(incomplete)
6、优先选择MED最小
7、优先选择从EBGP邻居学习的路由。
8、优先选择从最近的IGP邻居学习的路由
9、优先选择最老的路由(即最稳定的路由)
10、优先选择从具有最小BGProuterID的邻居学习的路由
11、优先选择从具有最小的接口IP地址bgp邻居学习的路由
就题目来说,我们可以在65002中也可以在65003中配置,只是方向不同而已,这里我们只配置下R2指R1邻居时的命令:
:
route-mapsf
setas-pathprepend65004定义好路由图和相关策略,然后把这策略应用到路由进程下:
neighbor1.1.1.1route-mapsfout(注意此时65004是出现在65003的右边,而如果应用的是in方向,也就是说在R1上指R2为邻居时,则65004是出现在65003左边的)
五:
ipas-pathaccess-list
Definesanaccesslistbasedonautonomoussystempathinformation.
Syntax:
[no]ipas-pathaccess-listlist-name {permit|deny} as-regular-expression
.
list-name
Uniquealpha-numericnamethatidentifiestheregularexpressionaccesslist.Listnamescanbeupto255charactersinlengthandcontainthefollowingcharacters:
A-Z,a-z,0-9,_,and-.Usetheshowipas-path-access-listtodisplaythenamesofalldefinedas-pathaccesslists.
permit
Permitsaccessformatchingconditions.
deny
Deniesaccessformatchingconditions.
as-regular-expression
Autonomoussystemintheaccesslistthatusesaregularexpression.
Description:
Accesslistsarefiltersthatenableyoutorestricttheroutinginformationarouterlearnsoradvertisestoandfromaneighbor.
MultipleBGPpeersorroutemapscanreferenceasingleaccesslist.Youcanapplyaccessliststobothinboundrouteupdatesandoutboundrouteupdates.Eachrouteupdateispassedthroughtheaccess-list.BGPapplieseachruleintheaccesslistintheorderitappearsinthelist.Whenaroutematchesanyrule,thedecisiontopermittheroutethroughthefilterordenyismade,andnofurtherrulesareprocessed
AccesslistsbasedonautonomoussystempathenableyoutocontrolroutingupdatesbasedonBGPautonomouspathsinformation.Ifyouwanttocontrolupdatesforalltheroutestoorfromanautonomoussystem,filteringbasedonautonomoussystempathismoreefficientthanlistingeachrouteindividually.
Aregularexpressionisapatternusedtomatchagainstaninputstring.InBGP,youcanbuildaregularexpressiontomatchinformationaboutanautonomoussystempath.Regularexpressionscaninclude:
Table5-3.CharactersandComponentsofRegularExpressions
ComponentCharacter
Description
Ranges
Asequenceofcharacterswithinsquarebrackets:
[1234]
Atoms
Asinglecharacterwithspecialmeaning.Atomsinclude:
.
Matchesanysinglecharacter.
^
Matchesthebeginningofaninputstring.
$
Matchestheendofaninputstring.
_(underscore)
Matchesacomma,leftbrace,rightbrace,thebeginningofaninputstring,theendofaninputstring,oraspace.
Pieces
Atomsfollowedbyaspecialcharacterlistedbelow:
Branches
0ormoreconcatenatedpieces.
Thefollowingtableprovidessampleregularexpressions:
Table5-4.SampleRegularExpressions
RegularExpression
Description
^nnn$
Indicatestherouteoriginatedinautonomoussystemnnn.The^meanstheexpressionmuststartwiththenextcharacter.The$meanstheexpressionmustendwiththeprecedingcharacter.
^100$matches:
100
^aaa_bbb$
Theautonomoussystemlistmustcontainbothaaaandbbbwithaaaappearingbeforethebbb.Forexample:
^123_456$matches:
123456
868123999456
^nnn.*nnn$
Theexpressionmustbeginwithaspecificautonomoussystemandendwithaspecificautonomoussystem,butcanhaveanythinginbetween.Forexample:
∙123456
∙123123456
∙^123.*456$(matches:
123123123456)
∙123868999456
∙12341456
_nnn_
Indicatestheroutewasviaautonomoussystemnnn.
^$
Indicatestherouteoriginatedinthisautonomoussystem.
NOTERegularexpressionsarematchedagainsttheautonomoussystempathasifitisastring-notasequenceofnumbers.Encloseautonomoussystemnumberswithinunderscorestomatchaspecificautonomoussystemnumber.
Permitanddenyapplyonlywhenthereisanexactmatchbetweentheregularexpressionandtheautonomoussystempath.
Usetheipas-pathaccesslistcommandtocreateanaccesslisttofilterroutesbasedontheirautonomoussystempath.Addentriestotheaccesslistbyrepeatingthecommandfordifferentautonomoussystempaths.
Usetheneighborormatchas-pathcommandstoapplyanautonomoussystempathbasedaccesslist.
Usethenoipas-pathaccess-listcommandtodeleteanentireautonomoussystempathbasedaccesslist.
Usethenoipas-pathaccess-listlist-name{permit|deny}as-regular-expressiontodeleteaspecificfilterfromanautonomoussystempathaccesslist.
FactoryDefault:
Noaccesslists.
CommandMode:
Configuration.
Example1:
Inthefollowingexample,theipas-pathaccess-listcommandscreateanas-pathaccesslistnamed'1'topermitonlythoseroutesthatincludepathsfromorthroughautonomoussystems234and345:
router(config)#ipas-pathaccess-list1permit_234_
router(config)#ipas-pathaccess-list1permit_345_
router(config)#ipas-pathaccess-list1denyany
Notethelastlineoftheaccesslistisadenyanystatementtoremindyourreaderthatallotheraccessisdenied.
Example2:
Inthefollowingexample,theneighborfilter-listcommandspecifiesthatonlypathsfromorthroughautonomoussystems234and345(asspecifiedbyaccesslist1)areadvertisedtoBGPneighbor125.181.1.5andtheweightforthoseroutesissetto30.
router(config)#routerbgp100
router(config-router)#network170.100.0.0.
router(config-router)#neighbor170.100.205.5remote-as234
router(config-router)#neighbor121.180.1.4remote-as345
router(config-router)#neighbor125.181.1.5remote-as171
router(config-router)#neighbor125.181.1.5filter-list1weight30
依题意我们建两个正规表达式来分别匹配AS65003的流量和AS65002的流量,命令如下:
R6上
ipas-pathaccess-list1permit^65002$
ipas-pathaccess-list2permit^65002_65003$然后把这两个正规表达式通过路由应用到进程中
neighbor1.1.1.1route-mapsfin
route-mapsfpermit10
matchas-path1
setweight200
matchas-path2
setweight100
六:
BGP的COMMUNITY
我们同样做一个正规列表来匹配AS65003
neighbor3.3.3.3route-mapsfin
route-mapgopermit10
matchas-path1
setweight100
matchas-path2
setweight200
ipas-pathaccess-list2permit^65002_65003$然后setcommunityno-advertise