首页 > 其他分享 >MPLS解决BGP路由黑洞

MPLS解决BGP路由黑洞

时间:2023-09-05 23:01:08浏览次数:37  
标签:peer default MPLS BGP 255.255 user interface local 路由

MPLS解决BGP路由黑洞_ci

需求

1、as200TCP连接采用isis

2、r3不配置BGP

3、在R1上发布1.1.1.1,在r5上发布5.5.5.5

4、通过route recursive-lookup tunnel,解决BGP黑洞

配置

R1

<r1>display current-configuration  

[V200R003C00]

#

sysname r1

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent  

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

drop illegal-mac alarm

#

wlan ac-global carrier id other ac id 0

#

set cpu-usage threshold 80 restore 75

#

aaa  

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default  

domain default_admin  

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 12.1.1.1 255.255.255.0  

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 1.1.1.1 255.255.255.255  

#

bgp 100

router-id 1.1.1.1

undo default ipv4-unicast

peer 12.1.1.2 as-number 200  

#

ipv4-family unicast

 undo synchronization

 network 1.1.1.1 255.255.255.255  

 peer 12.1.1.2 enable

#

user-interface con 0

authentication-mode password

idle-timeout 0 0

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

<r1>

R2

<r2>display current-configuration  

[V200R003C00]

#

sysname r2

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent  

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

drop illegal-mac alarm

#

wlan ac-global carrier id other ac id 0

#

set cpu-usage threshold 80 restore 75

#

mpls lsr-id 2.2.2.2

mpls

#

mpls ldp

#

#

aaa  

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default  

domain default_admin  

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

isis 100

is-level level-2

network-entity 49.0001.0020.0200.2002.00

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 12.1.1.2 255.255.255.0  

isis enable 100

#

interface GigabitEthernet0/0/1

ip address 23.1.1.2 255.255.255.0  

isis enable 100

mpls

mpls ldp

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 2.2.2.2 255.255.255.255  

isis enable 100

#

bgp 200

router-id 2.2.2.2

undo default ipv4-unicast

peer 4.4.4.4 as-number 200  

peer 4.4.4.4 connect-interface LoopBack0

peer 12.1.1.1 as-number 100  

#

ipv4-family unicast

 undo synchronization

 peer 4.4.4.4 enable

 peer 4.4.4.4 next-hop-local  

 peer 12.1.1.1 enable

#

route recursive-lookup tunnel

#

user-interface con 0

authentication-mode password

idle-timeout 0 0

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

<r2>

R3

<r3>display current-configuration  

[V200R003C00]

#

sysname r3

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent  

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

drop illegal-mac alarm

#

wlan ac-global carrier id other ac id 0

#

set cpu-usage threshold 80 restore 75

#

mpls lsr-id 3.3.3.3

mpls

#

mpls ldp

#

#

aaa  

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default  

domain default_admin  

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

isis 100

is-level level-2

network-entity 49.0001.0030.0300.3003.00

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 23.1.1.3 255.255.255.0  

isis enable 100

mpls

mpls ldp

#

interface GigabitEthernet0/0/1

ip address 34.1.1.3 255.255.255.0  

isis enable 100

mpls

mpls ldp

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 3.3.3.3 255.255.255.255  

isis enable 100

#

user-interface con 0

authentication-mode password

idle-timeout 0 0

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

<r3>

R4

<r4>display current-configuration  

[V200R003C00]

#

sysname r4

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent  

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

drop illegal-mac alarm

#

wlan ac-global carrier id other ac id 0

#

set cpu-usage threshold 80 restore 75

#

mpls lsr-id 4.4.4.4

mpls

#

mpls ldp

#

#

aaa  

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default  

domain default_admin  

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

isis 100

is-level level-2

network-entity 49.0001.0040.0400.4004.00

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 34.1.1.4 255.255.255.0  

isis enable 100

isis dis-priority 100

mpls

mpls ldp

#

interface GigabitEthernet0/0/1

ip address 45.1.1.4 255.255.255.0  

isis enable 100

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 4.4.4.4 255.255.255.255  

isis enable 100

#

bgp 200

router-id 4.4.4.4

undo default ipv4-unicast

peer 2.2.2.2 as-number 200  

peer 2.2.2.2 connect-interface LoopBack0

peer 45.1.1.5 as-number 300  

#

ipv4-family unicast

 undo synchronization

 peer 2.2.2.2 enable

 peer 2.2.2.2 next-hop-local  

 peer 45.1.1.5 enable

#

route recursive-lookup tunnel

#

user-interface con 0

authentication-mode password

idle-timeout 0 0

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

<r4>

R5

<r5>display current-configuration  

[V200R003C00]

#

sysname r5

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent  

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load flash:/portalpage.zip

#

drop illegal-mac alarm

#

wlan ac-global carrier id other ac id 0

#

set cpu-usage threshold 80 restore 75

#

aaa  

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default  

domain default_admin  

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface GigabitEthernet0/0/0

ip address 45.1.1.5 255.255.255.0  

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

interface LoopBack0

ip address 5.5.5.5 255.255.255.255  

#

bgp 300

undo default ipv4-unicast

peer 45.1.1.4 as-number 200  

#

ipv4-family unicast

 undo synchronization

 network 5.0.0.0  

 network 5.5.5.5 255.255.255.255  

 peer 45.1.1.4 enable

#

user-interface con 0

authentication-mode password

idle-timeout 0 0

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

<r5>

特别注意事项,

MPLS解决BGP路由黑洞_Standard_02

以上接口都需要配置为isis,IBGP采用环回接口建立邻居peer

MPLS解决BGP路由黑洞_ci_03

这两台设备需要配置:peer 4.4.4.4 next-hop-local,根据BGP水平分割的原理,只能传给相邻设备,不能传送给间隔设别,同时两端还需要配置route recursive-lookup tunnel

标签:peer,default,MPLS,BGP,255.255,user,interface,local,路由
From: https://blog.51cto.com/u_13560030/7380872

相关文章

  • 记一次PHP路由审计
    本篇文章作者幽壑,本文属i春秋原创奖励计划,未经许可禁止转载。https://bbs.ichunqiu.com/thread-63544-1-1.html记一次PHP路由审计工具:Seay源代码审计系统0x1反射型xss首先进行一个自动化扫描,根据结果进行跟进排查跟进/user/tpl/_user_import.php文件可以看到直接输出了......
  • 9个视图子类,视图类,视图集,ViewSetMixin, drf之路由
    1.9个视图子类fromrest_framework.genericsimportListAPIView,CreateAPIView,ListCreateAPIViewfromrest_framework.genericsimportRetrieveAPIView,DestroyAPIView,UpdateAPIViewfromrest_framework.genericsimportRetrieveUpdateDestroyAPIView,RetrieveDes......
  • 9个视图子类、视图集、drf之路由
    9个视图子类fromrest_framework.genericsimportListAPIView,CreateAPIView,ListCreateAPIViewfromrest_framework.genericsimportRetrieveAPIView,DestroyAPIView,UpdateAPIViewfromrest_framework.genericsimportRetrieveUpdateDestroyAPIView,RetrieveDestroy......
  • 基本路由
    基本路由路由是指确定应用程序如何响应对特定终结点的客户端请求,该终结点是URI(或路径)和特定的HTTP请求方法(GET、POST等)。每个路由可以有一个或多个处理程序函数,这些函数在路由匹配时执行。路由定义采用以下结构:app.METHOD(PATH,HANDLER)哪里:app是的实例。expressMET......
  • vue--day77--路由的简介
    1.vue-router的理解vue的一个插件库专门用来实现SPA应用2.SPA应用的理解单页web应用,(singlepagewebapplication SPA)整个页面只有一个完整的页面点击页面中的导航链接不会刷新页面只会做页面的局部更新数据需要通过ajax请求获取3.路由的理解1.理解:一个路由......
  • IRIS路由注册(接路由底层分析)
    IRIS路由注册实例化完Application对象,接着就是路由注册了。也就是类似下面的代码  看看api.Get 实现我们主要看app.Get("/home",HomeHandler)这个函数的实现。进入该Get函数的源码,发现调用者是APIBuilder结构体,如下:这是因为在Application结构体中嵌套了router.APIBuild......
  • 这才是BGP的聚合!!!
    BGP聚合:作用:减少肯干路由器路由条目;提高肯干稳定减少震荡分类:第三项选路:手动>自动>自己network>自2import>从其他邻居学习到的1.自动聚合:summaryautomatic公认任意只能聚合本台设备引入的,对自己network和其他设备引入的路由无效聚合后会产生一条、有类的聚合后的路由聚......
  • VRRP+单臂路由
    需求1、PC1为vlan10,ip10.1.1.10,pc2为vlan20,ip20.1.1.202、sw1交换机为接入交换机,g0/0/1、g0/0/2端口为trunk,创建van10、203、AR2\AR3,为单臂路由,同时负载均衡,使用vrrp技术配置内容交换机SW1:<sw1>displaycurrent-configuration #sysnamesw1#vlanbatch1020#clusterena......
  • 动态路由协议
    动态路由协议(1)RIP:路由信息协议(2)OSPF:开放式最短路径优先协议(3)IS-IS:中间系统到中间系统(4)BGP:边界网关协议95.衡量动态路由协议的一些指标(1)正确性(2)快收敛(3)低开销(4)安全性(5)普适性96.RIP跳数:15(跳数大于等于16,则路由不可达)97.使用UDP进行路由信息的交互(1)UDP目标端......
  • 24 路由器,交换机,IP,DNS,子网掩码,网关
    昨天有同志遇到了电脑连接问题,他是在一个大型局域网中,他们的网络交换机没打开自动分配IP的功能,所以IP地址都是手动配置,期间遇到了子网掩码,IP地址,网关,DNS服务器等概念,逐一记录,希望能让所有人看懂。一、交换机主要功能为端口拓展,让你有更多网络端口,扩大局域网接入点。。工作在TCPI......