实验3.10 BGP路径选择-Community (2)
========================================================================
3、使用No_Export团体属性控制路由信息传递
========================================================================
实验原理:路由器接收到一条携带No_Export团体属性的路由后,不会将它发布给EBGP对等体,但可以发布给联盟EBGP对等体;
实验目的:将10.0.100.2/32(R1/loop2)的路由信息发布给AS 200(R2、R3、R4)的路由器,AS 300(R5)的路由器不会收到。
------------------------------------------
R1:
#@ 在R1上使用前缀列表方法来匹配路由10.0.100.2/32,创建并调用route-policy;
ip ip-prefix 1 permit 10.0.100.2 32
route-policy 1 permit node 10
if-match ip-prefix 1
apply community no-export 20
q
bgp 100
peer10.0.12.2 route-policy 1 export
------------------------------------------
R5:
#@ 查看R5是否收到10.0.100.2 32这条路由,如果能,说明还有问题;
dis bgp routing-table
R2:
#@从R2开始排查,查看R2的BGP团体属性-路由信息
dis bgp routing-table communicaty
发现R2未携带任何BGP团体属性的路由信息,需增加配置;
------------------------------------------
R1:
#@增加BGP路由信息携带团体属性
bgp 100
peer 10.0.12.2 advertise-community
------------------------------------------
#@R2和R4同样增加BGP路由信息携带团体属性
R2:
bgp 2001
peer 10.0.23.3 advertise-community
peer 10.0.24.4 advertise-community
R4:
bgp 2001
peer 10.0.45.5 advertise-community
------------------------------------------
R5:
dis bgp routing-table
R2、R3、R4:
dis bgp routing-table communicaty
------------------------------------------
========================================================================
4、使用No_Export_Subconfed团体属性控制路由信息传递
========================================================================
实验原理:路由器接收到一条携带No_Export_Subconfed团体属性的路由后,不会将它发布给EBGP对等体,也不会发布给联盟EBGP对等体;
实验目的:将10.0.100.3/32(R1/loop3)的路由信息发布给AS 2001的路由器(R2、R4),AS 2002以及AS 300的路由器(R3、R5)不会收到;
------------------------------------------
R1:
#@ 在R1上使用前缀列表方法来匹配路由10.0.100.3/32,创建并调用route-policy;
ip ip-prefix 2 permit 10.0.100.3 32
route-policy 1 permit node 11
if-match ip-prefix 2
apply community no-export-subconfed
q
------------------------------------------
R2、R3、R4、R5:
#查看是否接收到10.0.100.3/32的路由信息
dis bgp routing-table
R2、R4:
#在R2和R4上查看携带No_Export_Subconfed团体属性的BGP路由表
dis bgp routing-table communicaty
------------------------------------------
========================================================================
5、使用No_Advertise团体属性控制路由信息传递
========================================================================
实验原理:路由器接收到一条携带No_Advertise团体属性的路由后,不会将它发布给任何BGP对等体;
实验目的:将10.0.100.4/32(R1/loop4)的路由信息发布给路由器R2,AS 2001、AS 2002以及AS 300的路由器(R3、R4、R5)不会收到;
------------------------------------------
R1:
#@ 在R1上使用前缀列表方法来匹配路由10.0.100.3/32,创建并调用route-policy;
ip ip-prefix 3 permit 10.0.100.4 32
route-policy 1 permit node 12
if-match ip-prefix 3
apply community No-advertise
q
------------------------------------------
R2、R3、R4、R5:
#查看是否接收到10.0.100.4/32的路由信息
dis bgp routing-table
------------------------------------------
=================================================================================
6、使用well-known团体属性控制路由信息传递
=================================================================================
实验原理:路由器接收到一条携带well-known团体属性的路由后,不会将它发布给任何BGP对等体;
实验目的:将10.0.100.5/32(R1/loop5)的路由信息发布给路由器R2和R3,其他路由器(R4、R5)不会收到;
------------------------------------------
R1:
#@ 在R1上使用前缀列表方法来匹配路由10.0.100.5/32,创建并调用route-policy;
ip ip-prefix 4 permit 10.0.100.5 32
route-policy 1 permit node 13
if-match ip-prefix 4
apply community 100:1
q
------------------------------------------
R2、R3、R4、R5:
#查看是否接收到10.0.100.4/32的路由表信息
dis bgp routing-table
------------------------------------------
R4:
ip community-filter 1 permit 100:1
route-policy 1 deny node 10
if-match community-filter 1
route-policy 1 permit node 20
bgp 2001
peer 10.0.24.2 route-policy 1 import
------------------------------------------
R2、R3、R4、R5:
#查看是否接收到10.0.100.4/32的路由表信息
dis bgp routing-table
-----------------
R2、R4:
#在R2和R4上查看携带community 100:1团体属性的BGP路由表
dis bgp routing-table communicaty
------------------------------------------
网友评论