实验要求
![](https://img-blog.csdnimg.cn/0c9e3602c75e4fe1a541d3efbb32a028.png)
1.合理IP地址
2.AS 1 2 3 内部使用OSPF 协议 , AS 1 AS 2内部建立全互联的IBGP邻居 ,AS之间建立全部的EBGP邻居
3.PC 1 3 5 属于电信的路由,通信时必须使用电信AS 1 ;PC 2 4 6 属于联通的路由,通信时必须使用联通的 AS 2
4.若 R1-R9之间链路断开,电信的路由依然通过电信 AS 1 通信
新建拓扑
![](https://img-blog.csdnimg.cn/8c00008ba4974d18a60d1cad6f545feb.png)
配置IP地址
![](https://img-blog.csdnimg.cn/5cfb3faad990409d8f4597eaa96aee27.png)
![](https://img-blog.csdnimg.cn/8a5cedbeb59140dbb755b05c7691d38d.png)
![](https://img-blog.csdnimg.cn/bbc1ed09977c4f33a5c0fb499609bc0b.png)
![](https://img-blog.csdnimg.cn/772f19b8068848e88b93885152b94bf0.png)
![](https://img-blog.csdnimg.cn/5a12afce635945ec866a598f6bec72ae.png)
![](https://img-blog.csdnimg.cn/227ac3e2508c4f90a7f8a0203d23ee40.png)
![](https://img-blog.csdnimg.cn/886698e5616748f6b2c8fb006793eeab.png)
![](https://img-blog.csdnimg.cn/0729f4dc6b16482d840232da36ca1bbd.png)
![](https://img-blog.csdnimg.cn/b285682b05d443b2bd85387074cdfe82.png)
![](https://img-blog.csdnimg.cn/db08e946473847a0b3cbf6880760fbb1.png)
写OSPF协议,顺便修改环回接口类型
[r1]ospf 100 router-id 1.1.1.1
[r1-ospf-100-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[r1-ospf-100-area-0.0.0.0]network 10.0.15.1 0.0.0.0
[r1-ospf-100-area-0.0.0.0]network 10.1.13.1 0.0.0.0
[r1-ospf-100-area-0.0.0.0]q
[r1-ospf-100]q
[r1]int l0
[r1-LoopBack0]ospf network-type broadcast
[r3]ospf 100 router-id 3.3.3.3
[r3-ospf-100]area 0
[r3-ospf-100-area-0.0.0.0]network 10.1.13.2 0.0.0.0
[r3-ospf-100-area-0.0.0.0]network 10.0.37.1 0.0.0.0
[r3-ospf-100-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[r3-ospf-100-area-0.0.0.0]q
[r3-ospf-100]q
[r3]int l0
[r3-LoopBack0]ospf network-type broadcast
[r5]ospf 100 router-id 5.5.5.5
[r5-ospf-100]area 0
[r5-ospf-100-area-0.0.0.0]network 10.0.15.2 0.0.0.0
[r5-ospf-100-area-0.0.0.0]network 10.1.57.1 0.0.0.0
[r5-ospf-100-area-0.0.0.0]network 5.5.5.5 0.0.0.0
[r5-ospf-100-area-0.0.0.0]q
[r5-ospf-100]q
[r5]int l0
[r5-LoopBack0]ospf network-type broadcast
[r7]ospf 100 router-id 7.7.7.7
[r7-ospf-100]area 0
[r7-ospf-100-area-0.0.0.0]network 7.7.7.7 0.0.0.0
[r7-ospf-100-area-0.0.0.0]network 10.1.57.2 0.0.0.0
[r7-ospf-100-area-0.0.0.0]network 10.0.37.2 0.0.0.0
[r7-ospf-100-area-0.0.0.0]q
[r7-ospf-100]q
[r7]int l0
[r7-LoopBack0]ospf network-type broadcast
[r2]ospf 200 router-id 2.2.2.2
[r2-ospf-200]area 0
[r2-ospf-200-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[r2-ospf-200-area-0.0.0.0]network 10.0.26.1 0.0.0.0
[r2-ospf-200-area-0.0.0.0]network 10.1.24.1 0.0.0.0
[r2-ospf-200-area-0.0.0.0]q
[r2-ospf-200]q
[r2]int l0
[r2-LoopBack0]ospf network-type broadcast
[r4]ospf 200 router-id 4.4.4.4
[r4-ospf-200]area 0
[r4-ospf-200-area-0.0.0.0]network 4.4.4.4 0.0.0.0
[r4-ospf-200-area-0.0.0.0]network 10.1.24.2 0.0.0.0
[r4-ospf-200-area-0.0.0.0]network 10.0.48.1 0.0.0.0
[r4-ospf-200-area-0.0.0.0]q
[r4-ospf-200]q
[r4]int l0
[r4-LoopBack0]ospf network-type broadcast
[r6]ospf 200 router-id 6.6.6.6
[r6-ospf-200]area 0
[r6-ospf-200-area-0.0.0.0]network 6.6.6.6 0.0.0.0
[r6-ospf-200-area-0.0.0.0]network 10.0.26.2 0.0.0.0
[r6-ospf-200-area-0.0.0.0]network 10.1.68.1 0.0.0.0
[r6-ospf-200-area-0.0.0.0]q
[r6-ospf-200]
[r6]int l0
[r6-LoopBack0]ospf network-type broadcast
[r8]ospf 200 router-id 8.8.8.8
[r8-ospf-200]area 0
[r8-ospf-200-area-0.0.0.0]network 8.8.8.8 0.0.0.0
[r8-ospf-200-area-0.0.0.0]network 10.0.48.2 0.0.0.0
[r8-ospf-200-area-0.0.0.0]network 10.1.68.2 0.0.0.0
[r8-ospf-200-area-0.0.0.0]q
[r8-ospf-200]q
[r8]int l0
[r8-LoopBack0]ospf network-type broadcast
[r9]ospf 300 router-id 9.9.9.9
[r9-ospf-300]area 0
[r9-ospf-300-area-0.0.0.0]network 9.9.9.9 0.0.0.0
[r9-ospf-300-area-0.0.0.0]network 10.0.9.1 0.0.0.0
[r9-ospf-300-area-0.0.0.0]q
[r9-ospf-300]q
[r9]int l0
[r9-LoopBack0]ospf network-type broadcast
[r10]ospf 300 router-id 10.10.10.10
[r10-ospf-300]area 0
[r10-ospf-300-area-0.0.0.0]network 10.10.10.10 0.0.0.0
[r10-ospf-300-area-0.0.0.0]network 10.0.9.2 0.0.0.0
[r10-ospf-300-area-0.0.0.0]q
[r10-ospf-300]q
[r10]int l0
[r10-LoopBack0]ospf network-type broadcast
使用对等组peer group定义BGP邻居关系建立
[r1]bgp 1
[r1-bgp]router-id 1.1.1.1
[r1-bgp]peer 10.0.19.2 as-number 3
[r1-bgp]peer 10.2.12.2 as-number 2
[r1-bgp]group r1
[r1-bgp]peer r1 connect-interface l0
[r1-bgp]peer r1 next-hop-local
[r1-bgp]peer r1 advertise-community
[r1-bgp]peer 3.3.3.3 group r1
[r1-bgp]peer 5.5.5.5 group r1
[r1-bgp]peer 7.7.7.7 group r1
[r1-bgp]peer 10.0.19.2 advertise-community
[r1-bgp]peer 10.2.12.2 advertise-community
[r3]bgp 1
[r3-bgp]router-id 3.3.3.3
[r3-bgp]peer 10.2.34.2 as-number 2
[r3-bgp]group r2
[r3-bgp]peer r2 connect-interface l0
[r3-bgp]peer r2 next-hop-local
[r3-bgp]peer r2 advertise-community
[r3-bgp]peer 1.1.1.1 group r2
[r3-bgp]peer 5.5.5.5 group r2
[r3-bgp]peer 7.7.7.7 group r2
[r3-bgp]peer 10.2.34.2 advertise-community
[r5]bgp 1
[r5-bgp]router-id 5.5.5.5
[r5-bgp]peer 10.0.11.2 as-number 4
[r5-bgp]peer 10.2.56.2 as-number 2
[r5-bgp]group r5
[r5-bgp]peer r5 connect-interface l0
[r5-bgp]peer r5 next-hop-local
[r5-bgp]peer r5 advertise-community
[r5-bgp]peer 1.1.1.1 group r5
[r5-bgp]peer 3.3.3.3 group r5
[r5-bgp]peer 7.7.7.7 group r5
[r5-bgp]peer 10.0.11.2 advertise-community
[r5-bgp]peer 10.2.56.2 advertise-community
[r7]bgp 1
[r7-bgp]router-id 7.7.7.7
[r7-bgp]peer 10.2.78.2 as-number 2
[r7-bgp]peer 10.2.78.2 advertise-community
[r7-bgp]group r7
[r7-bgp]peer r7 connect-interface l0
[r7-bgp]peer r7 next-hop-local
[r7-bgp]peer r7 advertise-community
[r7-bgp]peer 1.1.1.1 group r7
[r7-bgp]peer 3.3.3.3 group r7
[r7-bgp]peer 5.5.5.5 group r7
[r2]bgp 2
[r2-bgp]router-id 2.2.2.2
[r2-bgp]peer 10.2.12.1 as-number 1
[r2-bgp]peer 10.2.12.1 advertise-community
[r2-bgp]group r2
[r2-bgp]peer r2 connect-interface l0
[r2-bgp]peer r2 next-hop-local
[r2-bgp]peer r2 advertise-community
[r2-bgp]peer 4.4.4.4 group r2
[r2-bgp]peer 6.6.6.6 group r2
[r2-bgp]peer 8.8.8.8 group r2
[r4]bgp 2
[r4-bgp]router-id 4.4.4.4
[r4-bgp]peer 10.0.10.2 as-number 3
[r4-bgp]peer 10.2.34.1 as-number 1
[r4-bgp]peer 10.2.34.1 advertise-community
[r4-bgp]peer 10.0.10.2 advertise-community
[r4-bgp]group r4
[r4-bgp]peer r4 connect-interface l0
[r4-bgp]peer r4 next-hop-local
[r4-bgp]peer r4 advertise-community
[r4-bgp]peer 2.2.2.2 group r4
[r4-bgp]peer 6.6.6.6 group r4
[r4-bgp]peer 8.8.8.8 group r4
[r6]bgp 2
[r6-bgp]router-id 6.6.6.6
[r6-bgp]peer 10.2.56.1 as-number 1
[r6-bgp]peer 10.2.56.1 advertise-community
[r6-bgp]group r6
[r6-bgp]peer r6 connect-interface l0
[r6-bgp]peer r6 next-hop-local
[r6-bgp]peer r6 advertise-community
[r6-bgp]peer 2.2.2.2 group r6
[r6-bgp]peer 4.4.4.4 group r6
[r6-bgp]peer 8.8.8.8 group r6
[r8]bgp 2
[r8-bgp]router-id 8.8.8.8
[r8-bgp]peer 10.2.78.1 as-number 1 s
[r8-bgp]peer 10.0.12.2 as-number 4
[r8-bgp]peer 10.2.78.1 advertise-community
[r8-bgp]peer 10.0.12.2 advertise-community
[r8-bgp]group r8
[r8-bgp]peer r8 connect-interface l0
[r8-bgp]peer r8 next-hop-local
[r8-bgp]peer r8 advertise-community
[r8-bgp]peer 2.2.2.2 group r8
[r8-bgp]peer 4.4.4.4 group r8
[r8-bgp]peer 6.6.6.6 group r8
[r9]bgp 3
[r9-bgp]router-id 9.9.9.9
[r9-bgp]peer 10.0.19.1 as-number 1
[r9-bgp]peer 10.0.19.1 advertise-community
[r9-bgp]peer 10.10.10.10 as-number 3
[r9-bgp]peer 10.10.10.10 next-hop-local
[r9-bgp]peer 10.10.10.10 connect-interface l0
[r9-bgp]peer 10.10.10.10 advertise-community
[r10]bgp 3
[r10-bgp]router-id 10.10.10.10
[r10-bgp]peer 9.9.9.9 as-number 3
[r10-bgp]peer 9.9.9.9 next-hop-local
[r10-bgp]peer 9.9.9.9 connect-interface l0
[r10-bgp]peer 9.9.9.9 advertise-community
[r10-bgp]peer 10.0.10.1 as-number 2
[r10-bgp]peer 10.0.10.1 advertise-community
[r11]bgp 4
[r11-bgp]router-id 11.11.11.11
[r11-bgp]peer 10.0.11.1 as-number 1
[r11-bgp]peer 10.0.11.1 advertise-community
[r11-bgp]peer 10.0.12.1 as-number 2
[r11-bgp]peer 10.0.12.1 advertise-community
![](https://img-blog.csdnimg.cn/aca5004e4e1c49549340c1f2ff2dc0cf.png)
宣告R9、R10、R11网段看路由的选路情况
[r9]bgp 3
[r9-bgp]network 10.0.1.0 24
[r9-bgp]network 10.0.2.0 24
[r10]bgp 3
[r10-bgp]network 10.0.3.0 24
[r10-bgp]network 10.0.4.0 24
[r11]bgp 4
[r11-bgp]network 10.0.5.0 24
[r11-bgp]network 10.0.6.0 24
![](https://img-blog.csdnimg.cn/e02ba89de7b64cd5b383e9a314968194.png)
使用前缀列表抓取流量,打入对应的团体属性
[r9]ip ip-prefix c1 permit 10.0.1.0 24
[r9]ip ip-prefix c1 permit 10.0.3.0 24
[r9]ip ip-prefix c2 permit 10.0.2.0 24
[r9]ip ip-prefix c2 permit 10.0.4.0 24
[r9]route-policy com permit node 10
[r9-route-policy]if-match ip-prefix c1
[r9-route-policy]apply community 100:3
[r9-route-policy]route-policy com permit node 20
[r9-route-policy]if-match ip-prefix c2
[r9-route-policy]apply community 200:3
[r9]route-policy com permit node 30
[r9]bgp 3
[r9-bgp]peer 10.0.19.1 route-policy com export
[r10]ip ip-prefix c1 permit 10.0.1.0 24
[r10]ip ip-prefix c1 permit 10.0.3.0 24
[r10]ip ip-prefix c2 permit 10.0.2.0 24
[r10]ip ip-prefix c2 permit 10.0.4.0 24
[r10]route-policy com permit node 10
[r10-route-policy]if-match ip-prefix c1
[r10-route-policy]apply community 100:3
[r10-route-policy]route-policy com permit node 20
[r10-route-policy]if-match ip-prefix c2
[r10-route-policy]apply community 200:3
[r10-route-policy]route-policy com permit node 30
[r10]bgp 3
[r10-bgp]peer 10.0.10.1 route-policy com export
PC 1 3 5 属于电信的路由,通信时必须使用电信AS 1
PC 2 4 6 属于联通的路由,通信时必须使用联通的 AS 2
[r11]ip community-filter advanced com1 permit 100:.*
[r11]ip community-filter advanced com2 permit 200:.*
[r11]route-policy com1 permit node 10
[r11-route-policy]if-match community-filter com1
[r11-route-policy]apply local-preference 105
[r11-route-policy]q
[r11]route-policy com1 permit node 20
[r11]bgp 4
[r11-bgp]peer 10.0.11.1 route-policy com1 import
[r11]route-policy com2 permit node 10
[r11-route-policy]if-match community-filter com2
[r11-route-policy]apply local-preference 110
[r11-route-policy]q
[r11]route-policy com2 permit node 20
[r11-route-policy]q
[r11]bgp 4
[r11-bgp]peer 10.0.12.1 route-policy com2 import
![](https://img-blog.csdnimg.cn/3eb7d81b4ecf4ba59c0b75f41ca4ad2d.png)
抓取pc5、pc6的流量
[r11]ip ip-prefix c1 permit 10.0.5.0 24
[r11]ip ip-prefix c2 permit 10.0.6.0 24
[r11]route-policy com3 permit node 10
[r11-route-policy]if-match ip-prefix c1
[r11-route-policy]apply community 100:4
[r11-route-policy]route-policy com3 permit node 2
[r11-route-policy]if-match ip-prefix c2
[r11-route-policy]route-policy com3 permit node 20
[r11-route-policy]apply community 200:4
[r11-route-policy]route-policy com3 permit node 30
[r11-route-policy]q
[r11]bgp 4
[r11-bgp]peer 10.0.11.1 route-policy com3 export
[r11-bgp]peer 10.0.12.1 route-policy com3 export
![](https://img-blog.csdnimg.cn/e4e283869e784759b501594c9278703a.png)
修改pc5、pc6选路情况
[r9]ip community-filter advanced hcia permit 100:.*
[r9]route-policy hcia permit node 10
[r9-route-policy]if-match community-filter hcia
[r9-route-policy]apply local-preference 200
[r9-route-policy]q
[r9]route-policy hcia permit node 20
[r9]bgp 3
[r9-bgp]peer 10.0.19.1 route-policy hcia import
[r10]ip community-filter advanced hcia permit 200.*
[r10]route-policy hcia permit node 10
[r10-route-policy]if-match community-filter hcia
[r10-route-policy]apply local-preference 200
[r10]route-policy hcia permit node 20
[r10]bgp 3
[r10-bgp]peer 10.0.10.1 route-policy hcia import
![](https://img-blog.csdnimg.cn/a766a2893f994390bafba383a9b1432c.png)
可以看到电信都走上面过
![](https://img-blog.csdnimg.cn/a036aa55e6fe498baef5a9886ab60259.png)
![](https://img-blog.csdnimg.cn/beb77bd7bde94ad8b2f9a16a194dafce.png)
可以看到联通都走下面过
![](https://img-blog.csdnimg.cn/e3f1d0d771bd47f2801d7f05391db4e0.png)
![](https://img-blog.csdnimg.cn/e08cdef9eaaa4ccfb484f2e92ae73b4c.png)
若 R1-R9之间链路断开,电信的路由依然通过电信 AS 1 通信
在R2、R4、R6、R8上修改
[r2]ip community-filter advanced hcie permit 100:.*
[r4]ip community-filter advanced hcie permit 100:.*
[r6]ip community-filter advanced hcie permit 100:.*
[r8]ip community-filter advanced hcie permit 100:.*
[r2]route-policy hcie permit node 10
[r2-route-policy]if-match community-filter hcie
[r2-route-policy]apply preferred-value 9
[r2]route-policy hcie permit node 20
[r4]route-policy hcie permit node 10
Info: New Sequence of this List.
[r4-route-policy] if-match community-filter hcie
[r4-route-policy] apply preferred-value 9
[r4-route-policy]#
[r4-route-policy]route-policy hcie permit node 20
[r6]route-policy hcie permit node 10
Info: New Sequence of this List.
[r6-route-policy] if-match community-filter hcie
[r6-route-policy] apply preferred-value 9
[r6-route-policy]#
[r6-route-policy]route-policy hcie permit node 20
[r8]route-policy hcie permit node 10
Info: New Sequence of this List.
[r8-route-policy] if-match community-filter hcie
[r8-route-policy] apply preferred-value 9
[r8-route-policy]#
[r8-route-policy]route-policy hcie permit node 20
[r2]bgp 2
[r2-bgp]peer 10.2.12.1 route-policy hcie import
[r4]bgp 2
[r4-bgp]peer 10.2.34.1 route-policy hcie import
[r6]bgp 2
[r6-bgp]peer 10.2.56.1 route-policy hcie import
[r8]bgp 2
[r8-bgp]peer 10.2.78.1 route-policy hcie import
到达5.0走的是10.2.12.1,把链路断开再看
![](https://img-blog.csdnimg.cn/da5fbe49ece54fcabd28215f38052b60.png)
可以看到链路断开,依旧会走电信
![](https://img-blog.csdnimg.cn/85922a40f5fd4b9690a482d34c60d891.png)
将电信路由传递时增加As-path,在R4上做
[r4]route-policy as permit node 10
[r4-route-policy]if-match community-filter hcie
[r4-route-policy]apply as-path 3 3 3 additive
[r4]route-policy as permit node 20
[r4]bgp 2
[r4-bgp]peer r4 route-policy as export
可以看到已经修改过来了
![](https://img-blog.csdnimg.cn/ef824a9633c949a49c17d70e2253c1bc.png)
测试
![](https://img-blog.csdnimg.cn/474f9cb5c09749fe8e97ba177c87ec77.png)
![](https://img-blog.csdnimg.cn/45e2a003853543a6917761c79ea3dc72.png)
这个时候我们就实现了,电信路由走电信,联通路由走联通,即使链路出现故障,我们还可以进行切换。
实验结束