【实验说明】
在AS2上配置汇聚路由,对10.0.0.1/16、
10.1.0.1/16、
10.2.0.1/16、
10.3.0.1/16路由进行汇聚
,使得AS1上的路由器只学习到的路由中不包含 10.1.0.0/16和10.2.0.0/16 明细路由。
【实验拓扑】
【实验配置步骤】
- 按照上图配置各个设备的接口地址
- 在 R1, R3, R4, R5 上配置BGP
- R1 与 R3 and R4 建立邻居对等体
- R5 与 R3 and R4 建立邻居对等体
- 通告 R5与R4上的loopback0 地址到BGP
- 通告R1 上的Loopback地址 BGP
- 通告R2 上的Loopback地址 BGP
- 在R1与R3上配置BGP汇聚
- R1 抑制10.1.0.0/16 路由
- R3 抑制10.2.0.0/16 路由
【实验分析】
在使用aggregate-address对路由进行汇聚后,邻居学习到的路由中要么不包含被汇聚的明细路由,要么包含,但本实验中要求不包含特定明细路由,因此要用到suppress-map,来抑制特定明细路由,当然本实验一定不会使用summary-only参数,否则所有的明细路由都到不了AS1。 suppress-map 参数的主要作用就在于
抑制
aggregate-address 宣告的明细路由中不包含制定的明细路由。
【实验基本配置】
|
R1:在R1上抑制10.1.0.0/16 明细路由
interface Loopback0
ip address 10.0.0.1 255.255.0.0
!
interface Loopback1
ip address 10.1.0.1 255.255.0.0
!
interface FastEthernet0/0
ip address 155.1.146.1 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip address 155.1.13.1 255.255.255.0
clock rate 2000000
!
router bgp 2
network 10.0.0.0 mask 255.255.0.0
network 10.1.0.0 mask 255.255.0.0
aggregate-address 10.0.0.0 255.252.0.0 suppress-map SUPPRESS
neighbor 155.1.13.3 remote-as 2
neighbor 155.1.13.3 next-hop-self
neighbor 155.1.146.4 remote-as 1
!
ip prefix-list 10.1.0.0 permit 10.1.0.0/16
!
route-map SUPPRESS permit 10
match ip add prefix-list 10.1.0.0
!
R3:
在R3上抑制10.2.0.0/16 明细路由
interface Loopback0
ip address 10.2.0.1 255.255.0.0
!
interface Loopback1
ip address 10.3.0.1 255.255.0.0
!
interface Serial0/1
ip address 155.1.13.3 255.255.255.0
clock rate 64000
!
interface Serial0/0
ip address 155.1.0.3 255.255.255.0
encapsulation frame-relay
clock rate 2000000
frame-relay map ip 155.1.0.5 305 broadcast
no frame-relay inverse-arp
!
router bgp 2
network 10.2.0.0 mask 255.255.0.0
network 10.3.0.0 mask 255.255.0.0
aggregate-address 10.0.0.0 255.252.0.0 suppress-map SUPPRESS
neighbor 155.1.13.1 remote-as 2
neighbor 155.1.13.1 next-hop-self
neighbor 155.1.0.5 remote-as 1
!
ip prefix-list 10.2.0.0 permit 10.2.0.0/16
!
route-map SUPPRESS permit 10
match ip add prefix-list 10.2.0.0
|
R4:
interface Loopback0
ip address 204.12.1.4 255.255.255.0
!
interface FastEthernet0/0
ip address 155.1.146.4 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip address 155.1.45.4 255.255.255.0
clock rate 2000000
!
router bgp 1
network 204.12.1.0
neighbor 155.1.45.5 remote-as 1
neighbor 155.1.146.1 remote-as 2
neighbor 155.1.45.5 next-hop-self
R5:
interface Loopback0
ip address 155.1.5.5 255.255.255.0
!
interface Serial0/1
ip address 155.1.45.5 255.255.255.0
clock rate 64000
!
interface Serial0/0
ip address 155.1.0.5 255.255.255.0
encapsulation frame-relay
clock rate 2000000
frame-relay map ip 155.1.0.3 503 broadcast
no frame-relay inverse-arp
!
router bgp 1
network 155.1.5.0 mask 255.255.255.0
neighbor 155.1.45.4 remote-as 1
neighbor 155.1.0.3 remote-as 2
neighbor 155.1.45.4 next-hop-self
|
【实验验证】
从下面输出结果中,我们可以看到R4与R5 学习不到被抑制的
10.1.0.0/16 与10.2.0.0/16
明细路由,验证了suppress-map能够对明细路由进行抑制。
R1#show ip bgp
BGP table version is 8, local router ID is 10.1.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.0.0.0/16 0.0.0.0 0 32768 i
* i10.0.0.0/14 155.1.13.3 0 100 0 i
*> 0.0.0.0 32768 i
s> 10.1.0.0/16 0.0.0.0 0 32768 i
*>i10.3.0.0/16 155.1.13.3 0 100 0 i
*> 155.1.5.0/24 155.1.146.4 0 1 i
*> 204.12.1.0 155.1.146.4 0 0 1 i
R3#show ip bgp
BGP table version is 9, local router ID is 10.3.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i10.0.0.0/16 155.1.13.1 0 100 0 i
*> 10.0.0.0/14 0.0.0.0 32768 i
* i 155.1.13.1 0 100 0 i
s> 10.2.0.0/16 0.0.0.0 0 32768 i
*> 10.3.0.0/16 0.0.0.0 0 32768 i
*>i155.1.5.0/24 155.1.13.1 0 100 0 1 i
*>i204.12.1.0 155.1.13.1 0 100 0 1 i
R4#show ip bgp 学习到的汇聚路由和明细路由,但不包含10.1.0.0/16和10.2.0.0/16 明细路由
BGP table version is 6, local router ID is 204.12.1.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.0.0.0/16 155.1.146.1 0 0 2 i
*> 10.0.0.0/14 155.1.146.1 0 0 2 i
*> 10.3.0.0/16 155.1.146.1 0 2 i
*>i155.1.5.0/24 155.1.45.5 0 100 0 i
*> 204.12.1.0 0.0.0.0 0 32768 i
R5#show ip bgp
学习到的汇聚路由和明细路由,但不包含10.1.0.0/16和10.2.0.0/16 明细路由
BGP table version is 6, local router ID is 155.1.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i10.0.0.0/16 155.1.45.4 0 100 0 2 i
*>i10.0.0.0/14 155.1.45.4 0 100 0 2 i
*>i10.3.0.0/16 155.1.45.4 0 100 0 2 i
*> 155.1.5.0/24 0.0.0.0 0 32768 i
*>i204.12.1.0 155.1.45.4 0 100 0 i
R4#show ip route bgp
155.1.0.0/24 is subnetted, 3 subnets
B 155.1.5.0 [200/0] via 155.1.45.5, 00:09:23
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B 10.3.0.0/16 [20/0] via 155.1.146.1, 00:08:00
B 10.0.0.0/16 [20/0] via 155.1.146.1, 00:09:23
B 10.0.0.0/14 [20/0] via 155.1.146.1, 00:09:23
R5#show ip route bgp
B 204.12.1.0/24 [200/0] via 155.1.45.4, 00:09:33
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B 10.3.0.0/16 [200/0] via 155.1.45.4, 00:08:09
B 10.0.0.0/16 [200/0] via 155.1.45.4, 00:09:33
B 10.0.0.0/14 [200/0] via 155.1.45.4, 00:09:33
本文转自zcm8483 51CTO博客,原文链接:http://blog.51cto.com/haolun/992255
