9.9.9 next-hop-local
[r10-bgp]peer 9.9.9.9 connect-interface lo0
[r10-bgp]peer 9.9.9.9 advertise-community         开启ebgpCommunity attributes of neighbors
[r10-bgp]peer 10.0.10.1 as-number 2
[r10-bgp]peer 10.0.10.1 advertise-community       开启ebgpCommunity attributes of neighbors

as4:

r11: 
[r11]bgp 4
[r11-bgp]router-id 11.11.11.11 
[r11-bgp]peer 10.0.11.1 as-number 1
[r11-bgp]peer 10.0.11.1 advertise-community
[r11-bgp]peer 10.0.18.1 as-number 2
[r11-bgp]peer 10.0.18.1 advertise-community

在配置完成bgpcan be viewed after the configurationbgpCheck the neighbor table for configuration errors

例如下图：

 在r9,r10,r11 上进行bgpAnnounce to check the route selection

r9:

[r9]bgp 3
[r9-bgp]network 10.0.1.0 24
[r9-bgp]network 10.0.2.0 24

r10: 
[r10]bgp 3
[r10-bgp]network 10.0.3.0 24
[r10-bgp]network 10.0.4.0 24
 

r11:
[r11]bgp 4
[r11-bgp]network 10.0.5.0 24
[r11-bgp]network 10.0.6.0 24

查看选路情况：

使用前缀列表抓取流量,Enable the corresponding community attribute and be activatedbgpEnable routing policy on

[r9]ip ip-prefix c1 permit 10.0.1.0 24
[r9]ip ip-prefix c1 permit 10.0.3.0 24
[r9]ip ip-prefix c2 permit 10.0.2.0 24                          抓取流量
[r9]ip ip-prefix c2 permit 10.0.4.0 24
[r9]route-policy com permit node 10
[r9-route-policy]if-match ip-prefix c1
[r9-route-policy]apply community 100:3                    to telecommunicationsas1区域加上100：3的社团属性
[r9-route-policy]route-policy com permit node 20     建立空表
 
[r9-route-policy]if-match ip-prefix c2          
[r9-route-policy]apply community 200:3                     给联通as2区域加上200：3的社团属性
[r9]route-policy com permit node 30                         建立空表
 
[r9]bgp 3
[r9-bgp]peer 10.0.19.1 route-policy com export         在bgpThe call is made to the neighbor on the outgoing interface of the interface

[r10]ip ip-prefix c1 permit 10.0.1.0 24
[r10]ip ip-prefix c1 permit 10.0.3.0 24
[r10]ip ip-prefix c2 permit 10.0.2.0 24                                          抓取流量
[r10]ip ip-prefix c2 permit 10.0.4.0 24
[r10]route-policy com permit node 10
[r10-route-policy]if-match ip-prefix c1
[r10-route-policy]apply community 100:3                  to telecommunicationsas1区域加上100：3的社团属性
[r10-route-policy]route-policy com permit node 20     建立空表
[r10-route-policy]if-match ip-prefix c2          
[r10-route-policy]apply community 200:3                  给联通as2区域加上200：3的社团属性  
[r10-route-policy]route-policy com permit node 30       建立空表
 
[r10]bgp 3
[r10-bgp]peer 10.0.10.1 route-policy com export    在bgpThe call is made to the neighbor on the outgoing interface of the interface

pc1-4去向pc56的路由策略

根据实验要求 PC 1 3 5 属于电信的路由,通信时必须使用电信AS 1 PC 2 4 6 属于联通的路由,通信时必须使用联通的 AS 2 在r11 修改local-preference 来干涉选路

[r11]ip community-filter advanced com1 permit 100:.*      
[r11]ip community-filter advanced com2 permit 200:.*         在r11Receive traffic from China Unicom
[r11]route-policy com1 permit node 10 
[r11-route-policy]if-match community-filter com1                  在r11Crawl telecommunications traffic
[r11-route-policy]apply local-preference 105                        Modify the local priority of telecom traffic
[r11]route-policy com1 permit node 20 
[r11]bgp 4
[r11-bgp]peer 10.0.11.1 route-policy com1 import      在bgpThe call is made to the neighbor in the interface inbound direction
 
 
[r11]route-policy com2 permit node 10       
[r11-route-policy]if-match community-filter com2             在r11Crawl the traffic of China Unicom
[r11-route-policy]apply local-preference 110                    Modify the local priority of Unicom traffic
[r11]route-policy com2 permit node 20
[r11]bgp 4
[r11-bgp]peer 10.0.12.1 route-policy com2 import        在bgpThe call is made to the neighbor in the interface inbound direction

After the modification is completed, we will check it againbgpRouting table to see if there is an error

pc56去向pc1-4 的路由策略

[r11]ip ip-prefix c1 permit 10.0.5.0 24 
[r11]ip ip-prefix c2 permit 10.0.6.0 24                           抓取pc5、pc6的流量
[r11]route-policy com3 permit  node 10
[r11-route-policy]if-match ip-prefix c1                          Grab Telecompc5 的流量
[r11-route-policy]apply community 100:4                  to telecommunicationspc5flow plus100：4的社团属性
[r11-route-policy]route-policy com3 permit node 20       建立空表
[r11-route-policy]if-match ip-prefix c2           
[r11-route-policy]route-policy com3 permit node 20      Grab Telecompc5 的流量
[r11-route-policy]apply community 200:4                给联通pc6flow plus200：4的社团属性
[r11-route-policy]route-policy com3 permit node 30     建立空表
[r11]bgp 4
[r11-bgp]peer 10.0.11.1 route-policy com3 export        
[r11-bgp]peer 10.0.12.1 route-policy com3 export            在bgpInvoke routing policy to neighbors

[r9]ip community-filter advanced hcia permit 100:.*      Allows telecommunications traffic communications
[r9]route-policy hcia permit node 10
[r9-route-policy]if-match community-filter hcia        Capture telecommunications traffic
[r9-route-policy]apply local-preference 200    修改本地优先级
[r9]route-policy hcia permit node 20               建立空表
[r9]bgp 3
[r9-bgp]peer 10.0.19.1 route-policy hcia import    在bgpInvoke routing policy to neighbors
 
 
[r10]ip community-filter advanced hcia permit 200.*     Allow Unicom traffic communication
[r10]route-policy hcia permit node 10
[r10-route-policy]if-match community-filter hcia      Capture Unicom's traffic
[r10-route-policy]apply local-preference 200         修改本地优先级
[r10]route-policy hcia permit node 20                  建立空表
[r10]bgp 3
[r10-bgp]peer 10.0.10.1 route-policy hcia import   在bgpInvoke routing policy to neighbors

After configuring the above routing policy, we can view itr9的路由表

It can be found that the traffic of China Telecom and China Unicom are respectively fromas1as2通信

我们可以在pcend to test

电信

联通

After completing the above experiments, the telecommunication traffic is required to go to China Unicom and the traffic to go to Unicom, and then we start the next experimental requirementR1-R9之间链路断开,电信的路由依然通过电信 AS 1 通信

因为as2与as1Occurs when internal traffic is transmittedebgp优于ibgpThe situation caused the telecommunications traffic not to go to telecommunicationsas1Area So we need to carry out the following routing strategy

[r2]ip community-filter advanced hcie permit 100:.*
[r4]ip community-filter advanced hcie permit 100:.* 
[r6]ip community-filter advanced hcie permit 100:.*
[r8]ip community-filter advanced hcie permit 100:.*      在r2,r4,r6,r8to capture the telecommunication traffic
 
[r2]route-policy hcie permit node 10
[r2-route-policy]if-match community-filter hcie
[r2-route-policy]apply preferred-value 9                       Modify the priority of telecom traffic
[r2]route-policy hcie permit node 20                               建立空表
   
[r4]route-policy hcie permit node 10 
[r4-route-policy] if-match community-filter hcie 
[r4-route-policy] apply preferred-value 9                   Modify the priority of telecom traffic
[r4-route-policy]route-policy hcie permit node 20             建立空表
 
[r6]route-policy hcie permit node 10 
[r6-route-policy] if-match community-filter hcie 
[r6-route-policy] apply preferred-value 9                       Modify the priority of telecom traffic
[r6-route-policy]route-policy hcie permit node 20           建立空表
 
[r8]route-policy hcie permit node 10 
[r8-route-policy] if-match community-filter hcie 
[r8-route-policy] apply preferred-value 9                          Modify the priority of telecom traffic
[r8-route-policy]route-policy hcie permit node 20                建立空表
 

The routing policy is invoked on each router

[r2]bgp 2
[r2-bgp]peer 10.2.12.1 route-policy hcie import 
 
[r4]bgp 2
[r4-bgp]peer 10.2.34.1 route-policy hcie import
 
[r6]bgp 2
[r6-bgp]peer 10.2.56.1 route-policy hcie import 
 
[r8]bgp 2
[r8-bgp]peer 10.2.78.1 route-policy hcie import 

At this time, we check the routing table and find that the traffic arrivesr5 走的路是10.0.121 

We disconnected the link to check the traffic flow and found that it was still telecommunications

 我们在r4Incremented when the route is passed upAs-path

 [r4]route-policy as permit node 10       
[r4-route-policy]if-match community-filter hcie        Capture telecom traffic
[r4-route-policy]apply as-path 3 3 3 additive     增加aspath
[r4]route-policy as permit node 20        建立空表
[r4]bgp 2
[r4-bgp]peer r4 route-policy as export   在bgpcall to neighbors

Looking again we find the modified route

 进行测试

 So far, the above experiment requirements are all completed and the experiment is over！