溫馨提示×

溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊×
其他方式登錄
點(diǎn)擊 登錄注冊 即表示同意《億速云用戶服務(wù)條款》

50、BGP配置實(shí)驗(yàn)之社團(tuán)屬性community

發(fā)布時(shí)間:2020-06-08 04:29:56 來源:網(wǎng)絡(luò) 閱讀:1620 作者:開源殿堂 欄目:網(wǎng)絡(luò)安全

1、社團(tuán)屬性community解析

50、BGP配置實(shí)驗(yàn)之社團(tuán)屬性community

BGP社團(tuán)屬性community:

可開啟:BGP社團(tuán)屬性community為可選屬性,默認(rèn)不識別。可通過命令開啟:neighbor x.x.x.x send-community

傳遞性:BGP社團(tuán)屬性community只在鄰居有效,鄰居的鄰居不再有效,想要傳遞到鄰居的鄰居需配置neighbor x.x.x.x send-community


修改BGP社團(tuán)屬性community步驟:


ip prefix-list 1 permit 1.1.1.0/24

route-map COM permit 10

 match ip address prefix-list 1

 set community no-advertise 不傳給BGP鄰居

 set community no-export不傳出大AS

 set community local-AS 不傳出小AS

route-map COM permit 20

router bgp 1

 neighbor 12.1.1.2 send-community

 neighbor 12.1.1.2 route-map COM out


2、實(shí)驗(yàn)拓?fù)?/p>

50、BGP配置實(shí)驗(yàn)之社團(tuán)屬性community

3、基礎(chǔ)配置

R1配置

interface Loopback0

 ip address 1.1.1.1 255.255.255.0

interface Serial0/0

 ip address 12.1.1.1 255.255.255.0

router bgp 1

 no synchronization

 bgp router-id 1.1.1.1

 network 1.1.1.0 mask 255.255.255.0

 neighbor 12.1.1.2 remote-as 2

 neighbor 12.1.1.2 send-community

 no auto-summary


R2配置

interface Loopback0

 ip address 2.2.2.2 255.255.255.0

interface Serial0/0

 ip address 12.1.1.2 255.255.255.0

interface Serial0/1

 ip address 23.1.1.2 255.255.255.0

router ospf 110

 router-id 2.2.2.2

 network 2.2.2.0 0.0.0.255 area 0

 network 23.1.1.0 0.0.0.255 area 0

router bgp 64512

 no synchronization

 bgp router-id 2.2.2.2

 bgp confederation identifier 2

 neighbor 3.3.3.3 remote-as 64512

 neighbor 3.3.3.3 update-source Loopback0

 neighbor 3.3.3.3 next-hop-self

 neighbor 12.1.1.1 remote-as 1

 neighbor 3.3.3.3 send-community

 no auto-summary


R3配置

interface Loopback0

 ip address 3.3.3.3 255.255.255.0

interface Serial0/0

 ip address 34.1.1.3 255.255.255.0

interface Serial0/1

 ip address 23.1.1.3 255.255.255.0

router ospf 110

 router-id 3.3.3.3

 network 3.3.3.0 0.0.0.255 area 0

 network 23.1.1.0 0.0.0.255 area 0

 network 34.1.1.0 0.0.0.255 area 0

router bgp 64512

 no synchronization

 bgp router-id 3.3.3.3

 bgp confederation identifier 2

 bgp confederation peers 64513 

 neighbor 2.2.2.2 remote-as 64512

 neighbor 2.2.2.2 update-source Loopback0

 neighbor 4.4.4.4 remote-as 64513

 neighbor 4.4.4.4 ebgp-multihop 255

 neighbor 4.4.4.4 update-source Loopback0

 neighbor 4.4.4.4 send-community 

 no auto-summary


R4配置

interface Loopback0

 ip address 4.4.4.4 255.255.255.0

interface Serial0/0

 ip address 34.1.1.4 255.255.255.0

interface Serial0/1

 ip address 45.1.1.4 255.255.255.0

router ospf 110

 router-id 4.4.4.4

 network 4.4.4.0 0.0.0.255 area 0

 network 34.1.1.0 0.0.0.255 area 0

 network 45.1.1.0 0.0.0.255 area 0

router bgp 64513

 no synchronization

 bgp router-id 4.4.4.4

 bgp confederation identifier 2

 bgp confederation peers 64512 

 neighbor 3.3.3.3 remote-as 64512

 neighbor 3.3.3.3 ebgp-multihop 255

 neighbor 3.3.3.3 update-source Loopback0

 neighbor 5.5.5.5 remote-as 64513

 neighbor 5.5.5.5 update-source Loopback0

 neighbor 5.5.5.5 send-community 

 no auto-summary


R5配置

interface Loopback0

 ip address 5.5.5.5 255.255.255.0

interface Serial0/0

 ip address 56.1.1.5 255.255.255.0

interface Serial0/1

 ip address 45.1.1.5 255.255.255.0

router ospf 110

 router-id 5.5.5.5

 network 5.5.5.0 0.0.0.255 area 0

 network 45.1.1.0 0.0.0.255 area 0

router bgp 64513

 no synchronization

 bgp router-id 5.5.5.5

 bgp confederation identifier 2

 neighbor 4.4.4.4 remote-as 64513

 neighbor 4.4.4.4 update-source Loopback0

 neighbor 56.1.1.6 remote-as 6

 neighbor 56.1.1.6 send-community 

 no auto-summary


R6配置

interface Loopback0

 ip address 6.6.6.6 255.255.255.0

interface Serial0/0

 ip address 56.1.1.6 255.255.255.0

router bgp 6

 no synchronization

 bgp router-id 6.6.6.6

 neighbor 56.1.1.5 remote-as 2

 no auto-summary


4、社團(tuán)屬性驗(yàn)證

50、BGP配置實(shí)驗(yàn)之社團(tuán)屬性community


ip prefix-list 1 seq 5 permit 1.1.1.0/24

route-map COM permit 10

 match ip address prefix-list 1

 set community no-advertise

route-map COM permit 20

router bgp 1

 neighbor 12.1.1.2 send-community

 neighbor 12.1.1.2 route-map COM out


50、BGP配置實(shí)驗(yàn)之社團(tuán)屬性community

50、BGP配置實(shí)驗(yàn)之社團(tuán)屬性community

ip prefix-list 1 seq 5 permit 1.1.1.0/24

route-map COM permit 10

 match ip address prefix-list 1

 set community no-export

route-map COM permit 20

router bgp 1

 neighbor 12.1.1.2 send-community

 neighbor 12.1.1.2 route-map COM out

50、BGP配置實(shí)驗(yàn)之社團(tuán)屬性community

50、BGP配置實(shí)驗(yàn)之社團(tuán)屬性community

ip prefix-list 1 seq 5 permit 1.1.1.0/24

route-map COM permit 10

 match ip address prefix-list 1

 set community local-AS

route-map COM permit 20

router bgp 1

 neighbor 12.1.1.2 send-community

 neighbor 12.1.1.2 route-map COM out

50、BGP配置實(shí)驗(yàn)之社團(tuán)屬性community

50、BGP配置實(shí)驗(yàn)之社團(tuán)屬性community


向AI問一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場,如果涉及侵權(quán)請聯(lián)系站長郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI