CISCO官方配置手册PBR
CISCO官方配置手册BGP+Link+Bandwidth+

Corporate Headquarters:Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706USACopyright © 2005 Cisco Systems, Inc. All rights reserved.BGP Link BandwidthThe Border Gateway Protocol (BGP) Link Bandwidth feature is used to advertise the bandwidth of an autonomous system exit link as an extended community. This feature is configured for links between directly connected external BGP (eBGP)neighbors.The link bandwidth extended community attribute is propagated to iBGP peers when extended community exchange is enabled. This feature is used with BGP multipath features to configure load balancing over links with unequal bandwidth.History for the BGP Link Bandwidth FeatureFinding Support Information for Platforms and Cisco IOS Software ImagesUse Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at /go/fn . You must have an account on .If you do not have an account or have forgotten your username or password,click Cancel at the login dialog box and follow the instructions that appear.Contents•Prerequisites for BGP Link Bandwidth, page 2•Restrictions for BGP Link Bandwidth, page 2•Information About BGP Link Bandwidth, page 2•How to Configure BGP Link Bandwidth, page 3•Configuration Examples for BGP Link Bandwidth, page 5•Additional References, page 9•Command Reference, page 11Release Modification12.2(2)T This feature was introduced.12.2(14)S This feature was integrated into Cisco IOS Release 12.0(14)S.12.2(11)T This feature was integrated in Cisco IOS Release 12.2(11)T.12.0(24)SThis feature was integrated into Cisco IOS Release 12.0(24)S.BGP Link Bandwidth Prerequisites for BGP Link Bandwidth2Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SPrerequisites for BGP Link Bandwidth•BGP load balancing or multipath load balancing must be configured before this feature is enabled.•BGP extended community exchange must be enabled between iBGP neighbors to which the link bandwidth attribute is to be advertised.•Cisco Express Forwarding (CEF) or distributed CEF (dCEF) must be enabled on all participating routers.Restrictions for BGP Link Bandwidth•This feature can be configured only under IPv4 and VPNv4 address family sessions.•BGP can originate the link bandwidth community only for directly connected links to eBGPneighbors.•Both iBGP and eBGP load balancing are supported in IPv4and VPNv4address families.However, eiBGP load balancing is supported only in VPNv4 address-family.Information About BGP Link BandwidthTo configure the BGP Link Bandwidth feature, you must understand the following concept:•BGP Link Bandwidth Overview, page2•Link Bandwidth Extended Community Attribute, page3•Benefits of the BGP Link Bandwidth Feature, page3BGP Link Bandwidth OverviewThe BGP Link Bandwidth feature used to enable multipath load balancing for external links withunequal bandwidth capacity.This feature is enabled under an IPv4or VPNv4address family sessions byentering the bgp dmzlink-bw command. This feature supports both iBGP, eBGP multipath loadbalancing, and eiBGP multipath load balancing in Multiprotocol Label Switching (MPLS) VirtualPrivate Networks(VPNs).When this feature is enabled,routes learned from directly connected externalneighbor are propagated through the internal BGP (iBGP) network with the bandwidth of the sourceexternal link.The link bandwidth extended community indicates the preference of an autonomous system exit link interms of bandwidth. This extended community is applied to external links between directly connectedeBGP peers by entering the neighbor dmzlink-bw command.The link bandwidth extended communityattribute is propagated to iBGP peers when extended community exchange is enabled with the neighborsend-community command.BGP Link BandwidthHow to Configure BGP Link BandwidthLink Bandwidth Extended Community AttributeThe link bandwidth extended community attribute is a4-byte value that is configured for a link that onthe demilitarized zone (DMZ) interface that connects two single hop eBGP peers. The link bandwidthextended community attribute is used as a traffic sharing value relative to other paths while forwardingtraffic. Two paths are designated as equal for load balancing if the weight, local-pref, as-path length,Multi Exit Discriminator (MED), and Interior Gateway Protocol (IGP) costs are the same. Benefits of the BGP Link Bandwidth FeatureThe BGP Link Bandwidth feature allows BGP to be configured to send traffic over multiple iBGP oreBGP learned paths where the traffic that is sent is proportional to the bandwidth of the links that areused to exit the autonomous system.The configuration of this feature can be used with eBGP and iBGPmultipath features to enable unequal cost load balancing over multiple links. Unequal cost loadbalancing over links with unequal bandwidth was not possible in BGP before the BGP Link Bandwidthfeature was introduced.How to Configure BGP Link BandwidthThis section contains the following procedures:•Configuring BGP Link Bandwidth, page3•Verifying BGP Link Bandwidth Configuration, page5Configuring BGP Link BandwidthTo configure the BGP Link Bandwidth feature, perform the steps in this section.SUMMARY STEPS1.enable2.configure {terminal |memory |network}3.router bgp as-number4.address-family ipv4[mdt | multicast |tunnel | unicast[vrf vrf-name] |vrf vrf-name] | ipv6[multicast |unicast] |vpnv4[unicast]5.bgp dmzlink-bw6.neighbor ip-address dmzlink-bw7.neighbor ip-address send-community [both |extended |standard]8.endCisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)S3BGP Link Bandwidth How to Configure BGP Link Bandwidth4Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SDETAILED STEPSCommand or Action PurposeStep1enableExample:Router> enable Enables higher privilege levels, such as privileged EXEC mode.•Enter your password if prompted.Step2configure {terminal | memory | network}Example:Router# configure terminalEnters global configuration mode.Step3router bgp as-numberExample:Router(config)# router bgp 50000Enters router configuration mode to create or configure a BGP routing process.Step4address-family ipv4[mdt|multicast|tunnel| unicast [vrf vrf-name] | vrf vrf-name] | ipv6[multicast | unicast] | vpnv4 [unicast]Example:Router(config-router)#address-family ipv4Places the router in address family configuration mode.•The BGP Link Bandwidth feature is supported only under the IPv4 and VPNv4 address families.Step5bgp dmzlink-bwExample:Router(config-router-af)#bgp dmzlink-bw Configures BGP to distribute traffic proportionally to the bandwidth of the link.•This command must be entered on each router that contains an external interface that is to be used formultipath load balancing.Step6neighbor ip-address dmzlink-bwExample:Router(config-router-af)#neighbor 172.16.1.1dmzlink-bw Configures BGP to include the link bandwidth attribute for routes learned from the external interface specified IP address.•This command must be configured for each eBGP link that is to be configured as a multipath. Enabling thiscommand allows the bandwidth of the external link to be propagated through the link bandwidth extendedcommunity.Step7neighbor ip-address send-community [both | extended | standard]Example:Router(config-router-af)#neighbor 10.10.10.1send-community extended (Optional) Enables community and/or extended community exchange with the specified neighbor.•This command must be configured for iBGP peers to which the link bandwidth extended communityattribute is to be propagated.Step8endExample:Router(config-router-af)#end Exits address family configuration mode,and enters Privileged EXEC mode.BGP Link BandwidthConfiguration Examples for BGP Link Bandwidth5Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SVerifying BGP Link Bandwidth ConfigurationTo verify the BGP Link Bandwidth feature, perform the steps in this section.SUMMARY STEPS1.enable2.show ip bgp ip-address [longer-prefixes [injected ] |shorter-prefixes [mask-length ]]3.show ip route [[ip-address [mask ] [longer-prefixes ]] | [protocol [process-id ]] | [list access-list-number |access-list-name ] | [static download ]]DETAILED STEPSConfiguration Examples for BGP Link BandwidthThe following examples show how to configure and verify this feature:•BGP Link Bandwidth Configuration Example, page 6•Verifying BGP Link Bandwidth, page 8Command or ActionPurposeStep 1enableExample:Router> enableEnables higher privilege levels, such as privileged EXEC mode.•Enter your password if prompted.Step 2show ip bgp ip-address [longer-prefixes[injected] | shorter-prefixes [mask-length]]Example:Router# show ip bgp 10.0.0.0Displays information about the TCP and BGP connections to neighbors.•The output displays the status of the link bandwidth configuration. The bandwidth of the link is shown in kilobytes.Step 3show ip route [[ip-address [mask][longer-prefixes]] | [protocol [process-id]] |[list access-list-number | access-list-name] |[static download]]Example:Router#show ip route 10.0.0.0Displays the current state of the routing table.•The output displays traffic share values, including the weights of the links that are used to direct traffic proportionally to the bandwidth of each link.BGP Link BandwidthConfiguration Examples for BGP Link Bandwidth6Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SBGP Link Bandwidth Configuration ExampleIn the following examples,the BGP Link Bandwidth feature is configured so BGP will distribute traffic proportionally to the bandwidth of each external link.Figure 1shows two external autonomous systems connected by three links that each carry a different amount of bandwidth (unequal cost links).Multipath load balancing is enabled and traffic is balanced proportionally.Figure 1BGP Link Bandwidth ConfigurationRouter A ConfigurationIn the following example, Router A is configured to support iBGP multipath load balancing and to exchange the BGP extended community attribute with iBGP neighbors:Router A(config)#router bgp 100Router A(config-router)#neighbor 10.10.10.2 remote-as 100Router A(config-router)#neighbor 10.10.10.2 update-source Loopback 0Router A(config-router)#neighbor 10.10.10.3 remote-as 100Router A(config-router)#neighbor 10.10.10.3 update-source Loopback 0Router A(config-router)#address-family ipv4Router A(config-router)#bgp dmzlink-bwRouter A(config-router-af)#neighbor 10.10.10.2 activateRouter A(config-router-af)#neighbor 10.10.10.2 send-community both Router A(config-router-af)#neighbor 10.10.10.3 activateRouter A(config-router-af)#neighbor 10.10.10.3 send-community both Router A(config-router-af)#maximum-paths ibgp 6Autonomous system 100Autonomous system 200Router ARouter Bs1s1s0s1s0s010.10.10.x/24Router CRouter D Router EBandwidth in bits per =50017335000second54705BGP Link BandwidthConfiguration Examples for BGP Link BandwidthRouter B ConfigurationIn the following example, Router B is configured to support multipath load balancing, to distributeRouter D and Router E link traffic proportionally to the bandwidth of each link, and to advertise thebandwidth of these links to iBGP neighbors as an extended community:Router B(config)#router bgp 100Router B(config-router)#neighbor 10.10.10.1 remote-as 100Router B(config-router)#neighbor 10.10.10.1 update-source Loopback 0Router B(config-router)#neighbor 10.10.10.3 remote-as 100Router B(config-router)#neighbor 10.10.10.3 update-source Loopback 0Router B(config-router)#neighbor 172.16.1.1 remote-as 200Router B(config-router)#neighbor 172.16.1.1 ebgp-multihop 1Router B(config-router)#neighbor 172.16.2.2 remote-as 200Router B(config-router)#neighbor 172.16.2.2 ebgp-multihop 1Router B(config-router)#address-family ipv4Router B(config-router-af)#bgp dmzlink-bwRouter B(config-router-af)#neighbor 10.10.10.1 activateRouter B(config-router-af)#neighbor 10.10.10.1 next-hop-selfRouter B(config-router-af)#neighbor 10.10.10.1 send-community bothRouter B(config-router-af)#neighbor 10.10.10.3 activateRouter B(config-router-af)#neighbor 10.10.10.3 next-hop-selfRouter B(config-router-af)#neighbor 10.10.10.3 send-community bothRouter B(config-router-af)#neighbor 172.16.1.1activateRouter B(config-router-af)#neighbor 172.16.1.1 dmzlink-bwRouter B(config-router-af)#neighbor 172.16.2.2 activateRouter B(config-router-af)#neighbor 172.16.2.2 dmzlink-bwRouter B(config-router-af)#maximum-paths ibgp 6Router B(config-router-af)#maximum-paths 6Router C ConfigurationIn the following example, Router C is configured to support multipath load balancing and to advertisethe bandwidth of the link with Router E to iBGP neighbors as an extended community:Router C(config)#router bgp 100Router C(config-router)#neighbor 10.10.10.1 remote-as 100Router C(config-router)#neighbor 10.10.10.1 update-source Loopback 0Router C(config-router)#neighbor 10.10.10.2 remote-as 100Router C(config-router)#neighbor 10.10.10.2 update-source Loopback 0Router C(config-router)#neighbor 172.16.3.30 remote-as 200Router C(config-router)#neighbor 172.16.3.30 ebgp-multihop 1Router C(config-router)#address-family ipv4Router C(config-router-af)#bgp dmzlink-bwRouter C(config-router-af)#neighbor 10.10.10.1 activateRouter C(config-router-af)#neighbor 10.10.10.1 send-community bothRouter C(config-router-af)#neighbor 10.10.10.1 next-hop-selfRouter C(config-router-af)#neighbor 10.10.10.2 activateRouter C(config-router-af)#neighbor 10.10.10.2 send-community bothRouter C(config-router-af)#neighbor 10.10.10.2 next-hop-selfRouter C(config-router-af)#neighbor 172.16.3.3 activateRouter C(config-router-af)#neighbor 172.16.3.3 dmzlink-bwRouter C(config-router-af)#maximum-paths ibgp 6Router C(config-router-af)#maximum-paths 6Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)S7BGP Link Bandwidth Configuration Examples for BGP Link Bandwidth8Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SVerifying BGP Link BandwidthThe examples in this section show the verification of this feature on Router A and Router B.Router BIn the following example,the show ip bgp command is entered on Router B to verify that two unequalcost best paths have been installed into the BGP routing table.The bandwidth for each link is displayedwith each route.Router B#show ip bgp 192.168.1.0BGP routing table entry for 192.168.1.0/24, version 48Paths: (2 available, best #2)Multipath: eBGPAdvertised to update-groups:1 2200172.16.1.1 from 172.16.1.2 (192.168.1.1)Origin incomplete, metric 0, localpref 100, valid, external, multipath, bestExtended Community: 0x0:0:0DMZ-Link Bw 278 kbytes200172.16.2.2 from 172.16.2.2 (192.168.1.1)Origin incomplete, metric 0, localpref 100, valid, external, multipath, bestExtended Community: 0x0:0:0DMZ-Link Bw 625 kbytesRouter AIn the following example, the show ip bgp command is entered on Router A to verify that the linkbandwidth extended community has been propagated through the iBGP network to Router A.The outputshows that a route for each exit link (on Router B and Router C) to autonomous system 200 has beeninstalled as a best path in the BGP routing table.Router A#show ip bgp 192.168.1.0BGP routing table entry for 192.168.1.0/24, version 48Paths: (3 available, best #3)Multipath: eBGPAdvertised to update-groups:1 2200172.16.1.1 from 172.16.1.2 (192.168.1.1)Origin incomplete, metric 0, localpref 100, valid, external, multipathExtended Community: 0x0:0:0DMZ-Link Bw 278 kbytes200172.16.2.2 from 172.16.2.2 (192.168.1.1)Origin incomplete, metric 0, localpref 100, valid, external, multipath, bestExtended Community: 0x0:0:0DMZ-Link Bw 625 kbytes200172.16.3.3 from 172.16.3.3 (192.168.1.1)Origin incomplete, metric 0, localpref 100, valid, external, multipath, bestExtended Community: 0x0:0:0DMZ-Link Bw 2500 kbytesBGP Link BandwidthWhere to Go Next9Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SRouter AIn the following example, the show ip route command is entered on Router A to verify the multipath routes that are advertised and the associated traffic share values:Router A#show ip route 192.168.1.0Routing entry for 192.168.1.0/24Known via "bgp 100", distance 200, metric 0 Tag 200, type internalLast update from 172.168.1.1 00:01:43 ago Routing Descriptor Blocks:* 172.168.1.1, from 172.168.1.1, 00:01:43 ago Route metric is 0, traffic share count is 13 AS Hops 1, BGP network version 0 Route tag 200172.168.2.2, from 172.168.2.2, 00:01:43 ago Route metric is 0, traffic share count is 30 AS Hops 1, BGP network version 0 Route tag 200172.168.3.3, from 172.168.3.3, 00:01:43 agoRoute metric is 0, traffic share count is 120 AS Hops 1, BGP network version 0 Route tag 200Where to Go NextFor information about the BGP Multipath Load Sharing for Both eBGP and iBGP in an MPLS-VPN feature, refer to the following document:/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s24/s_e ibmpl.htmFor more information about the iBGP Multipath Load Sharing feature,refer to the following document:/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t2/ftbgpls.htmAdditional ReferencesThe following sections provide references related to BGP Link Bandwidth feature.Related DocumentsRelated TopicDocument TitleBGP commands:complete command syntax,command mode, command history, defaults, usage guidelines,and examples•Cisco IOS IP Command Reference, Volume 2 of 4: Routing Protocols,Release 12.3TBGP configuration tasks •Cisco IOS IP Configuration Guide,Release 12.3CEF configuration tasks•Cisco IOS Switching Services Configuration Guide , 12.3BGP Link BandwidthAdditional References10Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SStandardsMIBsRFCsTechnical AssistanceStandardTitleNo new or modified standards are supported by this feature,and support for existing standards has not been modified by this feature.—MIBMIBs LinkNo new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.To obtain lists of supported MIBs by platform and Cisco IOSrelease,and to download MIB modules,go to the Cisco MIB website on at the following URL:/public/sw-center/netmgmt/cmtk/mibs.shtmlRFCTitledraft-ramachandra-bgp-ext-communities-09.txtBGP Extended Communities AttributeDescriptionLinkTechnical Assistance Center (TAC) home page,containing 30,000 pages of searchable technical content, including links to products, technologies,solutions, technical tips, and tools. Registered users can log in from this page to access even more content.TAC Home Page:/public/support/tac/home.shtml BGP Support Page:/cgi-bin/Support/browse/psp_view.pl?p=Inter networking:BGPCommand ReferenceCommand ReferenceThis section documents the new commands.•bgp dmzlink-bw•neighbor dmzlink-bwbgp dmzlink-bw bgp dmzlink-bwTo configure BGP to distribute traffic proportionally over external links with unequal bandwidth whenmultipath load balancing is enabled,use the bgp dmzlink-bw command in address family configurationmode. To disable traffic distribution proportional to the link bandwidth, use the no form of thiscommand.bgp dmzlink-bwno bgp dmzlink-bwSyntax Description This command has no keywords or arguments.Defaults No default behavior or valuesCommand Modes Address family configurationCommand History Usage Guidelines The bgp dmzlink-bw command is used to configure BGP to distribute traffic proportionally to thebandwidth of external links.This command is configured for multipath load balancing between directlyconnected external BGP (eBGP) neighbors. This feature is used with BGP multipath features toconfigure load balancing over links with unequal bandwidth.The neighbor dmzlink-bw command mustalso be configured for each external link through which multipath load balancing is configured toadvertise the link bandwidth as an extended community. The neighbor send-community command isconfigured to exchange the link bandwidth extended community with internal BGP (iBGP) peers.Examples In the following example, the BGP Link Bandwidth feature is configured to allow multipath loadbalancing to distribute link traffic proportionally to the bandwidth of each external link,and to advertisethe bandwidth of these links to iBGP peers as an extended community:Router(config)#router bgp 100Router(config-router)#neighbor 10.10.10.1 remote-as 100Router(config-router)#neighbor 10.10.10.1 update-source Loopback 0Router(config-router)#neighbor 10.10.10.3 remote-as 100Router(config-router)#neighbor 10.10.10.3 update-source Loopback 0Router(config-router)#neighbor 172.16.1.1 remote-as 200Router(config-router)#neighbor 172.16.1.1 ebgp-multihop 1Router(config-router)#neighbor 172.16.2.2 remote-as 200Router(config-router)#neighbor 172.16.2.2 ebgp-multihop 1Router(config-router)#address-family ipv4ReleaseModification 12.2(2)TThis command was introduced.12.2(14)SThis command was integrated into Cisco IOS Release 12.2(14)S.12.2(11)TThis command was integrated into Cisco IOS Release 12.2(11)T.12.0(24)S This command was integrated into Cisco IOS Release 12.0(24)S.bgp dmzlink-bw Router(config-router-af)#bgp dmzlink-bwRouter(config-router-af)#neighbor 10.10.10.1 activateRouter(config-router-af)#neighbor 10.10.10.1 next-hop-selfRouter(config-router-af)#neighbor 10.10.10.1 send-community bothRouter(config-router-af)#neighbor 10.10.10.3 activateRouter(config-router-af)#neighbor 10.10.10.3 next-hop-selfRouter(config-router-af)#neighbor 10.10.10.3 send-community bothRouter(config-router-af)#neighbor 172.16.1.1activateRouter(config-router-af)#neighbor 172.16.1.1 dmzlink-bwRouter(config-router-af)#neighbor 172.16.2.2 activateRouter(config-router-af)#neighbor 172.16.2.2 dmzlink-bwRouter(config-router-af)#maximum-paths ibgp 6Router(config-router-af)#maximum-paths 6Related Commands Command Descriptionneighbor dmzlink-bw Configures BGP to advertise the bandwidth of links that are used toexit an autonomous system.neighbor send-community Specifies that a communities attribute should be sent to a BGPneighbor.maximum-paths Controls the maximum number of parallel routes an IP routingprotocol can support.maximum-paths eibgp Controls the maximum number of eBGP or iBGP paths that can beconfigured in an MPLS VPN.maximum-paths ibgp Controls the maximum number of parallel iBGP routes that can beinstalled in a routing table.neighbor dmzlink-bw neighbor dmzlink-bwTo configure BGP to advertise the bandwidth of links that are used to exit an autonomous system, usethe neighbor dmzlink-bw command in address family configuration mode. To disable link bandwidthadvertisement, use the no form of this command.neighbor ip-address dmzlink-bwno neighbor ip-address dmzlink-bwSyntax Description Defaults No default behavior or valuesCommand Modes Address family configurationCommand History Usage Guidelines The neighbor dmzlink-bw command is used to configure BGP to advertise the bandwidth of thespecified external interface as an extended community. This command is configured for links betweendirectly connected external BGP (eBGP)neighbors.The link bandwidth extended community attributeis propagated to iBGP peers when extended community exchange is enabled with the neighborsend-community command. This feature is used with BGP multipath features to configure loadbalancing over links with unequal bandwidth. This feature is not enabled until the bgp dmzlink-bwcommand is entered under the address family session for each router that has a directly connectedexternal link.Examples In the following example, the BGP Link Bandwidth feature is configured to allow multipath loadbalancing to distribute link traffic proportionally to the bandwidth of each external link,and to advertisethe bandwidth of these links to iBGP peers as an extended community:Router(config)#router bgp 100Router(config-router)#neighbor 10.10.10.1 remote-as 100Router(config-router)#neighbor 10.10.10.1 update-source Loopback 0Router(config-router)#neighbor 10.10.10.3 remote-as 100Router(config-router)#neighbor 10.10.10.3 update-source Loopback 0Router(config-router)#neighbor 172.16.1.1 remote-as 200Router(config-router)#neighbor 172.16.1.1 ebgp-multihop 1Router(config-router)#neighbor 172.16.2.2 remote-as 200Router(config-router)#neighbor 172.16.2.2 ebgp-multihop 1ip-address The IP address that identifies the external interface.ReleaseModification 12.2(2)TThis command was introduced.12.2(14)SThis command was integrated into Cisco IOS Release 12.2(14)S.12.2(11)TThis command was integrated into Cisco IOS Release 12.2(11)T.12.0(24)S This command was integrated into Cisco IOS Release 12.0(24)S.neighbor dmzlink-bw Router(config-router)#address-family ipv4Router(config-router-af)#bgp dmzlink-bwRouter(config-router-af)#neighbor 10.10.10.1 activateRouter(config-router-af)#neighbor 10.10.10.1 next-hop-selfRouter(config-router-af)#neighbor 10.10.10.1 send-community bothRouter(config-router-af)#neighbor 10.10.10.3 activateRouter(config-router-af)#neighbor 10.10.10.3 next-hop-selfRouter(config-router-af)#neighbor 10.10.10.3 send-community bothRouter(config-router-af)#neighbor 172.16.1.1activateRouter(config-router-af)#neighbor 172.16.1.1 dmzlink-bwRouter(config-router-af)#neighbor 172.16.2.2 activateRouter(config-router-af)#neighbor 172.16.2.2 dmzlink-bwRouter(config-router-af)#maximum-paths ibgp 6Router(config-router-af)#maximum-paths 6Related Commands Command Descriptionbgp dmzlink-bw Configures BGP to distribute traffic proportionally over external linkswith unequal bandwidth when multipath load balancing is enabled.neighbor send-community Specifies that a communities attribute should be sent to a BGPneighbor.maximum-paths Controls the maximum number of parallel routes an IP routingprotocol can support.maximum-paths eibgp Controls the maximum number of eBGP or iBGP paths that can beconfigured in an MPLS VPN.maximum-paths ibgp Controls the maximum number of parallel iBGP routes that can beinstalled in a routing table.neighbor dmzlink-bwCCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work,Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP,CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital,the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink,Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo,Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet,The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in theUnited States and certain other countries.All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply apartnership relationship between Cisco and any other company. (0601R)Copyright © 2005 Cisco Systems, Inc. All rights reserved.。
思科CCNP认证PBR策略路由与BGP协议详解

思科CCNP认证PBR策略路由与BGP协议详解本⽂讲述了思科CCNP认证PBR策略路由与BGP协议。
分享给⼤家供⼤家参考,具体如下:PBR——策略路由定义:通过流量策略来执⾏选路的⼀种转发⼿段。
控制层⾯——给路由的转发做指导数据层⾯——在路由表中找到路由的出接⼝或者下⼀跳传统的路由表转发只能通过数据的⽬标地址做策略。
策略路由可以根据源地址、⽬的地址、源端⼝、⽬的端⼝、协议、TOS等流量特征来做决策提供路由——灵活性⾼,但速度慢,需要⼀个⼀个抓,操作相对⿇烦。
路由表与策略路由的关系:策略路由是先于路由表执⾏的,策略路由没有捕获的流量依然会去执⾏路由表。
两种配置:1:接⼝下配置access-list 100 permit ip host 1.1.1.1 any //⽤ACL捕获流量route-map pbr permit 10 //定义route-mapnatch ip address 10 //调⽤被ACL捕获的流量set ip next-hop 10.1.1.1 //设置下⼀跳int f0/1ip policy route-map pbr //接⼝下调⽤只能捕获该接⼝的⼊接⼝流量做策略(不能处理本路由器产⽣的流量)。
2:全局配置access-list 100 permit ip host 1.1.1.1 any //⽤ACL捕获流量route-map pbr permit 10 //定义route-mapmatch ip address 10 //调⽤被ACL捕获的流量set ip next-hop 10.1.1.1 //设置下⼀跳ip local policy route-map pbr能够捕获所有接⼝⼊接⼝流量以及本路由器产⽣的流量(源地址是本路由器地址)3:策略路由的冗余设置route-map pbr permit 10match ip address 1ip next-hop verify-availability 10.1.24.2 1 track 1 //track 成功则本条⽣效,track失败则执⾏下⼀条set语句track ip next-hop 10.1.34.3track 1 ip sla 1 //定义⼀个track监控sla的探测结果ip sla 1 //定义⼀个slaip icmp-echo 10.1.12.1 source-ip 10.4.4.4 //设置其探针ip sla schedule 1 life forever start-time now //设置sla 1的执⾏时间4:default 语句在route-map的set ip default这个位置输⼊,定义被捕获的流量为先查路由表。
思科Cisco策略路由详细介绍

思科Cisco策略路由详细介绍思科Cisco策略路由详细介绍思科策略路由怎么配置呢?下面yjbys为大家就策略路由的以下四个方面做相关讲解,配置Cisco策略的朋友可以参考下注:PBR以前是CISCO用来丢弃报文的一个主要手段。
比如:设置set interface null 0,按CISCO说法这样会比ACL的deny要节省一些开销。
这里我提醒:interface null 0no ip unreachable //加入这个命令这样避免因为丢弃大量的报文而导致很多ICMP的不可达消息返回。
三层设备在转发数据包时一般都基于数据包的目的地址(目的网络进行转发),那么策略路由有什么特点呢?1、可以不仅仅依据目的地址转发数据包,它可以基于源地址、数据应用、数据包长度等。
这样转发数据包更灵活。
2、为QoS服务。
使用route-map及策略路由可以根据数据包的特征修改其相关QoS项,进行为QoS服务。
3、负载平衡。
使用策略路由可以设置数据包的行为,比如下一跳、下一接口等,这样在存在多条链路的情况下,可以根据数据包的应用不同而使用不同的链路,进而提供高效的负载平衡能力。
策略路由影响的只是本地的行为,所以可能会引起“不对称路由”形式的流量。
比如一个单位有两条上行链路A与B,该单位想把所有HTTP流量分担到A 链路,FTP流量分担到B链路,这是没有问题的,但在其上行设备上,无法保证下行的HTTP流量分担到A链路,FTP 流量分担到B链路。
策略路由一般针对的是接口入(in)方向的数据包,但也可在启用相关配置的情况下对本地所发出的数据包也进行策略路由。
本文就策略路由的以下四个方面做相关讲解:1、启用策略路由2、启用Fast-Switched PBR3、启用Local PBR4、启用CEF-Switched PBR启用策略路由:开始配置route-map。
使用route-map map-tag [permit | deny] [sequence-number]进入route-map的配置模式。
思科Cisco交换机配置手册配置教程

配置接口特性这一章详细说明交换机上的接口和描述怎么配置他们。
这章有以下这些内容:●理解接口类型●使用接口命令●配置二层接口●监控和维护第二层接口●配置第三从接口注意:需要完整的有关该章的语法和应用信息,请参考Catalyst 3550 Multilayer Switch Command Reference和Cisco IOS Interface Command Referencefor Release 12.1.理解接口类型这个部分描述了不同的接口类型,以及其它章节所包括的详细配置这些接口的一些参考内容。
其他章节描述了物理接口特性的配置过程。
这部分包括:•基于端口的VLAN (Port-Based VLANs)•交换端口(Switch Ports)•以太网通道端口组(EtherChannel Port Groups)•交换虚拟接口(Switch Virtual Interfaces)•被路由端口(Routed Ports)•连接接口(Connecting Interfaces)基于端口的VLAN (Port-based Vlans)一个Vlan是一个按功能、组、或者应用被逻辑分段的交换网络,并不考虑使用者的物理位置。
要更多关于Vlan的信息请看“Configuring VLANS”。
一个端口上接受到的包被发往属于同一个Vlan的接收端口。
没有一个第三层的设备路由Vlan间的流量,不同Vlan的网络设备无法通讯。
为了配置普通范围(Normal-range) Vlan(Vlan IDs 1-1005),使用命令:config-vlan模式(global) vlan vlan-id或vlan-configuration模式(exec) vlan database针对Vlan ID 1-1005的vlan-configration模式被保存在vlan数据库中。
为配置扩展范围(extended-range) Vlans (Vlan ID 1006-4094),你必须使用config-vlan模式,并把VTP的模式设为transparent透明模式。
双线路Cisco路由器配置pppoe拨号上网

公司原有的20M城域网光纤不能满足现在的需求了,公司决定购买中国电信的ADSL 100M光纤线路,所以路由器变成了,双线连接互联,有某些业务需要使用20M线路固定公网IP,公司内部员工默认使用100M光纤上网。
此配置适合两条ADSL线路上网,只需要把固定IP的换成ADSL配置
ip nat inside
exit
#固定IP地址
interface GigabitEthernet0/1
ip address 113.106.x.x 255.255.255.240 secondary
ip address 113.106.x.y 255.255.255.240 secondary
match interface g0/1
exit
#NAT上网(PAT配置)
ip nat inside source route-map LANTo100Nat int dia 1 overload
ip nat inside source route-map LANTo20Nat int g0/1 overload
route-map lantointernetacl permit 10
match ip address lanto100adsl-acl
set ip next-hop verify-availability #因为不是固定IP,所以用这个参数
exit
route-map lantointernetacl permit 20
match ip add adsl100-nat-acl
match interface dia 1
exit
no route-map LANTo20Nat permit 20
Cisco产品配置手册

Cisco产品配置手册(路由器部分)同天科技目录第一章路由器配置基础一、基本设置方式 (2)二、命令状态 (3)三、设置对话过程 (3)四、常用命令 (7)五、配置IP地址 (9)六、配置静态路由 (12)第二章广域网协议设置一、HDCL (13)二、PPP (16)三、X.25 (18)四、Frame Relay (22)五、ISDN (26)六、PSTN (35)第三章路由器协议设置一、RIP协议 (49)二、IGRP协议 (50)三、OSPF协议 (52)四、重新分配路由 (56)五、IPX协议设置 (59)第四章服务质量及访问控制一、协议优先级设置 (61)二、队列定制 (62)三、访问控制 (63)第五章虚拟局域网(VLAN)路由一、虚拟局域网(VLAN) (64)二、交换机间链路(ISL)协议 (64)三、虚拟局域网(VLAN)路由实例 (64)第六章参考一、Cisco路由器口令恢复 (70)二、IP地址分配 (71)1.路由器配置基础1.1. 基本配置方式一般来说,可以用5种方式来设置路由器:1.Console 口接终端或运行终端仿真软件的微机;机相连;3.通过Ethernet上的TFTP服务器;4.通过Ethernet 上的TELNET程序;5.通过Ethernet 上的SNMP网管工作站。
但路由器的第一次设置必须通过第一种方式进行,此时终端的硬件设置如下:波特率:960O数据位:8停止位:1奇偶校验:无1.2.1.3. 命令状态1.router>路由器处于用户命令状态,这时用户可以看路由器的连接状态,访问它网络和主机,但不能看到和更改路由器的设置内容。
2.router#往router>提示符下键人enable,路由器进入特权命令状态router#,时不但可以执行所有的用户命令,还可以看到和更改路由器的设置内容。
3.router(config)#在router#提示符下键入。
Configure terminal,出现提示符router(config)#,此时路由器处于分局设置状态,这时可以设置路出器的全局参数。
CISCO 策略路由(PBR)配置实例

CISCO 策略路由(PBR)配置实例时间:2010-02-17 22:56来源:未知作者:admin 点击: 142次策略路由选择可以选择修改下一跳地址以及标记数据包来提供不通的网络服务。
PBR一般用于修改基于源地址的下一跳地址。
推荐实现方式:PBR给于外发IP数据包标记IP优先位,这样方便了实施QoS策略。
一般来说,PBR是通过路由映射来配置的。
看个详细配置实例,你策略路由选择可以选择修改下一跳地址以及标记数据包来提供不通的网络服务。
PBR一般用于修改基于源地址的下一跳地址。
推荐实现方式:PBR给于外发IP数据包标记IP优先位,这样方便了实施QoS策略。
一般来说,PBR是通过路由映射来配置的。
看个详细配置实例,你会更加明白:定义了两个访问列表:10和20,经过配置使来自网络192.168.1.0/24的数据包的下一跳地址改为192.168.100.1;使来自 192.168.2.0/24的数据包的下一跳地址改为192.168.100.2.其他源始发的数据包正常路由。
命令如下:My3377(config)#access-list 10 permit 192.168.1.0 //用访问控制列表先抓取路由My3377(config)#access-list 20 permit 192.168.2.0My3377(config)#route-map nexthop permit 10 //起个名字My3377(config-route-map)#match ip address 10 //匹配一个列表My3377(config-route-map)#set ip next-hop 192.168.100.1 //设置一个策略My3377(config-route-map)#exitMy3377(config)#route-map nexthop permit 20My3377(config-route-map)#match ip address 20My3377(config-route-map)#set ip next-hop 192.168.100.2My3377(config-route-map)#exitMy3377(config)#route-map nexthop permit 30My3377(config)#int s2/1My3377(config-if)#ip policy route-map nexthop //接口下调用My3377(config-if)#exit。
Cisco路由器配置手册(大全)之欧阳治创编

Cisco路由器配置手册(大全)第一章路由器配置基础一、基本设置方式一般来说,可以用5种方式来设置路由器:1.Console口接终端或运行终端仿真软件的微机;2.AUX口接MODEM,通过电话线与远方的终端或运行终端仿真软件的微机相连;3.通过Ethernet上的TFTP服务器;4.通过Ethernet上的TELNET程序;5.通过Ethernet上的SNMP网管工作站。
但路由器的第一次设置必须通过第一种方式进行,此时终端的硬件设置如下:波特率:9600数据位:8停止位:1奇偶校验: 无二、命令状态1. router>路由器处于用户命令状态,这时用户可以看路由器的连接状态,访问其它网络和主机,但不能看到和更改路由器的设置内容。
2. router#在router>提示符下键入enable,路由器进入特权命令状态router#,这时不但可以执行所有的用户命令,还可以看到和更改路由器的设置内容。
3. router(config)#在router#提示符下键入configure terminal,出现提示符router(config)#,此时路由器处于全局设置状态,这时可以设置路由器的全局参数。
4. router(config-if)#; router(config-line)#; router(config-router)#;…路由器处于局部设置状态,这时可以设置路由器某个局部的参数。
5. >路由器处于RXBOOT状态,在开机后60秒内按ctrl-break可进入此状态,这时路由器不能完成正常的功能,只能进行软件升级和手工引导。
6. 设置对话状态这是一台新路由器开机时自动进入的状态,在特权命令状态使用SETUP命令也可进入此状态,这时可通过对话方式对路由器进行设置。
三、设置对话过程1. 显示提示信息2. 全局参数的设置3. 接口参数的设置4. 显示结果利用设置对话过程可以避免手工输入命令的烦琐,但它还不能完全代替手工设置,一些特殊的设置还必须通过手工输入的方式完成。
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
This chapter describes the tasks for configuring policy-based routing (PBR) on a router. For complete conceptual information about this feature, see the section “Policy-Based Routing” in the chapter “Classification Overview” in this book. For a complete description of the PBR commands in this chapter, refer to the Cisco IOS Quality of Service Solutions Command Reference. To locate documentation of other commands that appear in this chapter, use the command reference master index or search online. To identify the hardware platform or software image information associated with a feature, use the Feature Navigator on to search for information about the feature or refer to the software release notes for a specific release. For more information, see the “Identifying Supported Platforms” section in the “Using Cisco IOS Software” chapter in this book.
Identifies the route map to use for PBR. One interface can have only one route map tag; but you can have several route map entries, each with its own sequence number. Entries are evaluated in order of their sequence numbers until the first match occurs. If no match occurs, packets are routed as usual.
Cisco IOS Quality of Service Solutions Configuration Guide
QC-43
Policy-Based Routing Configuration Task List
Configuring Policy-Based Routing
To enable PBR on an interface, use the following commands beginning பைடு நூலகம்n global configuration mode:
• default next-hop: Sets next hop to which to route the packet if there is no explicit route for this destination.
• default interface: Sets output interface for the packet if there is no explicit route for this destination.
Router(config-route-map)# set ip default next-hop ip-address [... ip-address]
Router(config-route-map)# set default interface interface-type interface-number [... type ...number]
Although there are many route-map matching options, here you can specify only length and/or ip address.
• length matches the Level 3 length of the packet.
The set commands can be used in conjunction with each other. They are evaluated in the order shown in Step 3 in the previous task table. A usable next hop implies an interface. Once the local router finds a next hop and a usable interface, it routes the packet.
Step 1 Step 2
Step 3
Command
Purpose
Router(config)# route-map map-tag [permit | deny] [sequence-number]
Defines a route map to control where packets are output. This command puts the router into route-map configuration mode.
Specifies the action(s) to take on the packets that match the criteria. You can specify any or all of the following:
• precedence: Sets precedence value in the IP header. You can specify either the precedence number or name.
Policy-Based Routing Configuration Task List
To configure PBR, perform the tasks described in the following sections. The task in the first section is required; the tasks in the remaining sections are optional. • Enabling PBR (Required) • Enabling Fast-Switched PBR (Optional) • Enabling Local PBR (Optional) • Enabling CEF-Switched PBR (Optional) See the end of this chapter for the section “Policy-Based Routing Configuration Examples.”
Router(config-route-map)# match length min max
Specifies the match criteria.
Router(config-route-map)# match ip address {access-list-number | name} [...access-list-number | name]
Enabling PBR
To enable PBR, you must create a route map that specifies the match criteria and the resulting action if all of the match clauses are met. Then, you must enable PBR for that route map on a particular interface. All packets arriving on the specified interface matching the match clauses will be subject to PBR.
Router(config-route-map)# set ip next-hop recursive ip-address [... ip-address]
Router(config-route-map)# set interface interface-type interface-number [... type number]
• next-hop recursive: Sets next hop to which to route the packet if the hop is to a router which is not adjacent.
• interface: Sets output interface for the packet.
• df: Sets the ‘Don’t Fragment’ (DF) bit in the ip header.
• vrf: Sets the VPN Routing and Forwarding (VRF) instance.
• next-hop: Sets next hop to which to route the packet.
Router(config-route-map)# set ip precedence [number | name]
Router(config-route-map)# set ip df