CCNP(BSCI)实验:BGP实验利用联邦使全网互通
其实是65023和65045,但R1和R5的配置人员不知道,配置成了234(指定错了),咱们能够经过confederation identifier欺骗R1和R5说我是234,这样等于说234就造成了一个联邦。
预配置
R1上的配置
en
conf t
no ip do lo
line c 0
no exec-t
logg syn
host R1
int lo0
ip add 1.1.1.1 255.255.255.0
int s2/1
ip add 12.0.0.1 255.255.255.0
no shide
R2上的配置
en
conf t
no ip do lo
line c 0
no exec-t
logg syn
host R2
int lo0
ip add 2.2.2.2 255.255.255.0
int s2/1
ip add 12.0.0.2 255.255.255.0
no sh
int s2/2
ip add 23.0.0.2 255.255.255.0
no sh测试
R3上的配置
en
conf t
no ip do lo
line c 0
no exec-t
logg syn
host R3
int lo0
ip add 3.3.3.3 255.255.255.0
int s2/1
ip add 23.0.0.3 255.255.255.0
no sh
int s2/2
ip add 34.0.0.3 255.255.255.0
no shrouter
R4上的配置
en
conf t
no ip do lo
line c 0
no exec-t
logg syn
host R4
int lo0
ip add 4.4.4.4 255.255.255.0
int s2/1
ip add 34.0.0.4 255.255.255.0
no sh
int s2/2
ip add 45.0.0.4 255.255.255.0
no shblog
R5上的配置
en
conf t
no ip do lo
line c 0
no exec-t
logg syn
host R5
int lo0
ip add 5.5.5.5 255.255.255.0
int s2/2
ip add 45.0.0.5 255.255.255.0
no sh
实验过程:
第一步:先让R2-R4上的EIGRP协议跑起来接口
R2(config)#router ei 11
R2(config-router)#net 2.2.2.2
R2(config-router)#net 23.0.0.2
R2(config-router)#no auip
R3(config)#router ei 11
R3(config-router)#net 3.3.3.3
R3(config-router)#net 23.0.0.3
R3(config-router)#net 34.0.0.4
R3(config-router)#no au路由
R4(config)#router ei 11
R4(config-router)#net 4.4.4.4
R4(config-router)#net 34.0.0.4
R4(config-router)#no au
第二步:再在R1—R5上跑BGP协议
第二步分步:本文重点
第一步:在R1上指定邻居R2的物理接口12.0.0.2为AS为234.其实R2的AS为65023。咱们想到会在R1上出现错误,咱们来看看实际状况
R1(config)#router b 100
R1(config-router)#nei 12.0.0.2 remot 234rem
R2(config-router)#router b 65023
R2(config-router)#nei 12.0.0.1 remot 100it
Nov 29 17:18:21.315: %BGP-3-NOTIFICATION: sent to neighbor 12.0.0.2 2/2 (peer in wrong AS) 2 bytes FDFF
R1(config-router)# FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 FDFF 00B4 0202 0202 1002 0601 0400 0100 0102 0280 0002 0202 00
//咱们看到了在R1上出现的错误
接着咱们再配置完R2
R2(config-router)#bgp confederation identifier 234
//这里咱们对外宣布as为234,也就是说欺骗R1说我是234。这样R1上不会出现错误提示
R2(config-router)#nei 3.3.3.3 remot 65
R2(config-router)#nei 3.3.3.3 remot 65023
R2(config-router)#nei 3.3.3.3 up lo0
R2(config-router)#
第二步:在其它各路由器上配置bgp
在R5上和R1上出现的状况是一致的,咱们在这里不在演示
R3(config)#router b 65023
R3(config-router)#bgp confederation identifier 234
R3(config-router)#bgp confederation peers 65034
R3(config-router)#nei 2.2.2.2 remot 65023
R3(config-router)#nei 2.2.2.2 up lo0
R3(config-router)#nei 4.4.4.4 remot 65034
R3(config-router)#nei 4.4.4.4 up lo0
R3(config-router)#nei 4.4.4.4 e
R4(config-router)#router b 65034
R4(config-router)#bgp con id 234
R4(config-router)#bgp con p 65023
R4(config-router)#nei 45.0.0.5 remot 500
R4(config-router)#nei 3.3.3.3 remot 65023
R4(config-router)#nei 3.3.3.3 up lo0
R4(config-router)#nei 3.3.3.3 ebgp-multihop *io
R5(config)#router b 500
R5(config-router)#nei 45.0.0.4 remot 234
第三步:在各个路由器上宣告本身的网段
R1(config-router)#net 1.1.1.0 mask 255.255.255.0
R1(config-router)#net 12.0.0.0 mask 255.255.255.0
R2(config-router)#net 2.2.2.0 mask 255.255.255.0
R3(config-router)#net 3.3.3.0 mask 255.255.255.0
R3(config-router)#net 23.0.0.0 mask 255.255.255.0
R3(config-router)#net 34.0.0.0 mask 255.255.255.0
R4(config-router)#net 4.4.4.0 mask 255.255.255.0
R5(config-router)#net 5.5.5.0 mask 255.255.255.0
R5(config-router)#net 45.0.0.0 mask 255.255.255.0
//从上面的这些宣告的例子咱们能够看出,每一个路由器都宣告本身的回环接口和直连网段,可是相邻的两个路由器只须要宣告本身共同的网段一次就行
即全部的路由器宣告的全部网段没有重复的路由条目
第三步:在各个路由上查看相关配置
在R3上出现了这样的状况
第四步:测试
R1#tclsh
R1(tcl)#foreach ip {
+>(tcl)#2.2.2.2
+>(tcl)#3.3.3.3
+>(tcl)#4.4.4.4
+>(tcl)#5.5.5.5
+>(tcl)#12.0.0.2
+>(tcl)#23.0.0.2
+>(tcl)#23.0.0.3
+>(tcl)#34.0.0.3
+>(tcl)#34.0.0.4
+>(tcl)#45.0.0.4
+>(tcl)#45.0.0.5
+>(tcl)#1.1.1.1
+>(tcl)#} {ping $ip}
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/33/80 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/56/100 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/71/120 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 80/119/180 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/39/64 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 23.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/26/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 23.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/55/80 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 34.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/70/124 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 34.0.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/101/184 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 45.0.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/54/100 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 45.0.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/85/136 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
R5#tclsh
R5(tcl)#foreach ip {
+>(tcl)#2.2.2.2
+>(tcl)#1.1.1.1
+>(tcl)#3.3.3.3
+>(tcl)#4.4.4.4
+>(tcl)#12.0.0.1
+>(tcl)#12.0.0.2
+>(tcl)#23.0.0.2
+>(tcl)#23.0.0.3
+>(tcl)#34.0.0.3
+>(tcl)#34.0.0.4
+>(tcl)#45.0.0.4
+>(tcl)#45.0.0.5
+>(tcl)#5.5.5.5
+>(tcl)#} {ping $ip}
Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 76/108/188 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 44/98/140 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 36/73/96 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 12/38/80 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 12.0.0.1, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 76/98/140 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 12.0.0.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 60/84/108 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 23.0.0.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 80/100/128 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 23.0.0.3, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 20/64/116 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 34.0.0.3, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 12/88/124 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 34.0.0.4, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 12/41/60 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 45.0.0.4, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 8/32/52 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 45.0.0.5, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 24/43/92 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 msR5(tcl)#