本次練習是參考Cisco網路學院
CCNP1 Building Scalable Internetworks v5.0
Student Lab Manual
我將它轉成Dynamips的設定檔 並寫下自己的實驗紀錄
Dynamips的設定檔:
##################################################
#
# For CCNP1 Building Scalable Internetworks v5.0
# Lab 6_7_3
#
##################################################
autostart=false
[localhost:7200]
workingdir = /opt/dynamips/dynagen-0.10.1/UTS/CCNP1/Week05/workingconfig/
[[3640]]
# Specify 3640 IOS image on Windows here:
# image = C:Program FilesDynamipsimagesc3640-jk9o3s-mz.123-14.T7.extracted.bin
# Specify 3640 IOS image on Linux here:
image = /opt/dynamips/images/c3640-jk.bin
ram = 128
disk0 = 0
disk1 = 0
# Choose an idlepc value from the below
idlepc = 0x605ac7b8
mmap = true
ghostios = true
confreg = 0x2102
###########################
#
# Define router instances 1
#
###########################
[[Router R1]]
model = 3640
console = 2001
slot0 = NM-4T
S0/1 = R3 S0/0
[[Router R2]]
model = 3640
console = 2002
slot0 = NM-4T
S0/0 = R1 S0/0
S0/1 = R3 S0/1
[[Router R3]]
model = 3640
console = 2003
slot0 = NM-4T
這Lab學習目標為
In this lab, you will configure both IBGP and EBGP. For IBGP peers in this lab to correctly exchange routing information, the next-hop-self command must be used along with the Local-Preference and MED attributes. This is to insure that the flat-rate, unlimited-use T1 link is used for sending and receiving data to and from the AS 200 on ISP. The metered T1 should only be used in the event that the primary T1 link has failed. Traffic sent across the metered T1 link offers the same bandwidth of the primary link but at a huge expense. Ensure that this link is not used unnecessarily.
我的設定是
1. Assign IP Addresses
ISP:
hostname ISP
!
no ip domain lookup
!
interface Loopback0
ip address 192.168.100.1 255.255.255.0
!
interface Serial0/0
ip address 192.168.1.5 255.255.255.252
no shutdown
!
interface Serial0/1
ip address 192.168.1.1 255.255.255.252
no shutdown
!
line con 0
exec-timeout 0 0
logging synchronous
!
end
SanJose1:
hostname SanJose1
!
no ip domain lookup
!
interface Loopback0
ip address 172.16.64.1 255.255.255.0
!
interface Serial0/0
ip address 192.168.1.6 255.255.255.252
no shutdown
!
interface Serial0/1
ip address 172.16.1.1 255.255.255.0
no shutdown
!
line con 0
exec-timeout 0 0
logging synchronous
!
end
SanJose2:
hostname SanJose2
!
no ip domain lookup
!
interface Loopback0
ip address 172.16.32.1 255.255.255.0
!
interface Serial0/0
ip address 192.168.1.2 255.255.255.252
no shutdown
!
interface Serial0/1
ip address 172.16.1.2 255.255.255.0
no shutdown
!
line con 0
exec-timeout 0 0
logging synchronous
!
end
2. Configure EIGRP
SanJose1-2:
router eigrp 64512
network 172.16.0.0
no auto-summary
3. Configure IBGP
Configure IBGP between the SanJose1 and SanJose2 routers
SanJose1:
router bgp 64512
neighbor 172.16.32.1 remote-as 64512
neighbor 172.16.32.1 update-source Loopback0
SanJose2:
router bgp 64512
neighbor 172.16.64.1 remote-as 64512
neighbor 172.16.64.1 update-source Loopback0
4. Verify BGP Neighbors
SanJose2:
show ip bgp neighbors
5. Configure EBGP
Configure ISP to run EBGP with SanJose1 and SanJose2.
ISP:
router bgp 200
network 192.168.100.0
neighbor 192.168.1.2 remote-as 64512
neighbor 192.168.1.6 remote-as 64512
6. View BGP Summary Output
Configure SanJose1 as an EBGP peer to ISP:
SanJose1:
ip route 172.16.0.0 255.255.0.0 Null0
!
router bgp 64512
network 172.16.0.0
neighbor 192.168.1.5 remote-as 200
!
show ip bgp neighbors
7. View BGP Summary Output
Configure SanJose2 as an EBGP peer to ISP:
SanJose2:
ip route 172.16.0.0 255.255.0.0 Null0
!
router bgp 64512
network 172.16.0.0
neighbor 192.168.1.1 remote-as 200
!
show ip bgp summary
8. Verify Which Path Traffic Takes
You should see successful pings to each IP address on SanJose2 router. Ping attempts to 172.16.64.1 and 172.16.1.1 should fail.
ISP:
show ip bgp
The ISP router should be able to get to each network connected to SanJose1 and SanJose2 from the loopback address 192.168.100.1.
ISP#ping
Protocol [ip]:
Target IP address: 172.16.64.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 192.168.100.1
9. BGP Next-Hop_Self
ISP:
router bgp 200
network 192.168.1.0 mask 255.255.255.252
network 192.168.1.4 mask 255.255.255.252
!
clear ip bgp *
!
show ip bgp
SanJose1:
router bgp 64512
neighbor 172.16.32.1 next-hop-self
!
clear ip bgp *
SanJose2:
router bgp 64512
neighbor 172.16.64.1 next-hop-self
!
clear ip bgp *
10. Set BGP Local Preference
Configure a simple route map that references the local preference value on SanJose1 and SanJose2. This policy adjusts outbound traffic to prefer the link off the SanJose1 router instead of the metered T1 off SanJose2.
SanJose1:
route-map Primary_T1_In permit 10
set local-preference 150
!
router bgp 64512
neighbor 192.168.1.5 route-map Primary_T1_In in
!
clear ip bgp *
SanJose2:
route-map Secondary_T1_In permit 10
set local-preference 125
!
router bgp 64512
neighbor 192.168.1.1 route-map Secondary_T1_In in
!
clear ip bgp *
11. Set BGP MED
The next step is to create a new policy to force router ISP to return all traffic via SanJose1. Create a second route map utilizing the MED (metric) that is shared between EBGP neighbors.
SanJose1:
route-map Primary_T1_MED_Out permit 10
set metric 50
!
router bgp 64512
neighbor 192.168.1.5 route-map Primary_T1_Med_Out out
!
clear ip bgp *
SanJose2:
route-map Secondary_T1_MED_Out permit 10
set metric 75
!
router bgp 64512
neighbor 192.168.1.1 route-map Secondary_T1_MED_Out out
!
clear ip bgp *
12. Establish a Default Network
Configure both SanJose1 and SanJose2 to use the 192.168.100.0 /24 network
as the default network.
SanJose1-2:
ip default-network 192.168.100.0
!
Clear ip bgp *
Final Configurations
ISP Configuration:
hostname ISP
!
no ip domain lookup
!
interface Loopback0
ip address 192.168.100.1 255.255.255.0
!
interface Serial0/0
ip address 192.168.1.5 255.255.255.252
no shutdown
!
interface Serial0/1
ip address 192.168.1.1 255.255.255.252
no shutdown
!
router bgp 200
no synchronization
network 192.168.1.0 mask 255.255.255.252
network 192.168.1.4 mask 255.255.255.252
network 192.168.100.0
neighbor 192.168.1.2 remote-as 64512
neighbor 192.168.1.6 remote-as 64512
no auto-summary
!
line con 0
exec-timeout 0 0
logging synchronous
!
end
SanJose1 Configuration:
hostname SanJose1
!
no ip domain lookup
!
interface Loopback0
ip address 172.16.64.1 255.255.255.0
!
interface Serial0/0
ip address 192.168.1.6 255.255.255.252
no shutdown
!
interface Serial0/1
ip address 172.16.1.1 255.255.255.0
no shutdown
!
router eigrp 64512
network 172.16.0.0
no auto-summary
!
router bgp 64512
no synchronization
network 172.16.0.0
neighbor 172.16.32.1 remote-as 64512
neighbor 172.16.32.1 update-source Loopback0
neighbor 172.16.32.1 next-hop-self
neighbor 192.168.1.5 remote-as 200
neighbor 192.168.1.5 route-map Primary_T1_In in
neighbor 192.168.1.5 route-map Primary_T1_Med_Out out
no auto-summary
!
ip default-network 192.168.100.0
!
ip route 172.16.0.0 255.255.0.0 Null0
!
route-map Primary_T1_In permit 10
set local-preference 150
!
route-map Primary_T1_MED_Out permit 10
set metric 50
!
line con 0
exec-timeout 0 0
logging synchronous
!
end
SanJose2 Configuration:
hostname SanJose2
!
no ip domain lookup
!
interface Loopback0
ip address 172.16.32.1 255.255.255.0
!
interface Serial0/0
ip address 192.168.1.2 255.255.255.252
no shutdown
!
interface Serial0/1
ip address 172.16.1.2 255.255.255.0
no shutdown
!
router eigrp 64512
network 172.16.0.0
no auto-summary
!
router bgp 64512
no synchronization
network 172.16.0.0
neighbor 172.16.64.1 remote-as 64512
neighbor 172.16.64.1 update-source Loopback0
neighbor 172.16.64.1 next-hop-self
neighbor 192.168.1.1 remote-as 200
neighbor 192.168.1.1 route-map Secondary_T1_In in
neighbor 192.168.1.1 route-map Secondary_T1_MED_Out out
no auto-summary
!
ip default-network 192.168.100.0
!
ip route 172.16.0.0 255.255.0.0 Null0
!
route-map Secondary_T1_In permit 10
set local-preference 125
!
route-map Secondary_T1_MED_Out permit 10
set metric 75
!
line con 0
exec-timeout 0 0
logging synchronous
!
end
參考資料:
Cisco網路學院 http://www.cisco.com/web/learning/netacad/index.html
CCNP1 Building Scalable Internetworks v5.0
Student Lab Manual
最初發表 / 最後更新: 2008.04.28 / 2018.05.31
0 comments:
張貼留言