H3CBGP路由策略之选路Word文档下载推荐.docx

H3CBGP路由策略之选路Word文档下载推荐.docx

《H3CBGP路由策略之选路Word文档下载推荐.docx》由会员分享，可在线阅读，更多相关《H3CBGP路由策略之选路Word文档下载推荐.docx（8页珍藏版）》请在冰豆网上搜索。

20.20.10.254/24

GO/D/1”

MED100

往10.10.10.254的

I数据包走向

\非对称路径

1J1,9/30

IBGP

local-pref50IBGP

\「1

L1.1.10/30—"

414丿

AR28/2

1.1.1J3/30J、、

AS200

ARt

20.20.20254/24:

20.20.30.254/24

在引入路由的时候只允许引

入20.20.30.0/24的路由,过

滤器使用基^ACL+router-

policy的方式

1修改AS列表的属性只能在EBGP勺出方向上增加这个属性并且只能添加在AS-PATH列表的前面。

同时证实在EBG啲进入方向无法添加AS号码。

2关于缺省路由，在BGP中缺省路由最好是通过一条IGP比如静态的缺省路由，然后network0.0.0.00.0.0.0则可以得到通告。

也可以在BGP下使用1default-routeimported,2import-route

static

3BGP的network只能通告非BGP勺路由，比如R1---R2---R3,R1

上某路由在R2上的BGP路由再次network则不可以生效。

AR18配置

[AR18]discur

Nowcreateconfiguration...

Currentconfiguration

!

version1.74

sysnameAR18

firewallenable

aaa-enable

aaaaccounting-schemeoptional

acl2000match-orderauto

rulenormalpermitsource20.20.30.00.0.0.255

rulenormaldenysourceany

interfaceAux0

asyncmodeflow

flow-controlnone

link-protocolppp

interfaceEthernet0

interfaceSerial0

ipaddress1.1.1.10255.255.255.252

interfaceSerial1

clockDTECLK1

ipaddress1.1.1.14255.255.255.252

interfaceLoopBack1

ipaddress20.20.10.254255.255.255.0

interfaceLoopBack2

ipaddress20.20.20.254255.255.255.0

interfaceLoopBack3

ipaddress20.20.30.254255.255.255.0!

quit

bgp200

undosynchronizafionimport—rouCDdirecf「ou（D—po=cy_<

peerm.9as—number200pee二•n_k3as—number200

一

i

「ou（D—po=cy-<

permi二if—mafchipaddress2000

refurn

AR46碍wsysnameAR46cpu—usagecyc-e亠minradiusschemesysCDmdomainSysCDm

local-useradmin

passwordcipher.]@USE=B,53Q=AQ'

MAF4<

1!

service-typetelnetterminal

level3

service-typeftp

#

interfaceGigabitEthernet0/0/0

ipaddress1.1.1.1255.255.255.252

interfaceGigabitEthernet0/0/1

ipaddress1.1.1.5255.255.255.252

interfaceGigabitEthernet0/0/2

ipaddressdhcp-alloc

interfaceNULL0

ipaddress10.10.10.254255.255.255.0

ipaddress10.10.20.254255.255.255.0

ipaddress10.10.30.254255.255.255.0

bgp100

import-routedirectroute-policylv

undosynchronization

groupto200external

peer1.1.1.2groupto200as-number200

peer1.1.1.6groupto200as-number200

route-policylvpermitnode1

if-matchip-prefixlv

FTPserverenable

ipip-prefixlvindex10permit10.10.10.024

#user-interfacecon0

d#edA^-eoiAjes

£

|0Ae|leuiuuje;

;

eu|e;

edA^-eoiAjes

iiAtdVIAIQv二日二」eqdppjo/v\sseduiuupe」esn-|eoo|

Lue^sAsuieuuop

Lue^sAseuueqossrqpe」

uiuui，epAoe6esn-ncb

148乙占VeiueusAs

#离型"

0阳Vv9论JV>

ujniej

#euueqosepouu-uoqeoque屮nep0心eoepe^ui-jesn

0xneeoepe^ui-jesn

aclnumber2000

rule0permitsource10.10.10.00.0.0.255

interfaceEthernet0/0

ipaddress1.1.1.2255.255.255.252

interfaceEthernet0/1

interfaceSerial0/0

ipaddress1.1.1.9255.255.255.252

groupto100external

那8乙占VeiueusAs

#离型乙愿阳Vujniej

0uooeoepe^ui-jesn

#eiqeue」eAjesdu

#OSeouejejejd-|eoo|A|dde000乙PBqoieuj-j!

IepouiiLUjeda|Aoiiod-e^noj

d6qidno」60|/|/y」"

d

^iodxeA|Aoi|od-eino」d6qi」eed|8oo|-doq-ixeud6qi」eed

|euje;

uid6qidno」6

0（H」eqlunu-seoogdno」6|/|/y」eecl

cpu-usagecycle1min

radiusschemesystem

domainsystem

service-typetelnetterminal

rule0permitsource20.20.30.00.0.0.255

ipaddress1.1.1.6255.255.255.252

ipaddress1.1.1.13255.255.255.252

peerto100route-policylvexport

peer1.1.1.5groupto100as-number100groupibgpinternal

peeribgpnext-hop-local

peer1.1.1.14groupibgp

if-matchacl2000

applycost100

FTPserverenableuser-interfacecon0

user-interfaceaux0

user-interfacevty04authentication-modescheme#

return