实验前推介阅读
【实验要求】
在R2上使用 community 的No-Advertise 确保 AS1、AS2、AS3能够访问互相通告的地址,并且只有R2能够访问R5的Loopback1地址155.1.58.0/24
【实验拓扑】
【实验基本配置】
|
1:
interface FastEthernet0/0
ip address 155.1.146.1 255.255.255.0
interface Serial0/0
ip address 155.1.13.1 255.255.255.0
clock rate 2000000
router eigrp 2
network 155.1.13.1 0.0.0.0
no auto-summary
!
router bgp 2
no synchronization
bgp log-neighbor-changes
neighbor 155.1.13.3 remote-as 2
neighbor 155.1.13.3 next-hop-self
neighbor 155.1.23.2 remote-as 2
neighbor 155.1.23.2 next-hop-self
neighbor 155.1.146.4 remote-as 3
no auto-summary
R2:
interface Serial0/0
ip address 155.1.23.2 255.255.255.0
clock rate 2000000
interface Serial0/1
ip address 155.1.0.2 255.255.255.0
encapsulation frame-relay
clock rate 2000000
frame-relay map ip 155.1.0.5 205 broadcast
network 155.1.23.2 0.0.0.0
auto-summary
!
router bgp 2
no synchronization
bgp log-neighbor-changes
neighbor 155.1.0.5 remote-as 1
neighbor 155.1.13.1 remote-as 2
neighbor 155.1.13.1 next-hop-self
neighbor 155.1.23.3 remote-as 2
neighbor 155.1.23.3 next-hop-self
|
R3:
(注意R3不用配置next-hop-self,因为它不不是边界路由器)
interface Loopback0
ip address 155.1.37.3 255.255.255.0
interface Serial0/0
ip address 155.1.13.3 255.255.255.0
clock rate 2000000
interface Serial0/1
ip address 155.1.23.3 255.255.255.0
clock rate 2000000
router eigrp 2
network 155.1.13.3 0.0.0.0
network 155.1.23.3 0.0.0.0
auto-summary
!
router bgp 2
no synchronization
bgp log-neighbor-changes
network 155.1.37.0 mask 255.255.255.0
neighbor 155.1.13.1 remote-as 2
neighbor 155.1.23.2 remote-as 2
no auto-summary
R4:
interface Loopback0
ip address 204.12.1.4 255.255.255.0
!
interface FastEthernet0/0
ip address 155.1.146.4 255.255.255.0
router bgp 3
no synchronization
bgp log-neighbor-changes
network 204.12.1.0
neighbor 155.1.146.1 remote-as 2
no auto-summary
R5:
interface Loopback0
ip address 155.1.5.5 255.255.255.0
interface Loopback1
ip address 155.1.58.5 255.255.255.0
interface Serial0/0
ip address 155.1.0.5 255.255.255.0
encapsulation frame-relay
clock rate 2000000
frame-relay map ip 155.1.0.2 502 broadcast
router bgp 1
no synchronization
bgp log-neighbor-changes
network 155.1.5.0 mask 255.255.255.0
network 155.1.58.0 mask 255.255.255.0
neighbor 155.1.0.2 remote-as 2
no auto-summary
|
【实验前验证】
R4#show ip bgp
下面输出结果中存在155.1.58.0
<隐藏部分输出结果>
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 155.1.146.1 0 2 1 i
*> 155.1.37.0/24 155.1.146.1 0 2 i
*> 155.1.58.0/24 155.1.146.1 0 2 1 i
*> 204.12.1.0 0.0.0.0 0 32768 i
R3#show ip bgp R3同样能够学习到 155.1.58.0/24 地址
<隐藏部分输出结果>
Network Next Hop Metric LocPrf Weight Path
*>i155.1.5.0/24 155.1.23.2 0 100 0 1 i
*> 155.1.37.0/24 0.0.0.0 0 32768 i
*>i155.1.58.0/24 155.1.23.2 0 100 0 1 i
*>i204.12.1.0 155.1.13.1 0 100 0 3 i
【实验配置】
注意下面的route-map配置,必须增加一条 permit20 否则route-map的默认规则是阻断所有。
在R2上配置确保匹配到 155.1.58.0/24 网络,将其community设置为no-advertise 即
不通告该路由到任何对等体(包括internel和External)
R2:
route-map NO_ADVERTISE permit 10
match ip address prefix-list VLAN58
set community no-advertise
!
route-map NO_ADVERTISE permit 20
!
router bgp 2
neighbor 155.1.0.5 route-map NO_ADVERTISE in
!
ip prefix-list VLAN58 permit 155.1.58.0/24
!
【实验验证】
R3#show ip bgp
结果中没有155.1.58.0/24 的网络
<隐藏部分输出结果>
Network Next Hop Metric LocPrf Weight Path
*>i155.1.5.0/24 155.1.23.2 0 100 0 1 i
*> 155.1.37.0/24 0.0.0.0 0 32768 i
*>i204.12.1.0 155.1.13.1 0 100 0 3 i
R4#show ip bgp
结果中没有155.1.58.0/24 的网络
<隐藏部分输出结果>
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 155.1.146.1 0 2 1 i
*> 155.1.37.0/24 155.1.146.1 0 2 i
*> 204.12.1.0 0.0.0.0 0 32768 i
R1#show ip bgp
<隐藏部分输出结果>
结果中没有155.1.58.0/24 的网络
Network Next Hop Metric LocPrf Weight Path
*>i155.1.5.0/24 155.1.23.2 0 100 0 1 i
*>i155.1.37.0/24 155.1.13.3 0 100 0 i
*> 204.12.1.0 155.1.146.4 0 0 3 i
R2#show ip bgp
R2 可以学习到155.1.58.0/24的网络,但它不传给其他对等体
<隐藏部分输出结果>
Network Next Hop Metric LocPrf Weight Path
*> 155.1.5.0/24 155.1.0.5 0 0 1 i
*>i155.1.37.0/24 155.1.23.3 0 100 0 i
*> 155.1.58.0/24 155.1.0.5 0 0 1 i
*>i204.12.1.0 155.1.13.1 0 100 0 3 i
R2#show ip bgp 155.1.58.0 注意下面R2学习到的155.1.58.0 网络的community已经被标记为no-advertise
BGP routing table entry for 155.1.58.0/24, version 4
Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to any peer)
Not advertised to any peer
1
155.1.0.5 from 155.1.0.5 (155.1.5.5)
Origin IGP, metric 0, localpref 100, valid, external, best
Community: no-advertise
本文转自zcm8483 51CTO博客,原文链接:http://blog.51cto.com/haolun/992825
