BGP 配置实例
配置BGP
配置BGPBGP协议概述BGP是目前Internet使用最广的外部网关协议(Exterior Gateway Protocol,EGP),其提供的主要功能是在不同的自治系统(autonomous systems,AS)之间交换网络可达信息,并通过协议自身机制消除路由环路。
BGP使用TCP作为传输协议,用TCP协议的可靠传输机制保证BGP的传输可靠性。
运行BGP协议的router称为BGP speaker,建立了BGP会话连接(BGP session)的BGP speakers之间被称作对等体(BGP peers)。
BGP speaker之间建立对等体的模式有两种:IBGP(Internal BGP)和EBGP(External BGP)。
IBGP是指在相同AS内建立的BGP连接,EBGP是指在不同AS之间建立的BGP连接。
二者的作用简而言之就是:EBGP是完成不同AS之间路由信息的交换,IBGP是完成路由信息在本AS内的过渡。
锐捷网络的BGP协议有如下特点:●支持BGP-4●支持路径属性✓ORIGN Attribute✓AS_PATH Attribute✓NEXT_HOP Attribute✓MULTI_EXIT_DISC Attribute✓LOCAL-PREFERENCE Attribute✓ATOMIC_AGGREGATE Attribute✓AGGREGATOR Attribute✓COMMUNITY Attribute✓ORIGINATOR_ID Attribute✓CLUSTER_LIST Attribute●支持BGP对等体组●支持使用Loopback接口●支持使用TCP的MD5认证●支持BGP和IGP的同步●支持BGP路由聚合●支持BGP路由衰减●支持BGP路由反射器●支持AS联盟●支持BGP软复位缺省的BGP配置:要运行交换机的BGP ,在特权模式下,按照如下步骤进行: Step1 Step2 Step3 Step4 Step5 Step6 Step7使用no router bgp 关闭BGP 。
华为BGP配置实例
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete Network NextHop MED LocPrf PrefVal Path/Ogn
*> 8.1.1.0/24
用peer connect-interface命令将Loopback接口配置为BGP连接的源接口。 Router C的Loopback接口路由可达。
# 配置Router B。
<RouterB> system-view [RouterB] bgp 65009 [RouterB-bgp] router-id 2.2.2.2 [RouterB-bgp] peer 3.3.3.3 as-number 65009
3.1.1.0/24的路由。
# 配置Router B。 [RouterB] bgp 65009 [RouterB-bgp] import-route direct # 显示Router A的BGP路由表。
[RouterA] display bgp routing-table
Total Number of Routes: 4 BGP Local router ID is 1.1.1.1 Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? – incomplete Network *> 2.2.2.2/32 * 3.1.1.0/24 *> 8.1.1.0/24 *> 9.1.1.0/24 NextHop 3.1.1.1 3.1.1.1 0.0.0.0 3.1.1.1 0 0 0 0 MED LocPrf 0 0 0 0 PrefVal Path/Ogn 65009? 65009? i 65009?
BGP配置实例
配置R2:interface Ethernet0ip address 23。
23。
23。
2 255。
255。
255。
0 interface Serial1ip address 24.24.24.2 255.255。
255。
0 router ripversion 2network 23.0.0.0no auto-summaryrouter bgp 123bgp router—id 2。
2。
2.2bgp cluster—id 3355443202bgp log—neighbor-changesneighbor 23.23.23。
3 remote—as 123 neighbor 24。
24。
24。
4 remote—as 140R3:interface Ethernet0ip address 23。
23.23。
3 255.255.255.0 interface Serial1ip address 35.35。
35。
3 255。
255。
255。
0 router ripversion 2network 23.0.0.0no auto—summaryrouter bgp 123no synchronizationbgp router-id 3。
3。
3。
3bgp log-neighbor—changesneighbor 23。
23。
23.2 remote—as 123 neighbor 35。
35.35。
5 remote—as 150no auto-summaryR4:interface Serial0ip address 24.24.24.4 255。
255。
255。
0 router bgp 140bgp router—id 4。
4。
4。
4bgp cluster-id 3355443203bgp log-neighbor-changesneighbor 24.24.24.2 remote-as 123R5:interface Loopback0ip address 105。
BGP小结
BGP小结一、需要使用BGP的网络:1、在国干网络使用BGP:目的是为了传递各个省、运营商或不同AS的路由,为不同的AS间数据互访进行寻经;将本国使用的路由发布到国际网络上。
国干路由器和AS出口路由器建立EBGP邻居。
2、省干网络使用BGP:目的是为了传递本省内各个不同城市的路由,为本省内不同城市间数据互访进行寻经;将本省内使用的路由发布到国干网络上。
省干落地设备可以与城域网出口建立EBGP邻居,同时为城域网下发EBGP缺省路由。
3、城域网出口路由器使用BGP:EBGP网络的末梢设备,目的将本城域网使用的路由发布到省干网络上,同时从省干落地设备接受BGP缺省路由;同时和城域网汇聚层设备建立IBGP邻居。
4、城域网汇聚层路由器使用BGP:城域网BGP网络的末梢设备,目的是对出网流量在汇聚层进行分流,从而可以减轻城域网骨干层路由器的负担。
MP-BGP运行在MPLS的网络上,目的是为了传递VPN的路由。
二、BGP常用的属性:BGP路由属性是一套参数,它对特定的路由进行了进一步的描述,使得BGP 能够对路由进行过滤和选择。
在配置路由策略时我们将广泛地使用路由属性,但是不是所有路由属性都要被用上。
事实上,路由属性被分为以下几类:必遵属性:所有BGP路由器都可以识别,且必须存在于Update消息中。
如果缺少这种属性,路由信息就会出错。
可选属性:所有BGP路由器都可以识别,但不要求必须存在于Update消息中,可以根据具体情况来选择。
过渡属性:在AS之间具有可传递性的属性。
BGP路由器可以不支持此属性,但它仍然会接收带有此属性的路由,并通告给其他对等体。
非过渡属性:如果BGP路由器不支持此属性,则相应的Update消息会被忽略,且不会通告给其他对等体。
1、Origin属性:起点属性是一个必遵过渡属性,它指示路由更新的起源。
BGP允许三种类型的起源:BGP来说,BGP优先选用具有最小起点属性值的路由,即:IGP 优先于EGP,EGP优先于INCOMPLETE。
MP-EBGP 配置实例
Conventions
Refer to Cisco Technical Tips Conventions for more information on document conventions.
In router R2, use the show ip bgp vpnv4 command to display (VPNv4) address information from the (BGP) table.
In router R2
show ip bgp vpnv4
R2#sh ip bgp vpnv4 vrf WAN BGP table version is 24, local router ID is 20.20.20.20 Status codes: s suppressed, d damped, h history, * valid, > best, I − internal,
Configure
In this example, the R1 and R3 routers are configured to be in AS 5500 forming iBGP. The R2 router is configured to be in AS 6500. The R1 and R2 routers communicate with each other using MP−EBGP. All the routers are configured with loopback addresses.
BGP配置实验案例
BGP配置实验案例BGP(边界网关协议)是一个用于在互联网中交换路由信息的协议。
在本篇文章中,我们将探讨一个BGP配置实验案例,其中包括两个自治系统(AS)之间的BGP邻居关系的建立和路由的传递。
这个实验案例可以帮助读者更好地理解BGP协议的工作原理和配置步骤。
在这个实验案例中,我们有两个自治系统:AS1和AS2、AS1拥有IP 地址段192.168.0.0/24,AS2拥有IP地址段10.0.0.0/24、我们的目标是在两个自治系统之间建立BGP邻居关系,并实现路由的传递。
首先,我们需要在两个自治系统中配置BGP路由器。
在AS1中,我们选择一个路由器作为BGP路由器,并配置其Loopback接口的IP地址为192.168.0.1、在AS2中,选择另一个路由器作为BGP路由器,并配置其Loopback接口的IP地址为10.0.0.1、这些Loopback接口的IP地址将用作BGP邻居之间的通信地址。
接下来,我们开始配置BGP邻居关系。
在AS1中,我们需要告诉BGP 路由器与AS2的BGP路由器建立邻居关系。
假设AS2的BGP路由器的IP 地址为10.0.0.2,我们将在AS1的BGP路由器上执行以下命令:``````同样地,在AS2的BGP路由器上,我们需要告诉其与AS1的BGP路由器建立邻居关系。
假设AS1的BGP路由器的IP地址为192.168.0.1,我们将在AS2的BGP路由器上执行以下命令:``````配置完BGP邻居关系后,我们可以开始传递路由信息。
在AS1中,我们希望将本地的IP地址段192.168.0.0/24传输给AS2、我们需要在AS1的BGP路由器上执行以下命令:```network 192.168.0.0 mask 255.255.255.0```这些命令告诉AS1的BGP路由器将地址段192.168.0.0/24传输给BGP邻居。
同样地,在AS2中,我们希望将本地的IP地址段10.0.0.0/24传输给AS1、我们需要在AS2的BGP路由器上执行以下命令:```network 10.0.0.0 mask 255.255.255.0```这些命令告诉AS2的BGP路由器将地址段10.0.0.0/24传输给BGP邻居。
bgp,vpn实例
去年12月的时候做了一个项目,中间碰到一个问题,今天写出来跟大家分享一下。
项目概况是这样的,国家电网的一市局,市局里放了两台NE20E-8的路由器,做为全市的核心路由器,每台NE20E-8用一个CPOS口通过传输设备复用出多个2M线路,下接多个变电所,变电所路由器为cisco的2811路由器。
cisco 2811路由器与两台NE20E-8组成一个链路双归网络,cisco 2811、两台NE20E-8路由器均为PE设备,两台NE20E-8做为全市的路由反射器,变电所的cisco2811路由器只与两台NE20E-8路由器建立BGP邻居关系。
全市存在两个VPN(MPLS/VPN),分别以VRF A和VRF B表示,两台NE20E-8使用upe 方式向cisco2811下发缺省路由引导上行流量,在cisco 2811中重分布直连路由。
以下为网络示意图:以下为三台设备的配置文件NE20E-8A:dis cu#sysname HZLA-NE20E-8A#router id 33.10.191.11#diffserv domain#ip vpn-instance realtimeroute-distinguisher 2007:1vpn-target 30033:11 export-extcommunityvpn-target 30033:1 30033:11 30033:13 import-extcommunity #ip vpn-instance nrtroute-distinguisher 2007:2vpn-target 30033:12 export-extcommunityvpn-target 30033:2 30033:12 30033:14 import-extcommunity #mpls lsr-id 33.10.191.11mpls#mpls ldp#controller Cpos3/0/0e1 6 channel-set 0 timeslot-list 1-31#interface Aux0async mode flowlink-protocol ppp#interface Ethernet1/0/0#interface Ethernet1/0/1#interface Ethernet1/0/2#interface Ethernet1/0/3#interface Ethernet1/0/4description LINK_TO_HZ-NE20-8Aip address 33.10.190.6 255.255.255.252mplsmpls ldp#interface Ethernet1/0/5#interface Ethernet1/0/6#interface Ethernet1/0/7#interface Ethernet2/0/0#interface Ethernet2/0/1#interface Ethernet2/0/2description LINK_TO_HZLA-NE20-8Bip address 33.10.190.61 255.255.255.252 mplsmpls ldp#interface Ethernet2/0/3#interface Ethernet2/0/4#interface Ethernet2/0/5#interface Ethernet2/0/6#interface Ethernet2/0/6.100vlan-type dot1q 100description LINK_TO_HZLA-S3328TP-RT ip binding vpn-instance realtimeip address 33.10.190.209 255.255.255.252 #interface Ethernet2/0/6.200vlan-type dot1q 200description realtimeip binding vpn-instance realtimeip address 10.33.177.94 255.255.255.224 vrrp vrid 200 virtual-ip 10.33.177.94#interface Ethernet2/0/7#interface Ethernet4/0/0#interface Ethernet4/0/1#interface Ethernet4/0/2#interface Ethernet4/0/3#interface Ethernet4/0/4#interface Ethernet4/0/5#interface Ethernet4/0/6#interface Ethernet4/0/6.300#interface Ethernet4/0/6.400description nrt#interface Ethernet4/0/7#interface Serial3/0/0/6:0link-protocol pppdescription xiushuiip address 33.10.177.217 255.255.255.252 mplsmpls ldp#interface GigabitEthernet0/0/1#interface GigabitEthernet0/0/2#interface NULL0#interface LoopBack0ip address 33.10.191.11 255.255.255.255 #bgp 30033group 500 internalpeer 500 connect-interface LoopBack0 peer 33.10.191.131 as-number 30033 peer 33.10.191.131 group 500group 300 internalpeer 300 connect-interface LoopBack0 peer 33.10.191.1 as-number 30033peer 33.10.191.1 group 300peer 33.10.191.12 as-number 30033peer 33.10.191.12 group 300#ipv4-family unicastundo synchronizationreflector cluster-id 100.100.100.100peer 300 enablepeer 33.10.191.1 enablepeer 33.10.191.1 group 300peer 33.10.191.12 enablepeer 33.10.191.12 group 300peer 500 enablepeer 500 reflect-clientpeer 33.10.191.131 enablepeer 33.10.191.131 group 500#ipv4-family vpnv4reflector cluster-id 100.100.100.100policy vpn-targetpeer 300 enablepeer 33.10.191.1 enablepeer 33.10.191.1 group 300peer 33.10.191.12 enablepeer 33.10.191.12 group 300peer 500 enablepeer 500 reflect-clientpeer 500 upepeer 500 default-originate vpn-instance realtimepeer 500 default-originate vpn-instance nrtpeer 33.10.191.131 enablepeer 33.10.191.131 group 500#ipv4-family vpn-instance realtimeimport-route directimport-route static#ipv4-family vpn-instance nrtimport-route directimport-route static#aaalocal-user admin password cipher .]@USE=B,53Q=^Q`MAF4<1!! local-user admin service-type telnetlocal-user admin level 15authentication-scheme default#authorization-scheme default#accounting-scheme default#domain default##ospf 1area 0.0.0.21network 33.10.191.11 0.0.0.0network 33.10.190.4 0.0.0.3network 33.10.190.60 0.0.0.3network 33.10.177.216 0.0.0.3#nqa-jitter tag-version 1#snmp-agentsnmp-agent local-engineid 000007DB7F00000100004E8Bsnmp-agent community write Zpepbdc@sjwsnmp-agent community read huaWei8zjepsnmp-agent sys-info version allsnmp-agent target-host trap address udp-domain 10.33.223.178 params securityname huaWei8zjepsnmp-agent target-host trap address udp-domain 10.33.223.179 params securityname huaWei8zjepsnmp-agent trap enable standardsnmp-agent trap source LoopBack0#user-interface con 0user-interface aux 0user-interface vty 0 4authentication-mode aaa#returnNE20—B:dis cu#sysname HZLA-NE20E-8B#router id 33.10.191.12#diffserv domain#ip vpn-instance realtimeroute-distinguisher 2008:1vpn-target 30033:11 export-extcommunityvpn-target 30033:1 30033:11 30033:13 import-extcommunity#ip vpn-instance nrtroute-distinguisher 2008:2vpn-target 30033:12 export-extcommunityvpn-target 30033:2 30033:12 30033:14 import-extcommunitympls lsr-id 33.10.191.12mpls#mpls ldp#controller Cpos3/0/0e1 6 channel-set 0 timeslot-list 1-31#interface Aux0async mode flowlink-protocol ppp#interface Ethernet1/0/0#interface Ethernet1/0/1#interface Ethernet1/0/2#interface Ethernet1/0/3#interface Ethernet1/0/4#interface Ethernet1/0/5#interface Ethernet1/0/6#interface Ethernet1/0/7#interface Ethernet2/0/0#interface Ethernet2/0/1#interface Ethernet2/0/2description LINK_TO_HZLA-NE20-8A ip address 33.10.190.62 255.255.255.252 mplsmpls ldp#interface Ethernet2/0/3#interface Ethernet2/0/4#interface Ethernet2/0/5interface Ethernet2/0/6#interface Ethernet2/0/6.300vlan-type dot1q 300description LINK_TO_HZLA-S3328TP-NRT ip binding vpn-instance nrtip address 33.10.190.217 255.255.255.252#interface Ethernet2/0/6.400vlan-type dot1q 400description nrtip binding vpn-instance nrtip address 10.33.177.126 255.255.255.224 vrrp vrid 40 virtual-ip 10.33.177.126#interface Ethernet2/0/7#interface Ethernet4/0/0#interface Ethernet4/0/1#interface Ethernet4/0/2#interface Ethernet4/0/3#interface Ethernet4/0/4description LINK_TO_HZFY-NE20-8Aip address 33.10.190.58 255.255.255.252 mplsmpls ldp#interface Ethernet4/0/5#interface Ethernet4/0/6#interface Ethernet4/0/6.100#interface Ethernet4/0/6.200description realtime#interface Ethernet4/0/7#interface Serial3/0/0/6:0link-protocol pppdescription xiushuiip address 33.10.226.217 255.255.255.252 mplsmpls ldp#interface GigabitEthernet0/0/1#interface GigabitEthernet0/0/2#interface NULL0#interface LoopBack0ip address 33.10.191.12 255.255.255.255 #bgp 30033group 500 internalpeer 500 connect-interface LoopBack0 peer 33.10.191.131 as-number 30033 peer 33.10.191.131 group 500group 300 internalpeer 300 connect-interface LoopBack0 peer 33.10.191.11 as-number 30033peer 33.10.191.11 group 300peer 33.10.191.9 as-number 30033peer 33.10.191.9 group 300#ipv4-family unicastundo synchronizationreflector cluster-id 100.100.100.100peer 300 enablepeer 33.10.191.11 enablepeer 33.10.191.11 group 300peer 33.10.191.9 enablepeer 33.10.191.9 group 300peer 500 enablepeer 33.10.191.131 enablepeer 33.10.191.131 group 500#ipv4-family vpnv4reflector cluster-id 100.100.100.100 policy vpn-targetpeer 300 enablepeer 33.10.191.11 enablepeer 33.10.191.11 group 300peer 33.10.191.9 enablepeer 33.10.191.9 group 300peer 500 enablepeer 500 reflect-clientpeer 500 upepeer 500 default-originate vpn-instance realtimepeer 500 default-originate vpn-instance nrtpeer 33.10.191.131 enablepeer 33.10.191.131 group 500#ipv4-family vpn-instance realtimeimport-route directimport-route static#ipv4-family vpn-instance nrtimport-route directimport-route static#aaalocal-user admin password cipher .]@USE=B,53Q=^Q`MAF4<1!! local-user admin service-type telnetlocal-user admin level 15authentication-scheme default#authorization-scheme default#accounting-scheme default#domain default##ospf 1import-route directarea 0.0.0.21network 33.10.191.12 0.0.0.0network 33.10.190.60 0.0.0.3network 33.10.190.56 0.0.0.3network 33.10.226.216 0.0.0.3#nqa-jitter tag-version 1#snmp-agentsnmp-agent local-engineid 000007DB7F00000100004E8Bsnmp-agent community write Zpepbdc@sjwsnmp-agent community read huaWei8zjepsnmp-agent sys-info version allsnmp-agent target-host trap address udp-domain 10.33.223.178 params securityname huaWei8zjepsnmp-agent target-host trap address udp-domain 10.33.223.179 params securityname huaWei8zjepsnmp-agent trap enable standardsnmp-agent trap source LoopBack0#user-interface con 0user-interface aux 0user-interface vty 0 4authentication-mode aaa#returncisco 2811LAXIUSHUI-R2811-1#sho runBuilding configuration...Current configuration : 3511 bytes!version 12.4no service padservice timestamps debug datetime msecservice timestamps log datetime msecservice password-encryption!hostname LAXIUSHUI-R2811-1!boot-start-markerboot-end-marker!card type e1 0 1logging message-counter syslogenable secret 5 $1$0LKz$71.irTxS.bL56D.GD74lD/!no aaa new-modelclock timezone CST 8no network-clock-participate wic 1!dot11 syslogno ip source-routeno ip gratuitous-arps!!ip cefip vrf nrtrd 2406:2route-target export 30033:14route-target import 30033:2route-target import 30033:12!ip vrf realtimerd 2406:1route-target export 30033:13route-target import 30033:1route-target import 30033:11!!!no ipv6 cef!multilink bundle-name authenticated !!!!!!!!!!!!!!!!!!!!!!!voice-card 0!!!!!archivelog confighidekeys!!!!!controller E1 0/1/0framing NO-CRC4clock source internalchannel-group 0 timeslots 1-31!controller E1 0/1/1framing NO-CRC4clock source internalchannel-group 0 timeslots 1-31!!!!!interface Loopback0ip address 33.10.191.131 255.255.255.255 !interface FastEthernet0/0ip address 192.168.1.1 255.255.255.0 duplex autospeed auto!interface FastEthernet0/1no ip addressshutdownduplex autospeed auto!interface FastEthernet0/0/0description ***TO LAXIUSHUI-C2918-01 G0/24*** switchport mode trunk!interface FastEthernet0/0/1description ***TO LAXIUSHUI-C2918-02 G0/24*** switchport mode trunk!interface FastEthernet0/0/2!interface FastEthernet0/0/3!interface Serial0/1/0:0description ***TO LINAN-NE20-A ....***ip address 33.10.177.218 255.255.255.252 encapsulation pppmpls ip!interface Serial0/1/1:0description ***TO LINAN-NE20-B ....***ip address 33.10.226.218 255.255.255.252 encapsulation pppmpls ip!interface Vlan1no ip address!interface Vlan10ip vrf forwarding realtimeip address 33.10.234.97 255.255.255.248!interface Vlan20ip vrf forwarding nrtip address 33.10.234.105 255.255.255.248!interface Vlan30description management-realtimeip vrf forwarding realtimeip address 33.10.185.218 255.255.255.252ip access-group 100 in!interface Vlan40description management-nrtip vrf forwarding nrtip address 33.10.189.218 255.255.255.252!router ospf 1router-id 33.10.191.131log-adjacency-changesnetwork 33.10.177.216 0.0.0.3 area 21 network 33.10.191.131 0.0.0.0 area 21 network 33.10.226.216 0.0.0.3 area 21 !router bgp 30033bgp router-id 33.10.191.131no bgp default ipv4-unicastbgp log-neighbor-changesneighbor 500 peer-groupneighbor 500 remote-as 30033 neighbor 500 update-source Loopback0 neighbor 33.10.191.11 peer-group 500 neighbor 33.10.191.12 peer-group 500 !address-family ipv4neighbor 33.10.191.11 activate neighbor 33.10.191.12 activateno auto-summaryno synchronizationexit-address-family!address-family vpnv4neighbor 500 send-community extended neighbor 33.10.191.11 activate neighbor 33.10.191.12 activateexit-address-family!address-family ipv4 vrf realtime redistribute connectedredistribute staticno synchronizationexit-address-family!address-family ipv4 vrf nrt redistribute connectedredistribute staticno synchronizationexit-address-family!ip forward-protocol ndno ip http serverno ip http secure-server!!!!!!!!!control-plane!!!!!!!!!!line con 0line aux 0line vty 0 4exec-timeout 5 0password 7 1511021F07257A767Blogin!scheduler allocate 20000 1000end正常情况下,按照上面的配置,网络是不会有问题的,但当天做完后,发现网络不通,经检查,发现cisco 2811中每个vrf中均上存在一条缺省路由,为bgp路由是指向NE20-A 的(优选router-ID小的),这条路由是正常的。
H3C-BGP属性实例-图文
H3C-BGP属性实例-图文BGP路由属性实例AS_path属性某AS_PATH属性按一定次序记录了某条路由从本地到目的地址所要经过的所有AS号。
当BGP将一条路由通告到其他AS时,便会把本地AS号添加在AS_PATH列表的最前面。
收到此路由的BGP路由器根据AS_PATH属性就可以知道去目的地址所要经过的AS。
离本地AS最近的相邻AS号排在前面,其他AS号按顺序依次排列。
例如:某通常BGP不会接受AS_PATH中已包含本地AS号的路由,从而避免形成环路的可能.Ne某t_hop属性BGP的下一跳属性和IGP的有所不同,不一定就是邻居路由器的IP地址。
主要分以下三种情况:BGP发言者把自己产生的路由发给所有邻居时,将把该路由信息的下一跳属性设置为自己与对端连接的接口地址;如图:BGP发言者把接收到的路由发送给EBGP对等体时,将把该路由信息的下一跳属性设置为本地与对端连接的接口地址;如图:BGP发言者把从EBGP邻居得到的路由发给IBGP邻居时,并不改变路由信息的下一跳属性。
Local_pref属性Local_pref属性仅在IBGP对等体之间交换,不通告给其他AS。
它表明BGP路由器的优先级。
Local_pref属性用于判断流量离开本AS时的最佳路由。
当BGP的路由器通过不同的IBGP对等体得到目的地址相同但下一跳不同的多条路由时,将优先选择Local_pref属性值较高的路由。
如图:Med属性MED属性仅在相邻两个AS之间交换,收到此属性的AS一方不会再将其通告给任何其他第三方AS。
MED属性相当于IGP使用的度量值,它用于判断流量进入AS时的最佳路由。
当一个运行BGP的路由器通过不同的EBGP对等体得到目的地址相同但下一跳不同的多条路由时,在其它条件相同的情况下,将优先选择MED值较小者作为最佳路由。
如图:.常用BGP属性配置实例【1】BGP常用属性实例配置1.BGP基本配置要求:如下图所示:所有路由器运行BGP协议,R1与R2、R3与R4建立EBGP对等体,R2与R3建立IBGP对等体。
H3C IPV6之BGP联盟典型组网配置案例
组网说明:本案例采用H3C HCL模拟器来模拟IPV6 BGP联盟典型组网配置。
R1、R2、R3都属于同一个联盟内,联盟自治域编号为AS100,其中R1属于AS65001,R2属于AS65002,R3属于AS65003。
R1与R2建立EBGP邻居关系,R1与R3建立EBGP邻居关系。
R4属于非联盟的路由器,与R3建立EBGP邻居关系。
配置思路:1、按照网络拓扑图正确配置IP地址2、R1与R2建立EBGP邻居关系,并划分到联盟中。
3、R1与R3建立EBGP邻居关系,并划分到联盟中。
4、R3与R4建立EBGP邻居关系配置过程:R1:<H3C>sysSystem View: return to User View with Ctrl+Z.[H3C]sysname R1[R1]int loopback 1[R1-LoopBack1]ip address 1.1.1.1 32[R1-LoopBack1]quit[R1]int loopback 0[R1-LoopBack0]ipv6 address 4::1 64[R1-LoopBack0]quit[R1]int gi 0/1[R1-GigabitEthernet0/1]des <connect to R3>[R1-GigabitEthernet0/1]ipv6 address 1::1 64[R1-GigabitEthernet0/1]quit[R1]bgp 65002[R1-bgp-default]router-id 1.1.1.1[R1-bgp-default]confederation id 100[R1-bgp-default]confederation peer-as 65001 65003 [R1-bgp-default]peer 1::2 as-number 65001[R1-bgp-default]address-family ipv6 unicast[R1-bgp-default-ipv6]peer 1::2 enable[R1-bgp-default-ipv6]network 4:: 64[R1-bgp-default-ipv6]quit[R1-bgp-default]quit[R1]R2:<H3C>sysSystem View: return to User View with Ctrl+Z.[H3C]sysname R2[R2]int loopback 1[R2-LoopBack1]ip address 2.2.2.2 32[R2-LoopBack1]quit[R2]int loopback 0[R2-LoopBack0]ipv6 address 5::1 64[R2-LoopBack0]quit[R2]int gi 0/0[R2-GigabitEthernet0/0]des <connect to R3>[R2-GigabitEthernet0/0]ipv6 address 2::1 64[R2-GigabitEthernet0/0]quit[R2]bgp 65003[R2-bgp-default]router-id 2.2.2.2[R2-bgp-default]confederation id 100[R2-bgp-default]confederation peer-as 65001 65002 [R2-bgp-default]peer 2::2 as-number 65001[R2-bgp-default]address-family ipv6 unicast[R2-bgp-default-ipv6]peer 2::2 enable[R2-bgp-default-ipv6]network 5:: 64[R2-bgp-default-ipv6]quit[R2-bgp-default]quitR3:<H3C>sysSystem View: return to User View with Ctrl+Z.[H3C]sysname R3[R3]int loopback 1[R3-LoopBack1]ip address 3.3.3.3 32[R3-LoopBack1]quit[R3]int loopback 0[R3-LoopBack0]ipv6 address 6::1 64[R3-LoopBack0]quit[R3]int gi 0/1[R3-GigabitEthernet0/1]des <connect to R1>[R3-GigabitEthernet0/1]ipv6 address 1::2 64[R3-GigabitEthernet0/1]quit[R3]int gi 0/0[R3-GigabitEthernet0/0]des <connect to R2>[R3-GigabitEthernet0/0]ipv6 address 2::2 64[R3-GigabitEthernet0/0]quit[R3]int gi 0/2[R3-GigabitEthernet0/2]des <connect to R4>[R3-GigabitEthernet0/2]ipv6 address 3::1 64[R3-GigabitEthernet0/2]quit[R3]bgp 65001[R3-bgp-default]router-id 3.3.3.3[R3-bgp-default]confederation id 100[R3-bgp-default]confederation peer-as 65002 65003 [R3-bgp-default]peer 1::1 as-number 65002[R3-bgp-default]peer 2::1 as-number 65003[R3-bgp-default]peer 3::2 as-number 200[R3-bgp-default]address-family ipv6 unicast[R3-bgp-default-ipv6]peer 3::2 enable[R3-bgp-default-ipv6]peer 1::1 enable[R3-bgp-default-ipv6]peer 2::1 enable[R3-bgp-default-ipv6]import-route direct[R3-bgp-default-ipv6]network 6:: 64[R3-bgp-default-ipv6]quit[R3-bgp-default]quitR4:<H3C>sysSystem View: return to User View with Ctrl+Z.[H3C]sysname R4[R4]int loopback 1[R4-LoopBack1]ip address 4.4.4.4 32[R4-LoopBack1]quit[R4]int loopback 0[R4-LoopBack0]ipv6 address 7::1 64[R4-LoopBack0]quit[R4]int gi 0/2[R4-GigabitEthernet0/2]des <connect to R3>[R4-GigabitEthernet0/2]ipv6 address 3::2 64[R4-GigabitEthernet0/2]quit<H3C>sysSystem View: return to User View with Ctrl+Z.[H3C]sysname R4[R4]int loopback 1[R4-LoopBack1]ip address 4.4.4.4 32[R4-LoopBack1]quit[R4]int loopback 0[R4-LoopBack0]ipv6 address 7::1 64[R4-LoopBack0]quit[R4]int gi 0/2[R4-GigabitEthernet0/2]des <connect to R3>[R4-GigabitEthernet0/2]ipv6 address 3::2 64[R4-GigabitEthernet0/2]quit[R4]bgp 200[R4-bgp-default]router-id 4.4.4.4[R4-bgp-default]peer 3::1 as-number 100[R4-bgp-default]address-family ipv6 unicast[R4-bgp-default-ipv6]peer 3::1 enable[R4-bgp-default-ipv6]network 7:: 64[R4-bgp-default-ipv6]quit[R4-bgp-default]quit分别查看R1、R2、R3、R4的IPV6路由表:[R1]dis ipv6 routing-tableDestinations : 12 Routes : 12Destination: ::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: 1::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : GE0/1 Cost : 0Destination: 1::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: 2::/64 Protocol : BGP4+ NextHop : 1::2 Preference: 255 Interface : GE0/1 Cost : 0Destination: 3::/64 Protocol : BGP4+ NextHop : 1::2 Preference: 255 Interface : GE0/1 Cost : 0Destination: 4::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : Loop0 Cost : 0Destination: 4::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: 5::/64 Protocol : BGP4+ NextHop : 2::1 Preference: 255 Interface : GE0/1 Cost : 0Destination: 6::/64 Protocol : BGP4+ NextHop : 1::2 Preference: 255 Interface : GE0/1 Cost : 0Destination: 7::/64 Protocol : BGP4+ NextHop : 3::2 Preference: 255 Interface : GE0/1 Cost : 0Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : InLoop0 Cost : 0Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost : 0 [R1][R2]dis ipv6 routing-tableDestinations : 12 Routes : 12Destination: ::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: 1::/64 Protocol : BGP4+ NextHop : 2::2 Preference: 255 Interface : GE0/0 Cost : 0Destination: 2::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : GE0/0 Cost : 0Destination: 2::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: 3::/64 Protocol : BGP4+ NextHop : 2::2 Preference: 255 Interface : GE0/0 Cost : 0Destination: 4::/64 Protocol : BGP4+ NextHop : 1::1 Preference: 255 Interface : GE0/0 Cost : 0Destination: 5::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : Loop0 Cost : 0Destination: 5::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: 6::/64 Protocol : BGP4+ NextHop : 2::2 Preference: 255 Interface : GE0/0 Cost : 0Destination: 7::/64 Protocol : BGP4+ NextHop : 3::2 Preference: 255 Interface : GE0/0 Cost : 0Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : InLoop0 Cost : 0Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost : 0 [R2][R3]dis ipv6 routing-tableDestinations : 14 Routes : 14Destination: ::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: 1::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : GE0/1 Cost : 0Destination: 1::2/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: 2::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : GE0/0 Cost : 0Destination: 2::2/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: 3::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : GE0/2 Cost : 0Destination: 3::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: 4::/64 Protocol : BGP4+ NextHop : 1::1 Preference: 255 Interface : GE0/1 Cost : 0Destination: 5::/64 Protocol : BGP4+ NextHop : 2::1 Preference: 255 Interface : GE0/0 Cost : 0Destination: 6::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : Loop0 Cost : 0Destination: 6::1/128 Protocol : Direct NextHop : ::1 Preference: 0Interface : InLoop0 Cost : 0Destination: 7::/64 Protocol : BGP4+ NextHop : 3::2 Preference: 255 Interface : GE0/2 Cost : 0Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : InLoop0 Cost : 0Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost : 0 [R3][R4]dis ipv6 routing-tableDestinations : 12 Routes : 12Destination: ::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: 1::/64 Protocol : BGP4+ NextHop : 3::1 Preference: 255 Interface : GE0/2 Cost : 0Destination: 2::/64 Protocol : BGP4+ NextHop : 3::1 Preference: 255 Interface : GE0/2 Cost : 0Destination: 3::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : GE0/2 Cost : 0Destination: 3::2/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: 4::/64 Protocol : BGP4+ NextHop : 3::1 Preference: 255 Interface : GE0/2 Cost : 0Destination: 5::/64 Protocol : BGP4+NextHop : 3::1 Preference: 255 Interface : GE0/2 Cost : 0Destination: 6::/64 Protocol : BGP4+ NextHop : 3::1 Preference: 255 Interface : GE0/2 Cost : 0Destination: 7::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : Loop0 Cost : 0Destination: 7::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost : 0Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : InLoop0 Cost : 0Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost : 0 [R4]查看R1的BGP邻居信息:查看R2的BGP邻居信息:查看R3的BGP邻居信息:查看R4的BGP邻居信息:查看R1的IPV6 BGP路由表:[R1]dis bgp routing-table ipv6Total number of routes: 7BGP local router ID is 1.1.1.1Status codes: * - valid, > - best, d - dampened, h - historys - suppressed, S - stale, i - internal, e - externala - additional-pathOrigin: i - IGP, e - EGP, ? - incomplete* >i Network : 1:: PrefixLen : 64 NextHop : 1::2 LocPrf : 100 PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: (65001)?* >i Network : 2:: PrefixLen : 64 NextHop : 1::2 LocPrf : 100 PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: (65001)?* >i Network : 3:: PrefixLen : 64 NextHop : 1::2 LocPrf : 100 PrefVal : 0 OutLabel : NULLMED : 0Path/Ogn: (65001)?* > Network : 4:: PrefixLen : 64 NextHop : :: LocPrf :PrefVal : 32768 OutLabel : NULL MED : 0Path/Ogn: i* >i Network : 5:: PrefixLen : 64 NextHop : 2::1 LocPrf : 100 PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: (65001 65003)i* >i Network : 6:: PrefixLen : 64 NextHop : 1::2 LocPrf : 100 PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: (65001)i* >i Network : 7:: PrefixLen : 64 NextHop : 3::2 LocPrf : 100 PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: (65001) 200i[R1]查看R2的IPV6 BGP路由表:[R2]dis bgp routing-table ipv6Total number of routes: 7BGP local router ID is 2.2.2.2Status codes: * - valid, > - best, d - dampened, h - historys - suppressed, S - stale, i - internal, e - externala - additional-pathOrigin: i - IGP, e - EGP, ? - incomplete* >i Network : 1:: PrefixLen : 64 NextHop : 2::2 LocPrf : 100 PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: (65001)?* >i Network : 2:: PrefixLen : 64 NextHop : 2::2 LocPrf : 100 PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: (65001)?* >i Network : 3:: PrefixLen : 64 NextHop : 2::2 LocPrf : 100 PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: (65001)?* >i Network : 4:: PrefixLen : 64 NextHop : 1::1 LocPrf : 100 PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: (65001 65002)i* > Network : 5:: PrefixLen : 64 NextHop : :: LocPrf :PrefVal : 32768 OutLabel : NULL MED : 0Path/Ogn: i* >i Network : 6:: PrefixLen : 64 NextHop : 2::2 LocPrf : 100 PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: (65001)i* >i Network : 7:: PrefixLen : 64 NextHop : 3::2 LocPrf : 100 PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: (65001) 200i[R2]查看R3的IPV6 BGP路由表:[R3]dis bgp routing-table ipv6Total number of routes: 11BGP local router ID is 3.3.3.3Status codes: * - valid, > - best, d - dampened, h - historys - suppressed, S - stale, i - internal, e - externala - additional-pathOrigin: i - IGP, e - EGP, ? - incomplete* > Network : 1:: PrefixLen : 64 NextHop : :: LocPrf :PrefVal : 32768 OutLabel : NULL MED : 0Path/Ogn: ?* > Network : 1::2 PrefixLen : 128 NextHop : ::1 LocPrf :PrefVal : 32768 OutLabel : NULL MED : 0Path/Ogn: ?* > Network : 2:: PrefixLen : 64 NextHop : :: LocPrf :PrefVal : 32768 OutLabel : NULL MED : 0Path/Ogn: ?* > Network : 2::2 PrefixLen : 128 NextHop : ::1 LocPrf :PrefVal : 32768 OutLabel : NULL MED : 0Path/Ogn: ?* > Network : 3:: PrefixLen : 64 NextHop : :: LocPrf :PrefVal : 32768 OutLabel : NULL MED : 0Path/Ogn: ?* > Network : 3::1 PrefixLen : 128 NextHop : ::1 LocPrf :PrefVal : 32768 OutLabel : NULL MED : 0Path/Ogn: ?* >i Network : 4:: PrefixLen : 64 NextHop : 1::1 LocPrf : 100 PrefVal : 0 OutLabel : NULLMED : 0Path/Ogn: (65002)i* >i Network : 5:: PrefixLen : 64 NextHop : 2::1 LocPrf : 100 PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: (65003)i* > Network : 6:: PrefixLen : 64 NextHop : :: LocPrf :PrefVal : 32768 OutLabel : NULL MED : 0Path/Ogn: i* > Network : 6::1 PrefixLen : 128 NextHop : ::1 LocPrf :PrefVal : 32768 OutLabel : NULL MED : 0Path/Ogn: ?* >e Network : 7:: PrefixLen : 64 NextHop : 3::2 LocPrf :PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: 200i[R3]查看R4的IPV6 BGP路由表:[R4]dis bgp routing-table ipv6Total number of routes: 7BGP local router ID is 4.4.4.4Status codes: * - valid, > - best, d - dampened, h - historys - suppressed, S - stale, i - internal, e - externala - additional-pathOrigin: i - IGP, e - EGP, ? - incomplete* >e Network : 1:: PrefixLen : 64 NextHop : 3::1 LocPrf :PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: 100?* >e Network : 2:: PrefixLen : 64 NextHop : 3::1 LocPrf :PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: 100?* >e Network : 3:: PrefixLen : 64 NextHop : 3::1 LocPrf :PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: 100?* >e Network : 4:: PrefixLen : 64 NextHop : 3::1 LocPrf :PrefVal : 0 OutLabel : NULL MED :Path/Ogn: 100i* >e Network : 5:: PrefixLen : 64 NextHop : 3::1 LocPrf :PrefVal : 0 OutLabel : NULL MED :Path/Ogn: 100i* >e Network : 6:: PrefixLen : 64 NextHop : 3::1 LocPrf :PrefVal : 0 OutLabel : NULL MED : 0Path/Ogn: 100i* > Network : 7:: PrefixLen : 64 NextHop : :: LocPrf :PrefVal : 32768 OutLabel : NULL MED : 0Path/Ogn: i[R4]在R1使用loopback0作为源,能PING通R2、R3、R4的loopback0:在R2使用loopback0作为源,能PING通R1、R3、R4的loopback0:在R3使用loopback0作为源,能PING通R1、R2、R4的loopback0:在R4使用loopback0作为源,能PING通R1、R2、R3的loopback0:由以上测试结果可知,R1、R2、R3、R4的loopback0均可相互PING通。
BGP实验(cisco)
BGP实验(cisco)BGP 联邦○BGP 团体属性○BGP 团体cost (选路原则第0.5和第8.5条)○BGP 负载均衡(等价、非等价)○目录:AS200运行OSPF 保证全网可达,AS200中子AS 为65000、65001。
正常配置BGP :router bgp 100network 11.1.1.1 mask 255.255.255.255neighbor 12.1.1.2 remote-as 200R1:○使用子AS 号起进程:router bgp 65000配置子AS 属于那个大AS :bgp confederation identifier 200network 22.1.1.1 mask 255.255.255.255 neighbor 12.1.1.1 remote-as 100 neighbor 33.1.1.1 remote-as 65000 neighbor 33.1.1.1 update-source Loopback0 neighbor 33.1.1.1 next-hop-selfR2:○使用子AS 号起进程:router bgp 65000配置子AS 属于那个大AS :bgp confederation identifier 200配置联盟中相连AS 的AS 号:bgp confederation peers 65001network 33.1.1.1 mask 255.255.255.255 neighbor 22.1.1.1 remote-as 65000 neighbor 22.1.1.1 update-source Loopback0 neighbor 44.1.1.1 remote-as 65001使用环回口建立EBGP ,配置EBGP 多跳:neighbor 44.1.1.1 ebgp-multihop 255R3:○BGP联邦:BGP 实验(Cisco )2015年8月14日17:01neighbor 44.1.1.1 update-source Loopback0 使用子AS 号起进程:router bgp 65001配置子AS 属于那个大AS :bgp confederation identifier 200配置联盟中相连AS 的AS 号:bgp confederation peers 65000network 44.1.1.1 mask 255.255.255.255neighbor 33.1.1.1 remote-as 65000使用环回口建立EBGP ,配置EBGP 多跳:neighbor 33.1.1.1 ebgp-multihop 255neighbor 33.1.1.1 update-source Loopback0neighbor 33.1.1.1 next-hop-selfneighbor 45.1.1.5 remote-as 300R4:○正常配置BGP :router bgp 300network 55.1.1.1 mask 255.255.255.255neighbor 45.1.1.4 remote-as 200R5:○需求:R1将11.1.1.1打上100:1,R2将带100:1属性的路由增加200:2,R4将44.1.1.1打上200:2,R3将仅带有200:2属性的路由在传给R5时过滤掉。
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
BGP 配置实例CAT 1CAT1> (enable) show running-configbegin!# ***** NON-DEFA ULT CONFIGURATION *****!!#version 6.3(5)!#systemset system name CAT1set system highavailability enable!-- Enables high availability on Catalyst switch.!#vtpset vtp domain ciscoset vlan 1 name default type ethernet mtu 1500 said 100001 state active [..]set vlan 10,20!#set boot commandset boot config-register 0x2102set boot system flash bootflash:cat6000-sup.6-3-5.bin!#module 3 : 48-port 10/100BaseTX Ethernetset vlan 10 3/2!-- Port 3/2 is connected to AS10 on VLAN 10.!#module 5 : 8-port 1000BaseX Ethernetset module name 5set trunk 5/2 on isl 1-1005,1025-4094!-- Port 5/2 is connected to CAT 2 as Trunk.!#module 15 : 1-port Multilayer Switch Feature Card!-- MSFC #1 on Port 1, Mod 15.!#module 16 : 1-port Multilayer Switch Feature Card!-- MSFC #2 on Port 2, Mod 16.CAT 2CAT2 (enable) show running-configbegin!# ***** NON-DEFA ULT CONFIGURATION *****!!#version 6.3(5)!#systemset system name CAT2set system highavailability enable!-- Enables high availability on Catalyst switch.!#vtpset vtp domain ciscoset vlan 1 name default type ethernet mtu 1500 said 100001 state active set vlan 10,20!#set boot commandset boot config-register 0x2102set boot system flash bootflash:cat6000-sup.6-3-5.bin !!#module 3 : 48-port 10/100BaseTX Ethernetset vlan 20 3/3!-- Port 3/3 is connected to AS20 on VLAN 20.!#module 4 : 8-port 1000BaseX Ethernetset module name 4set trunk 4/2 on isl 1-1005,1025-4094!-- Port 4/2 is connected to CAT 1 as Trunk.!#module 15 : 1-port Multilayer Switch Feature Card !-- MSFC 1 on Port 1, Mod 15.!#module 16 : 1-port Multilayer Switch Feature Card !-- MSFC #2 on Port 2, Mod 16.MSFC Configuration on CAT1CAT1> (enable)CAT1> (enable) session 15Trying Router-15...Connected to Router-15.Escape character is '^]'.MSFC-CAT1>enableMSFC-CAT1#show running-configBuilding configuration...Current configuration : 868 bytes!version 12.1!hostname MSFC-CAT1!boot system bootflash:c6msfc2-jsv-mz.121-8b.E7 !ip subnet-zero!!!redundancy!-- This command enables redundancy.high-availability!-- This command enables high availability. single-router-mode!-- This command enables SRM.!interface Vlan10ip address 192.168.1.1 255.255.255.0!-- Interface Vlan10 is connected to AS10.!interface Vlan20ip address 192.168.2.3 255.255.255.0!-- Interface Vlan20 is connected to interface Vlan20 on CAT2 via the trunk.!router bgp 4no synchronizationbgp log-neighbor-changesnetwork 192.168.0.0 mask 255.255.0.0neighbor 192.168.1.2 remote-as 10!-- This command establishes eBGP peering with AS10.neighbor 192.168.2.1 remote-as 4!-- This command establishes iBGP peering with interface VLAN 20 on CAT2.neighbor 192.168.2.1 next-hop-self!-- This command assigns a next-hop value to 192.168.2.3 !-- for updates sent to 192.168.2.1 (the iBGP peer).!ip classlessip route 192.168.0.0 255.255.0.0 Null0MSFC Configuration on CAT2CAT2 (enable)CAT2 (enable) session 15Trying Router-15...Connected to Router-15.Escape character is '^]'.MSFC-CAT2>enableMSFC-CAT2#show running-configBuilding configuration...Current configuration : 890 bytes!version 12.1!hostname MSFC-CAT2!boot system flash bootflash:c6msfc-jsv-mz.121-8b.E7 !ip subnet-zero!!redundancy!-- This command enables redundancy.high-availability!-- This command enables high availability.single-router-mode!-- This command enables SRM.!interface Vlan10ip address 192.168.1.3 255.255.255.0!-- Interface Vlan10 connected to interface Vlan10 on CAT1 via the trunk.!interface Vlan20ip address 192.168.2.1 255.255.255.0!-- Interface Vlan20 connected to AS20.!router bgp 4no synchronizationbgp log-neighbor-changesnetwork 192.168.0.0 mask 255.255.0.0neighbor 192.168.2.2 remote-as 20!-- This command establishes eBGP peering with AS20.neighbor 192.168.2.3 remote-as 4!-- This command establishes iBGP peering with interface Vlan20 on CAT1.neighbor 192.168.2.3 next-hop-self!-- This command assigns a next-hop value to 192.168.2.1 !-- for updates sent to 192.168.2.3 (the iBGP peer).!ip classlessip route 192.168.0.0 255.255.0.0 Null0TroubleshootNow that you've verified the high availability SRM configuration, you need to verify the BGP MSFC on CAT1 and CAT2. Use the show ip bgp summary command to verify the neighbor establishment. The output below confirms successful eBGP and iBGP peering with AS10 and the CAT2 MSFC respectively.MSFC-CAT1#show ip bgp summaryBGP router identifier 192.168.2.3, local AS number 4BGP table version is 4, main routing table version 43 network entries and4 paths using 435 bytes of memory4 BGP path attribute entries using 240 bytes of memory2 BGP AS-PATH entries using 48 bytes of memory0 BGP route-map cache entries using 0 bytes of memory0 BGP filter-list cache entries using 0 bytes of memoryBGP activity 3/14 prefixes, 4/0 paths, scan interval 15 secsNeighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd192.168.1.2 4 10 90 92 4 0 0 01:26:02 1192.168.2.1 4 4 91 91 4 0 0 01:25:38 2Verify the BGP state on the active MSFC in CAT2. The output below confirms successful eBGP and iBGP peering with AS20 and CAT1 respectivelyMSFC-CAT2#show ip bgp summaryBGP router identifier 192.168.2.1, local AS number 4BGP table version is 4, main routing table version 43 network entries and4 paths using 435 bytes of memory4 BGP path attribute entries using 240 bytes of memory2 BGP AS-PATH entries using 48 bytes of memory0 BGP route-map cache entries using 0 bytes of memory0 BGP filter-list cache entries using 0 bytes of memoryBGP activity 3/0 prefixes, 4/0 paths, scan interval 15 secsNeighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd192.168.2.2 4 20 110 112 4 0 0 01:46:43 1192.168.2.3 4 4 101 101 4 0 0 01:35:09 2In the event the designated MSFC (Mod 15 on CAT1) experiences a failure, the standby MSFC (Mod 16 on CAT1) takes over the role of active MSFC. It is important to understand that with the failure of the designated MSFC and fail over to the non-designated MSFC, packet switching will continue to work with the Cisco Express Forwarding (CEF) table programmed by the old designated MSFC. The newly designated MSFC will eventually re-program the CEF table with its own entries and the old entries will expire.Failure of designated MSFC is simulated by resetting Mod 15 on CAT1 as shown below.CAT1> (enable) reset 15This command will reset module 15.Unsaved configuration on module 15 will be lostDo you want to continue (y/n) [n]? y2002 May 16 11:52:54 %SYS-5-MOD_RESET:Module 15 reset from Console//Resetting module 15...Ping traffic was generated from AS10 to a destination in AS20 during the fail over on CAT1 from designated to non-designated MSFC. Note that there was minimal packet loss during this fail over and the packet forwarding continued to work with the old CEF table programmed by the Mod 15 MSFC until the Mod 16 MSFC re-programs the CEF table with its own entries.AS10-Router#pingProtocol [ip]:Target IP address: 172.16.1.1Repeat count [5]: 1000Datagram size [100]:Timeout in seconds [2]:Extended commands [n]:Sweep range of sizes [n]:Type escape sequence to abort.Sending 1000, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!Success rate is 99 percent (999/1000), round-trip min/avg/max = 1/3/116 ms。