SW1、SW2、SW3、RT1、RT2之间运行BGP协议,SW1、SW2、RT1 AS号65001、RT2 AS号65002、SW3 AS号65003
SW1、SW2、SW3、RT1、RT2之间通过loopback1建立ipv4和ipv6 BGP邻居。SW1和SW2之间财务通过loopback2建立ipv4 BGP邻居,SW1和SW2的loopback2互通采用静态路由。
- SW1、SW2、SW3、RT2分别只发布营销、法务、财务、人力等ipv4和ipv6路由;RT1发布办事处营销ipv4和ipv6路由到BGP
SW1
router bgp 65001
address- ipv4 un
netw 10.1.1.1/32
netw 10.1.12.1/24
netw 10.1.13.1/24
netw 10.1.15.1/24
exit
nei 10.1.2.1 remote-as 65001
nei 10.1.2.1 update-s 10.1.1.1
nei 10.1.2.1 next
nei 10.1.5.1 remote-as 65001
nei 10.1.5.1 update-s 10.1.1.1
nei 10.1.5.1 next
nei 10.1.3.1 remote-as 65003
nei 10.1.3.1 update-s 10.1.1.1
nei 10.1.3.1 ebgp 255
nei 10.1.6.1 remote-as 65002
nei 10.1.6.1 update-s 10.1.1.1
nei 10.1.6.1 ebgp 255
address ipv6 un
netw 2001:10:1:1::1/128
exit
nei 2001:10:1:2::1 remote- 65001
nei 2001:10:1:2::1 update 2001:10:1:1::1
nei 2001:10:1:2::1 next
nei 2001:10:1:2::1 acti
nei 2001:10:1:5::1 remote- 65001
nei 2001:10:1:5::1 update 2001:10:1:1::1
nei 2001:10:1:5::1 next
nei 2001:10:1:5::1 acti
nei 2001:10:1:3::1 remote- 65003
nei 2001:10:1:3::1 update 2001:10:1:1::1
nei 2001:10:1:3::1 ebgp 255
nei 2001:10:1:3::1 acti
nei 2001:10:1:6::1 remote- 65002
nei 2001:10:1:6::1 update 2001:10:1:1::1
nei 2001:10:1:6::1 ebgp 255
nei 2001:10:1:6::1 acti
SW2
router bgp 65001
address- ipv4 un
netw 10.1.2.1/32
netw 10.1.22.1/24
netw 10.1.23.1/24
netw 10.1.25.1/24
exit
nei 10.1.1.1 remote-as 65001
nei 10.1.1.1 update-s 10.1.2.1
nei 10.1.1.1 next
nei 10.1.5.1 remote-as 65001
nei 10.1.5.1 update-s 10.1.2.1
nei 10.1.5.1 next
nei 10.1.3.1 remote-as 65003
nei 10.1.3.1 update-s 10.1.2.1
nei 10.1.3.1 ebgp 255
nei 10.1.6.1 remote-as 65002
nei 10.1.6.1 update-s 10.1.2.1
nei 10.1.6.1 ebgp 255
address ipv6 un
netw 2001:10:1:2::1/128
exit
nei 2001:10:1:1::1 remote- 65001
nei 2001:10:1:1::1 update 2001:10:1:2::1
nei 2001:10:1:1::1 next
nei 2001:10:1:1::1 acti
nei 2001:10:1:5::1 remote- 65001
nei 2001:10:1:5::1 update 2001:10:1:2::1
nei 2001:10:1:5::1 next
nei 2001:10:1:5::1 acti
nei 2001:10:1:3::1 remote- 65003
nei 2001:10:1:3::1 update 2001:10:1:2::1
nei 2001:10:1:3::1 ebgp 255
nei 2001:10:1:3::1 acti
nei 2001:10:1:6::1 remote- 65002
nei 2001:10:1:6::1 update 2001:10:1:2::1
nei 2001:10:1:6::1 ebgp 255
nei 2001:10:1:6::1 acti
SW3
router bgp 65003
address- ipv4 un
netw 10.1.3.1/32
netw 10.1.32.1/24
netw 10.1.33.1/24
netw 10.1.35.1/24
exit
nei 10.1.1.1 remote-as 65001
nei 10.1.1.1 update-s 10.1.3.1
nei 10.1.1.1 ebgp 255
nei 10.1.5.1 remote-as 65001
nei 10.1.5.1 update-s 10.1.3.1
nei 10.1.5.1 ebgp 255
nei 10.1.2.1 remote-as 65001
nei 10.1.2.1 update-s 10.1.3.1
nei 10.1.2.1 ebgp 255
nei 10.1.6.1 remote-as 65002
nei 10.1.6.1 update-s 10.1.3.1
nei 10.1.6.1 ebgp 255
address ipv6 un
netw 2001:10:1:3::1/128
exit
nei 2001:10:1:1::1 remote- 65001
nei 2001:10:1:1::1 update 2001:10:1:3::1
nei 2001:10:1:1::1 ebgp 255
nei 2001:10:1:1::1 acti
nei 2001:10:1:5::1 remote- 65001
nei 2001:10:1:5::1 update 2001:10:1:3::1
nei 2001:10:1:5::1 ebgp 255
nei 2001:10:1:5::1 acti
nei 2001:10:1:2::1 remote- 65001
nei 2001:10:1:2::1 update 2001:10:1:3::1
nei 2001:10:1:2::1 ebgp 255
nei 2001:10:1:2::1 acti
nei 2001:10:1:6::1 remote- 65002
nei 2001:10:1:6::1 update 2001:10:1:3::1
nei 2001:10:1:6::1 ebgp 255
nei 2001:10:1:6::1 acti
RT1
router bgp 65001
address- ipv4 un
netw 10.1.5.1/32
Netw 10.1.110.1/24
exit
nei 10.1.1.1 remote-as 65001
nei 10.1.1.1 update-s l1
nei 10.1.1.1 next
nei 10.1.2.1 remote-as 65001
nei 10.1.2.1 update-s l1
nei 10.1.2.1 next
nei 10.1.3.1 remote-as 65003
nei 10.1.3.1 update-s l1
nei 10.1.3.1 ebgp 255
nei 10.1.6.1 remote-as 65002
nei 10.1.6.1 update-s l1
nei 10.1.6.1 ebgp 255
address ipv6 un
netw 2001:10:1:5::1/128
exit
nei 2001:10:1:1::1 remote- 65001
nei 2001:10:1:1::1 update l1
nei 2001:10:1:1::1 next
nei 2001:10:1:1::1 acti
nei 2001:10:1:2::1 remote- 65001
nei 2001:10:1:2::1 update l1
nei 2001:10:1:2::1 next
nei 2001:10:1:2::1 acti
nei 2001:10:1:3::1 remote- 65003
nei 2001:10:1:3::1 update l1
nei 2001:10:1:3::1 ebgp 255
nei 201:10:1:3::1 acti
nei 2001:10:1:6::1 remote- 65002
nei 2001:10:1:6::1 update l1
nei 2001:10:1:6::1 ebgp 255
nei 2001:10:1:6::1 acti
RT2
router bgp 65002
address- ipv4 un
netw 10.1.6.1/32
exit
nei 10.1.1.1 remote-as 65001
nei 10.1.1.1 update-s l1
nei 10.1.1.1 ebgp 255
nei 10.1.5.1 remote-as 65001
nei 10.1.5.1 update-s l1
nei 10.1.5.1 ebgp 255
nei 10.1.2.1 remote-as 65001
nei 10.1.2.1 update-s l1
nei 10.1.2.1 ebgp 255
nei 10.1.3.1 remote-as 65003
nei 10.1.3.1 update-s l1
nei 10.1.3.1 ebgp 255
address ipv6 un
netw 2001:10:1:6::1/128
exit
nei 2001:10:1:1::1 remote- 65001
nei 2001:10:1:1::1 update l1
nei 2001:10:1:1::1 ebgp 255
nei 2001:10:1:1::1 acti
nei 2001:10:1:5::1 remote- 65001
nei 2001:10:1:5::1 update l1
nei 2001:10:1:5::1 ebgp 255
nei 2001:10:1:5::1 acti
nei 2001:10:1:2::1 remote- 65001
nei 2001:10:1:2::1 update l1
nei 2001:10:1:2::1 ebgp 255
nei 2001:10:1:2::1 acti
nei 2001:10:1:3::1 remote- 65002
nei 2001:10:1:3::1 update l1
nei 2001:10:1:3::1 ebgp 255
nei 2001:10:1:3::1 acti
SW3营销分别与SW1和SW2营销ipv4和ipv6互访优先在SW3_SW1链路转发;SW3法务及人力分别与SW1和SW2法务及人力ipv4和ipv6互访优先在SW3_SW2链路转发,主备链路相互备份;用prefix-list、route-map和BGP路径属性进行选路,新增AS 65000
SW1
ip prefix-list fwrl seq 15 permit 10.1.22.1/24
ip prefix-list fwrl seq 20 permit 10.1.32.1/24
ip prefix-list yx seq 10 permit 10.1.33.1/24
!
ipv6 prefix-list fwrlv6 seq 10 permit 2001:10:1:22::1/64
ipv6 prefix-list fwrlv6 seq 15 permit 2001:10:1:32::1/64
ipv6 prefix-list yxv6 seq 5 permit 2001:10:1:33::1/64
!
route-map yx permit 10
match ip address prefix-list yx
set as-path prepend 65000
set metric 1
!
route-map fwrl permit 15
match ip address prefix-list fwrl
set as-path prepend 65000
set metric 100
!
route-map yxv6 permit 10
match ipv6 address prefix-list yxv6
set as-path prepend 65000
set metric 1
!
route-map fwrlv6 permit 15
match ipv6 address prefix-list fwrlv6
set as-path prepend 65000
set metric 100
!
Router bgp 65001
neighbor 10.1.3.1 route-map yx in
neighbor 2001:10:1:3::1 route-map yxv6 in
neighbor 10.1.2.1 route-map fwrl in
neighbor 2001:10:1:2::1 route-map fwrlv6 in
SW2
ip prefix-list fwrl seq 10 permit 10.1.32.1/24
ip prefix-list yx seq 20 permit 10.1.33.1/24
ip prefix-list yx seq 20 permit 10.1.13.1/24
!
ipv6 prefix-list fwrlv6 seq 5 permit 2001:10:1:32::1/64
ipv6 prefix-list yxv6 seq 15 permit 2001:10:1:33::1/64
ipv6 prefix-list yxv6 seq 15 permit 2001:10:1:13::1/64
!
route-map yx permit 15
match ip address prefix-list yx
set as-path prepend 65000
set metric 100
!
route-map fwrl permit 5
match ip address prefix-list fwrl
set as-path prepend 65000
set metric 1
!
route-map yxv6 permit 15
match ipv6 address prefix-list yxv6
set as-path prepend 65000
set metric 100
!
route-map fwrlv6 permit 5
match ipv6 address prefix-list fwrlv6
set as-path prepend 65000
set metric 1
!
Router bgp 65001
neighbor 10.1.3.1 route-map fwrl in
neighbor 2001:10:1:3::1 route-map fwrlv6 in
neighbor 10.1.1.1 route-map yx in
neighbor 2001:10:1:1::1 route-map yxv6 in
SW3
ip prefix-list fwrl seq 10 permit 10.1.22.1/24
ip prefix-list fwrl seq 10 permit 10.1.25.1/24
ip prefix-list yx seq 10 permit 10.1.13.1/24
!
ipv6 prefix-list fwrlv6 seq 5 permit 2001:10:1:22::1/64
ipv6 prefix-list fwrlv6 seq 5 permit 2001:10:1:25::1/64
ipv6 prefix-list yxv6 seq 5 permit 2001:10:1:13::1/64
!
route-map yx permit 15
match ip address prefix-list yx
set as-path prepend 65000
set metric 1
!
route-map fwrl permit 15
match ip address prefix-list fwrl
set as-path prepend 65000
set metric 1
!
route-map yxv6 permit 15
match ipv6 address prefix-list yxv6
set as-path prepend 65000
set metric 1
!
route-map fwrlv6 permit 15
match ipv6 address prefix-list fwrlv6
set as-path prepend 65000
set metric 1
!
Router bgp 65003
neighbor 10.1.2.1 route-map fwrl in
neighbor 2001:10:1:2::1 route-map fwrlv6 in
neighbor 10.1.1.1 route-map yx in
neighbor 2001:10:1:1::1 route-map yxv6 in
利用BGP MPLS VPN技术,RT1与RT2以太链路间运行多协议标签交换、标签分发协议。RT1与RT2间创建财务VPN实例,名称为Finance,RT1的RD值为1:1,export rt值为1:2,import rt值为2:1;RT2的RD值为2:2。通过两端loopback1建立VPN邻居,分别实现两端loopback5 ipv4互通和ipv6互通
RT1
ipv6 vrf Finance
rd 1:1
route-target import 2:1
route-target export 1:2
!
!
ip vrf Finance
rd 1:1
route-target export 1:2
route-target import 2:1
!
Router bgp 65001
address-family vpnv4
neighbor 10.1.6.1 activate
neighbor 10.1.6.1 send-community extended
exit-address-family
address-family vpnv6
neighbor 2001:10:1:6::1 activate
neighbor 2001:10:1:6::1 send-community extended
exit-address-family
address-family ipv4 vrf Finance
no synchronization
network 10.1.5.5/32
exit-address-family
address-family ipv6 vrf Finance
no synchronization
network 2001:10:1:5::5/128
exit-address-family
!
RT2
No ipv6 vrf Finance
No ip vrf Finance
ipv6 vrf Finance
rd 2:2
route-target import 2:1
route-target export 1:2
!
!
ip vrf Finance
rd 2:2
route-target export 1:2
route-target import 2:1
!
Router bgp 65002
No address-fa vpnv4
No address-fa ipv4 vrf Finance
No address-f vpnv6
No address-f ipv6 vrf Finance
address-family vpnv4
neighbor 10.1.5.1 activate
neighbor 10.1.5.1 send-community extended
exit-address-family
address-family vpnv6
neighbor 2001:10:1:5::1 activate
neighbor 2001:10:1:5::1 send-community extended
exit-address-family
address-family ipv4 vrf Finance
no synchronization
network 10.1.6.5/32
exit-address-family
address-family ipv6 vrf Finance
no synchronization
network 2001:10:1:6::5/128
exit-address-family
!
RT1
Mpls ip
Mpls ldp nei 10.1.6.1
Mpls ldp router-id 10.1.5.1
Int g 0/0
Mpls ip
Mpls ldp ena
RT2
Mpls ip
Mpls ldp nei 10.1.5.1
Mpls router-id 10.1.6.1
Int g 0/0
Mpls ip
Mpls ldp ena