BGP大型企业网工程案例一《来源于互联网》
2011-10-16 00:08
441 查看
BGP大型企业网工程案例一
实验需求分析
某公司,总部在北京,在全国每个省都设有分公司(本实验模拟出两个省网)。现在要求各省的分公司能与总公司实现通信。公司的业务主要分为办公和生产两种。要求高质量的传输,因此建议将网络数据流量运行在两个平面上,一个生产平面,以及一个办公平面。生产平面在左边,办公平面在右边。要求严格控制。考虑到此公司的规模较大,将网络分为多个自治系统,每个省占一个,其中总部单独划出一个,进行全国的数据汇总,为此网络的骨干核心网络。每个自治系统间靠 BGP传递路由,自治系统内运行 OSPF。(因为是模拟器实验,所以有关广域网的技术就不做了,这里主是要做 BGP的组网)
实验组网需求:
实验拓扑如上图所示.其中 BGP AS 65000为全国骨干网,下面的两个省网从左到右分别为湖北和湖南。全国骨干网内部运行 OSPF,以及 BGP。R1和 R2为同簇双 RR,分别与所有省连接点路由器建立 RRC关系.数据中心运行 OSPF区域 1,在 RT1和 RT2发布汇总路由到区域
0.在 RT1、RT2上,发布全国骨干网汇总的链路及网管路由,及发布数据中心汇总的生产、办公、链路及网管的路由到 BGP中。
AS65001为湖北省网,RT9、RT10为省网出口路由器,运行 BGP,发布湖北省省网汇总的生产、办公、链路及网管的路由,并使用 EBGP上联全国骨干网湖北省节点 RT3、RT4;RT9、RT10向省网发布 OSPF缺省路由。
AS65002为湖南省网,RT13、RT14为省网出口路由器,运行 BGP,发布湖南省省网汇总的生产、办公、链路及网管的路由,并使用 EBGP上联全国骨干网湖南省节点 RT5、RT6; RT13、RT14向省网发布 OSPF缺省路由。
数据中心、湖北、湖南省网中的核心交换机运行 HSRP/VRRP,其中生产业务的主网关在左边(编号为奇数的设备),办公业务的网关在右边(编号为偶数的设备)。整网使用路由策略进行业务分流;生产业务主路径走左边,办公业务主路径走右边。
OSPF配置规范:在任何不需要形成 OSPF邻居的接口上,配置 OSPF被动接口,配置点对点以太网的 OSPF网络类型为点对点,以加快收敛速度;各区域必须依据 IP地址规划做好路由汇总。
BGP配置要求:no synchronization;no auto-summary;使用 loopback0建立 IBGP邻居;IBGP邻居上配置 next-hop-self。WAN链路都是 8Mbps,平面间链路 OSPF COST都修改为 400,网络类型为点对点。
IP地址规划:
本网采用先业务后地区分配方法进行 IP地址规划因为是全国性的网络我们使用 10.0.0.0/8地址段进行分配,这里的业务只有生产业务和办公业务再加上互联链路及网管,只需借 2位就够用,全国共有 30多个省,我们分配 6位为地区位,64个足够用的。
10.业务位(2位)地区位(6位).子业务位(8位).子网位主机位
各地区 IP地址段
IP地址分配表
配置步骤:全国骨干网调测
1 全国骨干网基本连通性调测:RT1、RT2、RT3、RT4、RT5、RT6的基本信息、链路、IGP配置及测试。
2 OSPF配置配置接口 bandwith与物理带宽一致(全国骨干网的广域网链路都是 8Mbps);调整平面间链路的 OSPF Cost为 400;RT1-RT2、RT3-RT4、RT5-RT6;在各省节点路由器(RT3、RT4、RT5、RT6)上,network边界网段至 OSPF,
并配置被动接口。
一.各链路基本配置及调测(略)二.各区域 IGP调测
骨干网及数据中心 IGP调测:
RT1:
router ospf 1
router-id 10.0.0.1
area 1 range 10.1.0.0 255.255.0.0
area 1 range 10.65.0.0 255.255.0.0//为区域 1路由汇总
area 1 range 10.129.0.0 255.255.0.0
network 10.0.0.1 0.0.0.0 area 0
network 10.0.1.0 0.0.0.3 area 0
network 10.0.1.4 0.0.0.3 area 0
network 10.0.1.20 0.0.0.3 area 0
network 10.1.1.0 0.0.0.3 area 1
default-information originate always metric 1000 //下发缺省路由
int f1/0
ip ospf network point-to-point//修改网络类型为点对点平面间开销为 400
ip ospf cost 400
int f2/0
ip ospf network point-to-point
RT2:
router ospf 1
router-id 10.0.0.2
area 1 range 10.1.0.0 255.255.0.0
area 1 range 10.65.0.0 255.255.0.0//为区域 1路由汇总
area 1 range 10.129.0.0 255.255.0.0
network 10.0.0.2 0.0.0.0 area 0
network 10.0.1.0 0.0.0.3 area 0
network 10.0.1.8 0.0.0.3 area 0
network 10.0.1.24 0.0.0.3 area 0
network 10.1.1.4 0.0.0.3 area 1 default-information originate always metric 1000 //下发缺省路由 int f1/0 ip ospf network point-to-point//修改网络类型为点对点平面间开销为 400 ip ospf cost 400 int f2/0 ip ospf network point-to-point
SW15: router ospf 1
router-id 10.1.0.1
passive-interface default
no passive-interface f1/0
no passive-interface vlan 901
network 10.1.0.1 0.0.0.0 area 1
network 10.1.1.0 0.0.0.3 area 1
network 10.1.1.8 0.0.0.3 area 1
network 10.65.1.0 0.0.0.255 area 1
network 10.129.1.0 0.0.0.255 area 1
int f1/0
ip ospf network point-to-point
int vlan 901
ip ospf network point-to-point//修改网络类型为点对点平面间开销为 400
ip ospf cost 400
SW16: router ospf 1
router-id 10.1.0.2
passive-interface default
no passive-interface f1/0
no passive-interface vlan 901
network 10.1.0.2 0.0.0.0 area 1
network 10.1.1.4 0.0.0.3 area 1
network 10.1.1.8 0.0.0.3 area 1
network 10.65.1.0 0.0.0.255 area 1
network 10.129.1.0 0.0.0.255 area 1
int f1/0
ip ospf network point-to-point
int vlan 901
ip ospf network point-to-point//修改网络类型为点对点平面间开销为 400
ip ospf cost 400 RT3: router ospf 1
router-id 10.0.0.3
redistribute connected metric 1000 metric-type 1 subnets
passive-interface FastEthernet2/0//不能与其它 AS形成 OSPF邻居
network 10.0.0.3 0.0.0.0 area 0
network 10.0.1.4 0.0.0.3 area 0
network 10.0.1.12 0.0.0.3 area 0RT4: router ospf 1
router-id 10.0.0.4
redistribute connected metric 1000 metric-type 1 subnets //重分布直连
passive-interface FastEthernet2/0
network 10.0.0.4 0.0.0.0 area 0
network 10.0.1.8 0.0.0.3 area 0
network 10.0.1.12 0.0.0.3 area 0 RT5: router ospf 1
router-id 10.0.0.5
redistribute connected metric 1000 metric-type 1 subnets
passive-interface FastEthernet2/0
network 10.0.0.5 0.0.0.0 area 0
network 10.0.1.20 0.0.0.3 area 0
network 10.0.1.28 0.0.0.3 area 0RT6: router ospf 1
router-id 10.0.0.6
redistribute connected metric 1000 metric-type 1 subnets
passive-interface FastEthernet2/0
network 10.0.0.6 0.0.0.0 area 0
network 10.0.1.24 0.0.0.3 area 0
network 10.0.1.28 0.0.0.3 area 0湖北网 IGP调测:RT9: router ospf 1
router-id 10.3.0.1
redistribute connected metric 1000 metric-type 1 subnets
passive-interface FastEthernet2/0
network 10.3.0.1 0.0.0.0 area 0
network 10.3.1.0 0.0.0.3 area 0
network 10.3.1.4 0.0.0.3 area 0
default-information originate always metric 3000 metric-type 1
int f3/0
ip ospf network point-to-point
int f1/0
ip ospf network point-to-point
ip ospf cost 400 RT10:
router ospf 1 router-id 10.3.0.2 redistribute connected metric 1000 metric-type 1 subnets passive-interface FastEthernet2/0 network 10.3.0.2 0.0.0.0 area 0 network 10.3.1.0 0.0.0.3 area 0 network 10.3.1.8 0.0.0.3 area 0 default-information originate always metric 3000 metric-type 1 int f3/0 ip ospf network point-to-point int f1/0 ip ospf network point-to-point ip ospf cost 400
SW7:
router ospf 1 router-id 10.3.0.3 passive-interface default no passive-interface FastEthernet1/1 no passive-interface Vlan901 network 10.3.0.3 0.0.0.0 area 0 network 10.3.1.4 0.0.0.3 area 0 network 10.3.1.12 0.0.0.3 area 0 network 10.67.1.0 0.0.0.255 area 0 network 10.131.1.0 0.0.0.255 area 0 int f1/1 ip ospf network point-to-point int vlan 901 ip ospf network point-to-point ip ospf cost 400
SW8:
router ospf 1 router-id 10.3.0.4 passive-interface default no passive-interface FastEthernet1/1 no passive-interface Vlan901 network 10.3.0.4 0.0.0.0 area 0 network 10.3.1.8 0.0.0.3 area 0 network 10.3.1.12 0.0.0.3 area 0 network 10.67.1.0 0.0.0.255 area 0 network 10.131.1.0 0.0.0.255 area 0 int f1/1
ip ospf network point-to-point
int vlan 901
ip ospf network point-to-point
ip ospf cost 400湖南省网调测: RT13: router ospf 1
router-id 10.4.0.1
redistribute connected metric 1000 metric-type 1 subnets
passive-interface FastEthernet2/0
network 10.4.0.1 0.0.0.0 area 0
network 10.4.1.0 0.0.0.3 area 0
network 10.4.1.4 0.0.0.3 area 0
default-information originate always metric 3000 metric-type 1
int f3/0
ip ospf network point-to-point
int f1/0
ip ospf network point-to-point
ip ospf cost 400
RT14:
router ospf 1
router-id 14.14.14.14
redistribute connected metric 1000 metric-type 1 subnets
passive-interface FastEthernet2/0
network 10.4.0.2 0.0.0.0 area 0
network 10.4.1.0 0.0.0.3 area 0
network 10.4.1.8 0.0.0.3 area 0
default-information originate always metric 3000 metric-type 1
int f3/0
ip ospf network point-to-point
int f1/0
ip ospf network point-to-point
ip ospf cost 400
SW11:
router ospf 1
router-id 10.4.0.3
passive-interface default
no passive-interface f1/1
no passive-interface vlan 901
network 10.4.0.3 0.0.0.0 area 0
network 10.4.1.4 0.0.0.3 area 0
neighbor as65000-rrc update-source Loopback0 neighbor as65000-rrc route-reflector-client neighbor as65000-rrc next-hop-self neighbor 10.0.0.3 peer-group as65000-rrc neighbor 10.0.0.4 peer-group as65000-rrc neighbor 10.0.0.5 peer-group as65000-rrc neighbor 10.0.0.6 peer-group as65000-rrc no auto-summary
ip route 10.0.0.0 255.255.0.0 Null0RT3: router bgp 65000
no synchronization neighbor 10.0.0.1 remote-as 65000 neighbor 10.0.0.1 update-source Loopback0 neighbor 10.0.0.1 next-hop-self neighbor 10.0.0.2 remote-as 65000 neighbor 10.0.0.2 update-source Loopback0 neighbor 10.0.0.2 next-hop-self neighbor 10.0.9.2 remote-as 65001 no auto-summary
RT4:
router bgp 65000 no synchronization neighbor 10.0.0.1 remote-as 65000 neighbor 10.0.0.1 update-source Loopback0 neighbor 10.0.0.1 next-hop-self neighbor 10.0.0.2 remote-as 65000 neighbor 10.0.0.2 update-source Loopback0 neighbor 10.0.0.2 next-hop-self neighbor 10.0.9.6 remote-as 65001 no auto-summary
RT5: router bgp 65000
no synchronization neighbor 10.0.0.1 remote-as 65000 neighbor 10.0.0.1 update-source Loopback0 neighbor 10.0.0.1 next-hop-self neighbor 10.0.0.2 remote-as 65000 neighbor 10.0.0.2 update-source Loopback0 neighbor 10.0.0.2 next-hop-self neighbor 10.0.9.10 remote-as 65002 no auto-summary
RT6:
router bgp 65000 no synchronization neighbor 10.0.0.1 remote-as 65000 neighbor 10.0.0.1 update-source Loopback0 neighbor 10.0.0.1 next-hop-self neighbor 10.0.0.2 remote-as 65000 neighbor 10.0.0.2 update-source Loopback0 neighbor 10.0.0.2 next-hop-self neighbor 10.0.9.14 remote-as 65002 no auto-summary
湖北省出口 BGP配置:
RT9:
router bgp 65001 no synchronization network 10.3.0.0 mask 255.255.0.0 network 10.67.0.0 mask 255.255.0.0 network 10.131.0.0 mask 255.255.0.0 neighbor 10.0.9.1 remote-as 65000 neighbor 10.3.0.2 remote-as 65001 neighbor 10.3.0.2 update-source Loopback0 neighbor 10.3.0.2 next-hop-self no auto-summary
ip route 10.3.0.0 255.255.0.0 Null0 ip route 10.67.0.0 255.255.0.0 Null0 ip route 10.131.0.0 255.255.0.0 Null0
RT10:
router bgp 65001 no synchronization network 10.3.0.0 mask 255.255.0.0 network 10.67.0.0 mask 255.255.0.0 network 10.131.0.0 mask 255.255.0.0 neighbor 10.0.9.5 remote-as 65000 neighbor 10.3.0.1 remote-as 65001 neighbor 10.3.0.1 update-source Loopback0 neighbor 10.3.0.2 next-hop-self no auto-summary
ip route 10.3.0.0 255.255.0.0 Null0 ip route 10.67.0.0 255.255.0.0 Null0 ip route 10.131.0.0 255.255.0.0 Null0
湖南省出口 BGP配置:
RT13:
router bgp 65002 no synchronization network 10.68.0.0 mask 255.255.0.0 network 10.132.0.0 mask 255.255.0.0 network 10.4.0.0 mask 255.255.0.0 neighbor 10.0.9.9 remote-as 65000 neighbor 10.4.0.2 remote-as 65002 neighbor 10.4.0.2 update-source Loopback0 no auto-summary
ip route 10.4.0.0 255.255.0.0 Null0 ip route 10.68.0.0 255.255.0.0 Null0 ip route 10.132.0.0 255.255.0.0 Null0RT14: router bgp 65002
no synchronization network 10.4.0.0 mask 255.255.0.0 network 10.68.0.0 mask 255.255.0.0 network 10.132.0.0 mask 255.255.0.0 neighbor 10.0.9.13 remote-as 65000 neighbor 10.4.0.1 remote-as 65002 neighbor 10.4.0.1 update-source Loopback0 no auto-summary
ip route 10.4.0.0 255.255.0.0 Null0 ip route 10.68.0.0 255.255.0.0 Null0 ip route 10.132.0.0 255.255.0.0 Null0
四、路由传播控制
省网只向全国骨干通告本 AS的路由
RT9: ip as-path access-list 10 permit ^$ router bgp 65001 neighbor 10.0.9.1 filter-list 10 out RT10: ip as-path access-list 10 permit ^$ router bgp 65001 neighbor 10.0.9.5 filter-list 10 out RT13:ip as-path access-list 10 permit ^$
router bgp 65002 neighbor 10.0.9.9 filter-list 10 out RT14: ip as-path access-list 10 permit ^$ router bgp 65002 neighbor 10.0.9.13 filter-list 10 out
全国骨干网只允许省网通告该省的路由
RT3: ip prefix-list hubei seq 5 permit 10.3.0.0/16 ip prefix-list hubei seq 10 permit 10.67.0.0/16 ip prefix-list hubei seq 15 permit 10.131.0.0/16 router bgp 65000 neighbor 10.0.9.2 prefix-list hubei in RT4: ip prefix-list hubei seq 5 permit 10.3.0.0/16 ip prefix-list hubei seq 10 permit 10.67.0.0/16 ip prefix-list hubei seq 15 permit 10.131.0.0/16 router bgp 65000 neighbor 10.0.9.6 prefix-list hubei in RT5: ip prefix-list hunan seq 5 permit 10.4.0.0/16 ip prefix-list hunan seq 10 permit 10.68.0.0/16 ip prefix-list hunan seq 15 permit 10.132.0.0/16 router bgp 65000 neighbor 10.0.9.10 prefix-list hunan in RT6: ip prefix-list hunan seq 5 permit 10.4.0.0/16 ip prefix-list hunan seq 10 permit 10.68.0.0/16 ip prefix-list hunan seq 15 permit 10.132.0.0/16 router bgp 65000 neighbor 10.0.9.14 prefix-list hunan in
五、BGP业务分流
RT9: ip prefix-list BG seq 5 permit 10.129.0.0/16 ip prefix-list BG seq 10 permit 10.132.0.0/16 ip prefix-list SC seq 5 permit 10.65.0.0/16 ip prefix-list SC seq 10 permit 10.68.0.0/16 route-map hubei permit 10
match ip address prefix-list SC set local-preference 500 route-map hubei permit 20
match ip address prefix-list BG
set metric 1000 route-map hubei permit 30 router bgp 65001 neighbor 10.0.9.1 route-map hubei inRT13: ip prefix-list BG seq 5 permit 10.129.0.0/16 ip prefix-list BG seq 10 permit 10.131.0.0/16 ip prefix-list SC seq 5 permit 10.65.0.0/16 ip prefix-list SC seq 10 permit 10.67.0.0/16 route-map hunan permit 10
match ip address prefix-list SC set local-preference 500
route-map hunan permit 20 match ip address prefix-list BG set metric 1000
route-map hunan permit 30 router bgp 65002
neighbor 10.0.9.9 route-map hunan in RT3: ip prefix-list BG seq 5 permit 10.131.0.0/16 ip prefix-list SC seq 5 permit 10.67.0.0/16 route-map hubei-in permit 10
match ip address prefix-list SC set local-preference 500
route-map hubei-in permit 20 match ip address prefix-list BG set metric 1000
route-map hubei-in permit 30 router bgp 65000
neighbor 10.0.9.2 route-map hubei-in in RT5: ip prefix-list BG seq 5 permit 10.132.0.0/16 ip prefix-list SC seq 5 permit 10.68.0.0/16 route-map hunan-in permit 10
match ip address prefix-list SC set local-preference 500
route-map hunan-in permit 20 match ip address prefix-list BG set metric 1000
route-map hunan-in permit 30 router bgp 65000 neighbor 10.0.9.2 route-map hunan-in in
 |
某公司,总部在北京,在全国每个省都设有分公司(本实验模拟出两个省网)。现在要求各省的分公司能与总公司实现通信。公司的业务主要分为办公和生产两种。要求高质量的传输,因此建议将网络数据流量运行在两个平面上,一个生产平面,以及一个办公平面。生产平面在左边,办公平面在右边。要求严格控制。考虑到此公司的规模较大,将网络分为多个自治系统,每个省占一个,其中总部单独划出一个,进行全国的数据汇总,为此网络的骨干核心网络。每个自治系统间靠 BGP传递路由,自治系统内运行 OSPF。(因为是模拟器实验,所以有关广域网的技术就不做了,这里主是要做 BGP的组网)
实验组网需求:
实验拓扑如上图所示.其中 BGP AS 65000为全国骨干网,下面的两个省网从左到右分别为湖北和湖南。全国骨干网内部运行 OSPF,以及 BGP。R1和 R2为同簇双 RR,分别与所有省连接点路由器建立 RRC关系.数据中心运行 OSPF区域 1,在 RT1和 RT2发布汇总路由到区域
0.在 RT1、RT2上,发布全国骨干网汇总的链路及网管路由,及发布数据中心汇总的生产、办公、链路及网管的路由到 BGP中。
AS65001为湖北省网,RT9、RT10为省网出口路由器,运行 BGP,发布湖北省省网汇总的生产、办公、链路及网管的路由,并使用 EBGP上联全国骨干网湖北省节点 RT3、RT4;RT9、RT10向省网发布 OSPF缺省路由。
AS65002为湖南省网,RT13、RT14为省网出口路由器,运行 BGP,发布湖南省省网汇总的生产、办公、链路及网管的路由,并使用 EBGP上联全国骨干网湖南省节点 RT5、RT6; RT13、RT14向省网发布 OSPF缺省路由。
数据中心、湖北、湖南省网中的核心交换机运行 HSRP/VRRP,其中生产业务的主网关在左边(编号为奇数的设备),办公业务的网关在右边(编号为偶数的设备)。整网使用路由策略进行业务分流;生产业务主路径走左边,办公业务主路径走右边。
OSPF配置规范:在任何不需要形成 OSPF邻居的接口上,配置 OSPF被动接口,配置点对点以太网的 OSPF网络类型为点对点,以加快收敛速度;各区域必须依据 IP地址规划做好路由汇总。
BGP配置要求:no synchronization;no auto-summary;使用 loopback0建立 IBGP邻居;IBGP邻居上配置 next-hop-self。WAN链路都是 8Mbps,平面间链路 OSPF COST都修改为 400,网络类型为点对点。
IP地址规划:
本网采用先业务后地区分配方法进行 IP地址规划因为是全国性的网络我们使用 10.0.0.0/8地址段进行分配,这里的业务只有生产业务和办公业务再加上互联链路及网管,只需借 2位就够用,全国共有 30多个省,我们分配 6位为地区位,64个足够用的。
10.业务位(2位)地区位(6位).子业务位(8位).子网位主机位
各地区 IP地址段
IP地址分配表
配置步骤:全国骨干网调测
1 全国骨干网基本连通性调测:RT1、RT2、RT3、RT4、RT5、RT6的基本信息、链路、IGP配置及测试。
2 OSPF配置配置接口 bandwith与物理带宽一致(全国骨干网的广域网链路都是 8Mbps);调整平面间链路的 OSPF Cost为 400;RT1-RT2、RT3-RT4、RT5-RT6;在各省节点路由器(RT3、RT4、RT5、RT6)上,network边界网段至 OSPF,
并配置被动接口。
一.各链路基本配置及调测(略)二.各区域 IGP调测
骨干网及数据中心 IGP调测:
RT1:
router ospf 1
router-id 10.0.0.1
area 1 range 10.1.0.0 255.255.0.0
area 1 range 10.65.0.0 255.255.0.0//为区域 1路由汇总
area 1 range 10.129.0.0 255.255.0.0
network 10.0.0.1 0.0.0.0 area 0
network 10.0.1.0 0.0.0.3 area 0
network 10.0.1.4 0.0.0.3 area 0
network 10.0.1.20 0.0.0.3 area 0
network 10.1.1.0 0.0.0.3 area 1
default-information originate always metric 1000 //下发缺省路由
int f1/0
ip ospf network point-to-point//修改网络类型为点对点平面间开销为 400
ip ospf cost 400
int f2/0
ip ospf network point-to-point
RT2:
router ospf 1
router-id 10.0.0.2
area 1 range 10.1.0.0 255.255.0.0
area 1 range 10.65.0.0 255.255.0.0//为区域 1路由汇总
area 1 range 10.129.0.0 255.255.0.0
network 10.0.0.2 0.0.0.0 area 0
network 10.0.1.0 0.0.0.3 area 0
network 10.0.1.8 0.0.0.3 area 0
network 10.0.1.24 0.0.0.3 area 0
network 10.1.1.4 0.0.0.3 area 1 default-information originate always metric 1000 //下发缺省路由 int f1/0 ip ospf network point-to-point//修改网络类型为点对点平面间开销为 400 ip ospf cost 400 int f2/0 ip ospf network point-to-point
SW15: router ospf 1
router-id 10.1.0.1
passive-interface default
no passive-interface f1/0
no passive-interface vlan 901
network 10.1.0.1 0.0.0.0 area 1
network 10.1.1.0 0.0.0.3 area 1
network 10.1.1.8 0.0.0.3 area 1
network 10.65.1.0 0.0.0.255 area 1
network 10.129.1.0 0.0.0.255 area 1
int f1/0
ip ospf network point-to-point
int vlan 901
ip ospf network point-to-point//修改网络类型为点对点平面间开销为 400
ip ospf cost 400
SW16: router ospf 1
router-id 10.1.0.2
passive-interface default
no passive-interface f1/0
no passive-interface vlan 901
network 10.1.0.2 0.0.0.0 area 1
network 10.1.1.4 0.0.0.3 area 1
network 10.1.1.8 0.0.0.3 area 1
network 10.65.1.0 0.0.0.255 area 1
network 10.129.1.0 0.0.0.255 area 1
int f1/0
ip ospf network point-to-point
int vlan 901
ip ospf network point-to-point//修改网络类型为点对点平面间开销为 400
ip ospf cost 400 RT3: router ospf 1
router-id 10.0.0.3
redistribute connected metric 1000 metric-type 1 subnets
passive-interface FastEthernet2/0//不能与其它 AS形成 OSPF邻居
network 10.0.0.3 0.0.0.0 area 0
network 10.0.1.4 0.0.0.3 area 0
network 10.0.1.12 0.0.0.3 area 0RT4: router ospf 1
router-id 10.0.0.4
redistribute connected metric 1000 metric-type 1 subnets //重分布直连
passive-interface FastEthernet2/0
network 10.0.0.4 0.0.0.0 area 0
network 10.0.1.8 0.0.0.3 area 0
network 10.0.1.12 0.0.0.3 area 0 RT5: router ospf 1
router-id 10.0.0.5
redistribute connected metric 1000 metric-type 1 subnets
passive-interface FastEthernet2/0
network 10.0.0.5 0.0.0.0 area 0
network 10.0.1.20 0.0.0.3 area 0
network 10.0.1.28 0.0.0.3 area 0RT6: router ospf 1
router-id 10.0.0.6
redistribute connected metric 1000 metric-type 1 subnets
passive-interface FastEthernet2/0
network 10.0.0.6 0.0.0.0 area 0
network 10.0.1.24 0.0.0.3 area 0
network 10.0.1.28 0.0.0.3 area 0湖北网 IGP调测:RT9: router ospf 1
router-id 10.3.0.1
redistribute connected metric 1000 metric-type 1 subnets
passive-interface FastEthernet2/0
network 10.3.0.1 0.0.0.0 area 0
network 10.3.1.0 0.0.0.3 area 0
network 10.3.1.4 0.0.0.3 area 0
default-information originate always metric 3000 metric-type 1
int f3/0
ip ospf network point-to-point
int f1/0
ip ospf network point-to-point
ip ospf cost 400 RT10:
router ospf 1 router-id 10.3.0.2 redistribute connected metric 1000 metric-type 1 subnets passive-interface FastEthernet2/0 network 10.3.0.2 0.0.0.0 area 0 network 10.3.1.0 0.0.0.3 area 0 network 10.3.1.8 0.0.0.3 area 0 default-information originate always metric 3000 metric-type 1 int f3/0 ip ospf network point-to-point int f1/0 ip ospf network point-to-point ip ospf cost 400
SW7:
router ospf 1 router-id 10.3.0.3 passive-interface default no passive-interface FastEthernet1/1 no passive-interface Vlan901 network 10.3.0.3 0.0.0.0 area 0 network 10.3.1.4 0.0.0.3 area 0 network 10.3.1.12 0.0.0.3 area 0 network 10.67.1.0 0.0.0.255 area 0 network 10.131.1.0 0.0.0.255 area 0 int f1/1 ip ospf network point-to-point int vlan 901 ip ospf network point-to-point ip ospf cost 400
SW8:
router ospf 1 router-id 10.3.0.4 passive-interface default no passive-interface FastEthernet1/1 no passive-interface Vlan901 network 10.3.0.4 0.0.0.0 area 0 network 10.3.1.8 0.0.0.3 area 0 network 10.3.1.12 0.0.0.3 area 0 network 10.67.1.0 0.0.0.255 area 0 network 10.131.1.0 0.0.0.255 area 0 int f1/1
ip ospf network point-to-point
int vlan 901
ip ospf network point-to-point
ip ospf cost 400湖南省网调测: RT13: router ospf 1
router-id 10.4.0.1
redistribute connected metric 1000 metric-type 1 subnets
passive-interface FastEthernet2/0
network 10.4.0.1 0.0.0.0 area 0
network 10.4.1.0 0.0.0.3 area 0
network 10.4.1.4 0.0.0.3 area 0
default-information originate always metric 3000 metric-type 1
int f3/0
ip ospf network point-to-point
int f1/0
ip ospf network point-to-point
ip ospf cost 400
RT14:
router ospf 1
router-id 14.14.14.14
redistribute connected metric 1000 metric-type 1 subnets
passive-interface FastEthernet2/0
network 10.4.0.2 0.0.0.0 area 0
network 10.4.1.0 0.0.0.3 area 0
network 10.4.1.8 0.0.0.3 area 0
default-information originate always metric 3000 metric-type 1
int f3/0
ip ospf network point-to-point
int f1/0
ip ospf network point-to-point
ip ospf cost 400
SW11:
router ospf 1
router-id 10.4.0.3
passive-interface default
no passive-interface f1/1
no passive-interface vlan 901
network 10.4.0.3 0.0.0.0 area 0
network 10.4.1.4 0.0.0.3 area 0
neighbor as65000-rrc update-source Loopback0 neighbor as65000-rrc route-reflector-client neighbor as65000-rrc next-hop-self neighbor 10.0.0.3 peer-group as65000-rrc neighbor 10.0.0.4 peer-group as65000-rrc neighbor 10.0.0.5 peer-group as65000-rrc neighbor 10.0.0.6 peer-group as65000-rrc no auto-summary
ip route 10.0.0.0 255.255.0.0 Null0RT3: router bgp 65000
no synchronization neighbor 10.0.0.1 remote-as 65000 neighbor 10.0.0.1 update-source Loopback0 neighbor 10.0.0.1 next-hop-self neighbor 10.0.0.2 remote-as 65000 neighbor 10.0.0.2 update-source Loopback0 neighbor 10.0.0.2 next-hop-self neighbor 10.0.9.2 remote-as 65001 no auto-summary
RT4:
router bgp 65000 no synchronization neighbor 10.0.0.1 remote-as 65000 neighbor 10.0.0.1 update-source Loopback0 neighbor 10.0.0.1 next-hop-self neighbor 10.0.0.2 remote-as 65000 neighbor 10.0.0.2 update-source Loopback0 neighbor 10.0.0.2 next-hop-self neighbor 10.0.9.6 remote-as 65001 no auto-summary
RT5: router bgp 65000
no synchronization neighbor 10.0.0.1 remote-as 65000 neighbor 10.0.0.1 update-source Loopback0 neighbor 10.0.0.1 next-hop-self neighbor 10.0.0.2 remote-as 65000 neighbor 10.0.0.2 update-source Loopback0 neighbor 10.0.0.2 next-hop-self neighbor 10.0.9.10 remote-as 65002 no auto-summary
RT6:
router bgp 65000 no synchronization neighbor 10.0.0.1 remote-as 65000 neighbor 10.0.0.1 update-source Loopback0 neighbor 10.0.0.1 next-hop-self neighbor 10.0.0.2 remote-as 65000 neighbor 10.0.0.2 update-source Loopback0 neighbor 10.0.0.2 next-hop-self neighbor 10.0.9.14 remote-as 65002 no auto-summary
湖北省出口 BGP配置:
RT9:
router bgp 65001 no synchronization network 10.3.0.0 mask 255.255.0.0 network 10.67.0.0 mask 255.255.0.0 network 10.131.0.0 mask 255.255.0.0 neighbor 10.0.9.1 remote-as 65000 neighbor 10.3.0.2 remote-as 65001 neighbor 10.3.0.2 update-source Loopback0 neighbor 10.3.0.2 next-hop-self no auto-summary
ip route 10.3.0.0 255.255.0.0 Null0 ip route 10.67.0.0 255.255.0.0 Null0 ip route 10.131.0.0 255.255.0.0 Null0
RT10:
router bgp 65001 no synchronization network 10.3.0.0 mask 255.255.0.0 network 10.67.0.0 mask 255.255.0.0 network 10.131.0.0 mask 255.255.0.0 neighbor 10.0.9.5 remote-as 65000 neighbor 10.3.0.1 remote-as 65001 neighbor 10.3.0.1 update-source Loopback0 neighbor 10.3.0.2 next-hop-self no auto-summary
ip route 10.3.0.0 255.255.0.0 Null0 ip route 10.67.0.0 255.255.0.0 Null0 ip route 10.131.0.0 255.255.0.0 Null0
湖南省出口 BGP配置:
RT13:
router bgp 65002 no synchronization network 10.68.0.0 mask 255.255.0.0 network 10.132.0.0 mask 255.255.0.0 network 10.4.0.0 mask 255.255.0.0 neighbor 10.0.9.9 remote-as 65000 neighbor 10.4.0.2 remote-as 65002 neighbor 10.4.0.2 update-source Loopback0 no auto-summary
ip route 10.4.0.0 255.255.0.0 Null0 ip route 10.68.0.0 255.255.0.0 Null0 ip route 10.132.0.0 255.255.0.0 Null0RT14: router bgp 65002
no synchronization network 10.4.0.0 mask 255.255.0.0 network 10.68.0.0 mask 255.255.0.0 network 10.132.0.0 mask 255.255.0.0 neighbor 10.0.9.13 remote-as 65000 neighbor 10.4.0.1 remote-as 65002 neighbor 10.4.0.1 update-source Loopback0 no auto-summary
ip route 10.4.0.0 255.255.0.0 Null0 ip route 10.68.0.0 255.255.0.0 Null0 ip route 10.132.0.0 255.255.0.0 Null0
四、路由传播控制
省网只向全国骨干通告本 AS的路由
RT9: ip as-path access-list 10 permit ^$ router bgp 65001 neighbor 10.0.9.1 filter-list 10 out RT10: ip as-path access-list 10 permit ^$ router bgp 65001 neighbor 10.0.9.5 filter-list 10 out RT13:ip as-path access-list 10 permit ^$
router bgp 65002 neighbor 10.0.9.9 filter-list 10 out RT14: ip as-path access-list 10 permit ^$ router bgp 65002 neighbor 10.0.9.13 filter-list 10 out
全国骨干网只允许省网通告该省的路由
RT3: ip prefix-list hubei seq 5 permit 10.3.0.0/16 ip prefix-list hubei seq 10 permit 10.67.0.0/16 ip prefix-list hubei seq 15 permit 10.131.0.0/16 router bgp 65000 neighbor 10.0.9.2 prefix-list hubei in RT4: ip prefix-list hubei seq 5 permit 10.3.0.0/16 ip prefix-list hubei seq 10 permit 10.67.0.0/16 ip prefix-list hubei seq 15 permit 10.131.0.0/16 router bgp 65000 neighbor 10.0.9.6 prefix-list hubei in RT5: ip prefix-list hunan seq 5 permit 10.4.0.0/16 ip prefix-list hunan seq 10 permit 10.68.0.0/16 ip prefix-list hunan seq 15 permit 10.132.0.0/16 router bgp 65000 neighbor 10.0.9.10 prefix-list hunan in RT6: ip prefix-list hunan seq 5 permit 10.4.0.0/16 ip prefix-list hunan seq 10 permit 10.68.0.0/16 ip prefix-list hunan seq 15 permit 10.132.0.0/16 router bgp 65000 neighbor 10.0.9.14 prefix-list hunan in
五、BGP业务分流
RT9: ip prefix-list BG seq 5 permit 10.129.0.0/16 ip prefix-list BG seq 10 permit 10.132.0.0/16 ip prefix-list SC seq 5 permit 10.65.0.0/16 ip prefix-list SC seq 10 permit 10.68.0.0/16 route-map hubei permit 10
match ip address prefix-list SC set local-preference 500 route-map hubei permit 20
match ip address prefix-list BG
set metric 1000 route-map hubei permit 30 router bgp 65001 neighbor 10.0.9.1 route-map hubei inRT13: ip prefix-list BG seq 5 permit 10.129.0.0/16 ip prefix-list BG seq 10 permit 10.131.0.0/16 ip prefix-list SC seq 5 permit 10.65.0.0/16 ip prefix-list SC seq 10 permit 10.67.0.0/16 route-map hunan permit 10
match ip address prefix-list SC set local-preference 500
route-map hunan permit 20 match ip address prefix-list BG set metric 1000
route-map hunan permit 30 router bgp 65002
neighbor 10.0.9.9 route-map hunan in RT3: ip prefix-list BG seq 5 permit 10.131.0.0/16 ip prefix-list SC seq 5 permit 10.67.0.0/16 route-map hubei-in permit 10
match ip address prefix-list SC set local-preference 500
route-map hubei-in permit 20 match ip address prefix-list BG set metric 1000
route-map hubei-in permit 30 router bgp 65000
neighbor 10.0.9.2 route-map hubei-in in RT5: ip prefix-list BG seq 5 permit 10.132.0.0/16 ip prefix-list SC seq 5 permit 10.68.0.0/16 route-map hunan-in permit 10
match ip address prefix-list SC set local-preference 500
route-map hunan-in permit 20 match ip address prefix-list BG set metric 1000
route-map hunan-in permit 30 router bgp 65000 neighbor 10.0.9.2 route-map hunan-in in
 |
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- BGP大型企业网工程案例一
- BGP大型企业实战配置案例
- 【Justep X3平台上的大型企业应用案例分享】X3平台外的流程控制纯SQL语句实现
- 使用Cisco Packet Tracer之小企业的实际工程案例
- 企业核心网络设计分析――从EIGRP网络迁移到BGP核心网络实施案例
- 某企业网络改造工程咨询与实施案例经验分享篇 推荐
- 使用Cisco Packet Tracer之小企业的实际工程案例
- 精华【分布式、微服务、云架构、dubbo+zookeeper+springmvc+mybatis+shiro+redis】分布式大型互联网企业架构!
- 精华【分布式微服务云架构dubbo+zookeeper+springmvc+mybatis+shiro+redis】分布式大型互联网企业架构!
- 精华【分布式、微服务、云架构dubbo+zookeeper+springmvc+mybatis+shiro+redis】分布式大型互联网企业架构!
- maven大型互联网企业架构 SpringMVC Mybatis Shiro Bootstrap
- 大型电商互联网性能优化案例
- 精华【分布式、微服务、云架构、dubbo+zookeeper+springmvc+mybatis+shiro+redis】分布式大型互联网企业架构!
- 精华【分布式、微服务、云架构、dubbo+zookeeper+springmvc+mybatis+shiro+redis】分布式大型互联网企业架构!
- 《转型之战:传统企业的互联网机会》转型案例+访谈。案例一般,分析总结水平一般,二星推荐。
- 精华【分布式、微服务、云架构dubbo+zookeeper+springmvc+mybatis+shiro+redis】分布式大型互联网企业架构!
- 使用Cisco Packet Tracer之小企业的实际工程案例