目次
概要
複数のASでBGPによるルーティングを行う演習です。Part3では、ベストパス(最適ルート)を制御するポリシーベースルーティングです。LOCAL_PREF/MED/AS_PATHとWell known Communityを利用した制御を行います。
Part1:BGP基本設定
Part2:ルート集約
Part3:ポリシーベースルーティング
Part4:トラブルシューティング
ネットワーク構成
機器 | AS内のネットワークアドレス |
---|---|
R11 Lo1 | 110.1.1.0/24 |
R12 Lo1 | 110.1.2.0/24 |
R13 Lo1 | 110.1.3.0/24 |
R14 Lo1 | 110.1.4.0/24 |
R15 Lo1 | 110.1.5.0/24 |
R16 Lo1 | 110.1.6.0/24 |
R21 Lo1 | 120.1.1.0/24 |
R22 Lo1 | 120.1.2.0/24 |
R23 Lo1 | 120.1.3.0/24 |
R31 Lo1 | 130.1.1.0/24 130.1.2.0/24 130.1.3.0/24 |
R41 Lo1 | 140.1.1.0/24 140.1.2.0/24 140.1.3.0/24 |
R51 Lo1 | 150.1.1.0/24 150.1.2.0/24 150.1.3.0/24 |
設定条件
Part1:BGP基本設定
- R11/R13/R15でAS65100を構成します。また、R12/R14/R16でAS65200を構成します。AS65100、AS65200は他のASから見るとAS110として動作します。R11~R16の間のBGPネイバーはすべてLoopback0のIPアドレスを利用して確立します。AS65100とAS65200間はR13とR14でネイバーを確立します。
- R11/R15、R12/R16ではIBGPネイバーの設定を1つだけしか行なってはいけません。
- R21/R22/R23でAS120を構成します。AS120内のBGPネイバーはすべてLoopback0のIPアドレスを利用して確立します。
- R31でAS130を構成します。R41でAS140を構成します。R51でAS150を構成します。
- AS間は、直接接続のIPアドレスを利用してEBGPネイバーを確立します。EBGPネイバーはすべてネイバー認証を行います。ネイバー認証のパスワードは「cisco」とします。
- AS110内のネットワークアドレス 110.1.1.0/24~110.1.6.0/24をR11~R16のそれぞれのルータでnetworkコマンドを利用してBGPルートとして生成します。同様にAS130、AS140、AS150においてもAS内のネットワークアドレスをnetworkコマンドによってBGPルートとして生成します。
- R21とR22でAS120内のネットワークアドレスをBGPルートとして生成します。ただし、networkコマンドを利用してはいけません。パスアトリビュートはnetworkコマンドを利用した場合と同等にします。
Part2:ルート集約
- AS110内のBGPルートを可能なかぎり長いサブネットマスクで集約します。集約ルートとともに第3オクテットが偶数である集約前のBGPルートもアドバタイズします。
- AS120内のBGPルートを可能な限り長いサブネットマスクで集約します。ネイバーには集約ルートのみをアドバタイズします。
- AS130内のBGPルートを可能な限り長いサブネットマスクで集約します。ネイバーには集約ルートのみをアドバタイズします。また、集約ルートにはCOMMUNITYアトリビュート「130:1」を付加します。
- AS140内のBGPルートを可能な限り長いサブネットマスクで集約します。R51にだけ集約ルートとともに140.1.2.0/24のBGPルートもアドバタイズします。
- AS150内のBGPルートをR31/R41で集約します。集約ルートのAS_PATHアトリビュートにAS150の情報が含まれるようにします。
Part3:ポリシーベースルーティング → このページで設定
- AS150の先にAS151およびAS152が接続されているようにAS構成をエミュレートします。AS151には、151.1.1.0/24が含まれています。AS152には、152.1.1.0/24が含まれています。これらのルートはR51でLoopback2インタフェースを利用するものとします。
- AS110からAS151へパケットをルーティングするときにはR15を経由するようにします。また、AS110からAS152へパケットをルーティングするときにはR16を経由するようにします。
- AS110の集約前のルートは、AS150にアドバタイズされないようにします。ただし、このための設定はAS110のルータでのみ行います。
- AS120にパケットをルーティングするときにはR21を経由するようにします。このための設定はAS120のルータでのみ行います。
初期設定
「[演習]BGP応用 Part2:ルート集約」完了時点から開始します。
R11 Initical Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R11 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.0.11 255.255.255.255 ! interface Loopback1 ip address 110.1.1.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 1.1.1.11 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.1.11 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 11.11.11.11 log-adjacency-changes network 110.1.0.0 0.0.255.255 area 0 network 192.168.0.0 0.0.255.255 area 0 ! router bgp 65100 no synchronization bgp log-neighbor-changes bgp confederation identifier 110 network 110.1.1.0 mask 255.255.255.0 aggregate-address 110.1.0.0 255.255.248.0 suppress-map ODD neighbor 1.1.1.21 remote-as 120 neighbor 1.1.1.21 password cisco neighbor 192.168.0.13 remote-as 65100 neighbor 192.168.0.13 update-source Loopback0 neighbor 192.168.0.13 next-hop-self no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 10 permit 110.1.1.0 0.0.254.0 ! route-map ODD permit 10 match ip address 10 ! route-map ODD deny 20 ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R12 Initical Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R12 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.0.12 255.255.255.255 ! interface Loopback1 ip address 110.1.2.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 1.1.2.12 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.1.12 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 12.12.12.12 log-adjacency-changes network 110.1.0.0 0.0.255.255 area 0 network 192.168.0.0 0.0.255.255 area 0 ! router bgp 65200 no synchronization bgp log-neighbor-changes bgp confederation identifier 110 network 110.1.2.0 mask 255.255.255.0 aggregate-address 110.1.0.0 255.255.248.0 suppress-map ODD neighbor 1.1.2.22 remote-as 120 neighbor 1.1.2.22 password cisco neighbor 192.168.0.14 remote-as 65200 neighbor 192.168.0.14 update-source Loopback0 neighbor 192.168.0.14 next-hop-self no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 10 permit 110.1.1.0 0.0.254.0 ! route-map ODD permit 10 match ip address 10 ! route-map ODD deny 20 ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R13 Initical Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R13 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.0.13 255.255.255.255 ! interface Loopback1 ip address 110.1.3.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 192.168.1.13 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.2.13 255.255.255.0 duplex auto speed auto ! interface FastEthernet2/0 ip address 192.168.3.13 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 13.13.13.13 log-adjacency-changes network 110.1.0.0 0.0.255.255 area 0 network 192.168.0.0 0.0.255.255 area 0 ! router bgp 65100 no synchronization bgp log-neighbor-changes bgp confederation identifier 110 bgp confederation peers 65200 network 110.1.3.0 mask 255.255.255.0 neighbor 192.168.0.11 remote-as 65100 neighbor 192.168.0.11 update-source Loopback0 neighbor 192.168.0.11 route-reflector-client neighbor 192.168.0.14 remote-as 65200 neighbor 192.168.0.14 ebgp-multihop 255 neighbor 192.168.0.14 update-source Loopback0 neighbor 192.168.0.15 remote-as 65100 neighbor 192.168.0.15 update-source Loopback0 neighbor 192.168.0.15 route-reflector-client no auto-summary ! ip http server ip forward-protocol nd ! ! ! ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R14 Initical Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R14 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.0.14 255.255.255.255 ! interface Loopback1 ip address 110.1.4.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 192.168.1.14 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.2.14 255.255.255.0 duplex auto speed auto ! interface FastEthernet2/0 ip address 192.168.3.14 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 14.14.14.14 log-adjacency-changes network 110.1.0.0 0.0.255.255 area 0 network 192.168.0.0 0.0.255.255 area 0 ! router bgp 65200 no synchronization bgp log-neighbor-changes bgp confederation identifier 110 bgp confederation peers 65100 network 110.1.4.0 mask 255.255.255.0 neighbor 192.168.0.12 remote-as 65200 neighbor 192.168.0.12 update-source Loopback0 neighbor 192.168.0.12 route-reflector-client neighbor 192.168.0.13 remote-as 65100 neighbor 192.168.0.13 ebgp-multihop 255 neighbor 192.168.0.13 update-source Loopback0 neighbor 192.168.0.16 remote-as 65200 neighbor 192.168.0.16 update-source Loopback0 neighbor 192.168.0.16 route-reflector-client no auto-summary ! ip http server ip forward-protocol nd ! ! ! ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R15 Initical Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R15 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.0.15 255.255.255.255 ! interface Loopback1 ip address 110.1.5.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 1.1.3.15 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.2.15 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 15.15.15.15 log-adjacency-changes network 110.1.0.0 0.0.255.255 area 0 network 192.168.0.0 0.0.255.255 area 0 ! router bgp 65100 no synchronization bgp log-neighbor-changes bgp confederation identifier 110 network 110.1.5.0 mask 255.255.255.0 aggregate-address 110.1.0.0 255.255.248.0 suppress-map ODD neighbor 1.1.3.31 remote-as 130 neighbor 1.1.3.31 password cisco neighbor 192.168.0.13 remote-as 65100 neighbor 192.168.0.13 update-source Loopback0 neighbor 192.168.0.13 next-hop-self no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 10 permit 110.1.1.0 0.0.254.0 ! route-map ODD permit 10 match ip address 10 ! route-map ODD deny 20 ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R16 Initical Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R16 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.0.16 255.255.255.255 ! interface Loopback1 ip address 110.1.6.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 1.1.4.16 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.2.16 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 16.16.16.16 log-adjacency-changes network 110.1.0.0 0.0.255.255 area 0 network 192.168.0.0 0.0.255.255 area 0 ! router bgp 65200 no synchronization bgp log-neighbor-changes bgp confederation identifier 110 network 110.1.6.0 mask 255.255.255.0 aggregate-address 110.1.0.0 255.255.248.0 suppress-map ODD neighbor 1.1.4.41 remote-as 140 neighbor 1.1.4.41 password cisco neighbor 192.168.0.14 remote-as 65200 neighbor 192.168.0.14 update-source Loopback0 neighbor 192.168.0.14 next-hop-self no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 10 permit 110.1.1.0 0.0.254.0 ! route-map ODD permit 10 match ip address 10 ! route-map ODD deny 20 ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R21 Initical Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R21 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 172.16.0.21 255.255.255.255 ! interface Loopback1 ip address 120.1.1.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 1.1.1.21 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 172.16.1.21 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 21.21.21.21 log-adjacency-changes network 120.1.0.0 0.0.255.255 area 0 network 172.16.0.0 0.0.255.255 area 0 ! router bgp 120 no synchronization bgp log-neighbor-changes aggregate-address 120.1.0.0 255.255.252.0 summary-only redistribute ospf 1 route-map AS120 neighbor 1.1.1.11 remote-as 110 neighbor 1.1.1.11 password cisco neighbor 172.16.0.22 remote-as 120 neighbor 172.16.0.22 update-source Loopback0 neighbor 172.16.0.22 next-hop-self neighbor 172.16.0.23 remote-as 120 neighbor 172.16.0.23 update-source Loopback0 neighbor 172.16.0.23 next-hop-self no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 1 permit 120.1.0.0 0.0.255.255 ! route-map AS120 permit 10 match ip address 1 set origin igp ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R22 Initical Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R22 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 172.16.0.22 255.255.255.255 ! interface Loopback1 ip address 120.1.2.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 1.1.2.22 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 172.16.2.22 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 22.22.22.22 log-adjacency-changes network 120.1.0.0 0.0.255.255 area 0 network 172.16.0.0 0.0.255.255 area 0 ! router bgp 120 no synchronization bgp log-neighbor-changes aggregate-address 120.1.0.0 255.255.252.0 summary-only redistribute ospf 1 route-map AS120 neighbor 1.1.2.12 remote-as 110 neighbor 1.1.2.12 password cisco neighbor 172.16.0.21 remote-as 120 neighbor 172.16.0.21 update-source Loopback0 neighbor 172.16.0.21 next-hop-self neighbor 172.16.0.23 remote-as 120 neighbor 172.16.0.23 update-source Loopback0 neighbor 172.16.0.23 next-hop-self no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 1 permit 120.1.0.0 0.0.255.255 ! route-map AS120 permit 10 match ip address 1 set origin igp ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R23 Initical Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R23 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 172.16.0.23 255.255.255.255 ! interface Loopback1 ip address 120.1.3.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 172.16.1.23 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 172.16.2.23 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 23.23.23.23 log-adjacency-changes network 120.1.0.0 0.0.255.255 area 0 network 172.16.0.0 0.0.255.255 area 0 ! router bgp 120 no synchronization bgp log-neighbor-changes neighbor 172.16.0.21 remote-as 120 neighbor 172.16.0.21 update-source Loopback0 neighbor 172.16.0.22 remote-as 120 neighbor 172.16.0.22 update-source Loopback0 no auto-summary ! ip http server ip forward-protocol nd ! ! ! ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R31 Initical Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R31 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback1 ip address 130.1.3.1 255.255.255.0 secondary ip address 130.1.2.1 255.255.255.0 secondary ip address 130.1.1.1 255.255.255.0 ! interface FastEthernet0/0 ip address 1.1.3.31 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 1.1.5.31 255.255.255.0 duplex auto speed auto ! ! router bgp 130 no synchronization bgp log-neighbor-changes network 130.1.1.0 mask 255.255.255.0 network 130.1.2.0 mask 255.255.255.0 network 130.1.3.0 mask 255.255.255.0 neighbor 1.1.3.15 remote-as 110 neighbor 1.1.3.15 password cisco neighbor 1.1.5.51 remote-as 150 neighbor 1.1.5.51 password cisco no auto-summary ! ip http server ip forward-protocol nd ! ! ! ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R41 Initical Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R41 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback1 ip address 140.1.3.1 255.255.255.0 secondary ip address 140.1.2.1 255.255.255.0 secondary ip address 140.1.1.1 255.255.255.0 ! interface FastEthernet0/0 ip address 1.1.4.41 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 1.1.6.41 255.255.255.0 duplex auto speed auto ! ! router bgp 140 no synchronization bgp log-neighbor-changes network 140.1.1.0 mask 255.255.255.0 network 140.1.2.0 mask 255.255.255.0 network 140.1.3.0 mask 255.255.255.0 neighbor 1.1.4.16 remote-as 110 neighbor 1.1.4.16 password cisco neighbor 1.1.6.51 remote-as 150 neighbor 1.1.6.51 password cisco no auto-summary ! ip http server ip forward-protocol nd ! ! ! ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R51 Initical Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R51 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback1 ip address 150.1.2.1 255.255.255.0 secondary ip address 150.1.3.1 255.255.255.0 secondary ip address 150.1.1.1 255.255.255.0 ! interface FastEthernet0/0 ip address 1.1.5.51 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 1.1.6.51 255.255.255.0 duplex auto speed auto ! ! router bgp 150 no synchronization bgp log-neighbor-changes network 150.1.1.0 mask 255.255.255.0 network 150.1.2.0 mask 255.255.255.0 network 150.1.3.0 mask 255.255.255.0 neighbor 1.1.5.31 remote-as 130 neighbor 1.1.5.31 password cisco neighbor 1.1.6.41 remote-as 140 neighbor 1.1.6.41 password cisco no auto-summary ! ip http server ip forward-protocol nd ! ! ! ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
設定と確認 Part3:ポリシーベースルーティング
Step1:AS構成のエミュレートの設定
R51でLoopback2インタフェースを作成し、BGPルートとしてアドバタイズします。AS_PATHアトリビュートをプリペンドして、AS150の先にAS151およびAS152が接続されているように見せかけます。
R51 AS構成のエミュレート
interface loopback2 ip address 151.1.1.1 255.255.255.0 ip address 152.1.1.1 255.255.255.0 secondary router bgp 150 network 151.1.1.0 mask 255.255.255.0 network 152.1.1.0 mask 255.255.255.0 neighbor 1.1.5.31 route-map AS_PATH out neighbor 1.1.6.41 route-map AS_PATH out access-list 1 permit 151.1.1.0 access-list 2 permit 152.1.1.0 route-map AS_PATH permit 10 match ip address 1 set as-path prepend 151 route-map AS_PATH permit 20 match ip address 2 set as-path prepend 152 route-map AS_PATH permit 30
R51でルートマップを適用したあと、clear ip bgp * outでBGPルートの再送信が必要です。
Step2:AS構成のエミュレートの確認
R31およびR41でBGPルート 151.1.1.0/24と152.1.1.0/24のAS_PATHアトリビュートを確認します。そのために、次のshowコマンドを利用します。
- show ip bgp 151.1.1.0
- show ip bgp 152.1.1.0
R31では次のような表示になります。
R31 show ip bgp
R31#show ip bgp 151.1.1.0 BGP routing table entry for 151.1.1.0/24, version 56 Paths: (1 available, best #1, table Default-IP-Routing-Table) Advertised to update-groups: 1 150 151 1.1.5.51 from 1.1.5.51 (150.1.1.1) Origin IGP, metric 0, localpref 100, valid, external, best R31#show ip bgp 152.1.1.0 BGP routing table entry for 152.1.1.0/24, version 55 Paths: (1 available, best #1, table Default-IP-Routing-Table) Advertised to update-groups: 1 150 152 1.1.5.51 from 1.1.5.51 (150.1.1.1) Origin IGP, metric 0, localpref 100, valid, external, best
Step3:LOCAL_PREFERENCEの設定
AS110からAS151、AS152あてのパケットのルーティングを制御するためにLOCAL_PREFERENCEアトリビュートを変更します。R15では、AS151の151.1.1.0/24のルートに対してLOCAL_PREFERENCE 200をセットします。一方、R16ではAS152の152.1.1.0/24のルートに対してLOCAL_PREFERENCE 200をセットします。
R15 LOCAL_PREFERENCE
router bgp 65100 neighbor 1.1.3.31 route-map LP in access-list 1 permit 151.1.1.0 route-map LP permit 10 match ip address 1 set local-pref 200 route-map LP permit 20 set local-pref 100
R16 LOCAL_PREFERENCE
router bgp 65200 neighbor 1.1.4.41 route-map LP in access-list 1 permit 152.1.1.0 route-map LP permit 10 match ip address 1 set local-pref 200 route-map LP permit 20 set local-pref 100
R15/R16でルートマップを適用したあと、clear ip bgp * outでBGPルートの再送信が必要です。
Step4:LOCAL_PREFERENCEの確認
R15およびR16でAS151、AS152のBGPルートにLOCAL_PREFERENCEが付加されていることを確認します。そのために、次のshowコマンドを利用します。
- show ip bgp regexp _151$|_152$
R15 show ip bgp regexp _151$|_152$
R15#show ip bgp regexp _151$|_152$ BGP table version is 80, local router ID is 192.168.0.15 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 151.1.1.0/24 1.1.3.31 200 0 130 150 151 i *>i152.1.1.0/24 192.168.0.16 0 200 0 (65200) 140 150 152 i * 1.1.3.31 100 0 130 150 152 i
R16 show ip bgp regexp _151$|_152$
R16#show ip bgp regexp _151$|_152$ BGP table version is 79, local router ID is 192.168.0.16 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>i151.1.1.0/24 192.168.0.15 0 200 0 (65100) 130 150 151 i * 1.1.4.41 100 0 140 150 151 i *> 152.1.1.0/24 1.1.4.41 200 0 140 150 152 i
そして、AS110内のルータからAS151、AS152へTracerouteを実行します。R13からTracerouteを実行すると次のようになります。
R13 traceroute
R13#traceroute Protocol [ip]: Target IP address: 151.1.1.1 Source address: 110.1.3.1 Numeric display [n]: Timeout in seconds [3]: Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 151.1.1.1 1 192.168.2.15 28 msec 16 msec 4 msec 2 1.1.3.31 16 msec 28 msec 12 msec 3 1.1.5.51 28 msec * 28 msec R13#traceroute Protocol [ip]: Target IP address: 152.1.1.1 Source address: 110.1.3.1 Numeric display [n]: Timeout in seconds [3]: Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 152.1.1.1 1 192.168.2.16 32 msec 8 msec 16 msec 2 1.1.4.41 12 msec 28 msec 20 msec 3 1.1.6.51 12 msec * 52 msec
R13からAS151へパケットをルーティングするときにはR15(192.168.2.15)を経由しています。また、R13からAS152へパケットをルーティングするときにはR16(192.168.2.16)を経由しています。
Step5:Well Known Communityの設定
R15/R16でAS110の集約前ルートがAS150へアドバタイズされないようにするために、no-exportのWell Known Communityアトリビュートを付加します。ネイバーにBGPルートをアドバタイズするときにCOMMUNITYアトリビュートが削除されないように、neighbor send-communityコマンドの設定が必要になるので注意してください。
R15 Well Known Communityの設定
router bgp 65100 neighbor 1.1.3.31 send-community neighbor 1.1.3.31 route-map COMMUNITY out access-list 11 permit 110.1.2.0 access-list 11 permit 110.1.4.0 access-list 11 permit 110.1.6.0 route-map COMMUNITY permit 10 match ip address 11 set community no-export route-map COMMUNITY permit 20
R16 Well Known Communityの設定
router bgp 65200 neighbor 1.1.4.41 send-community neighbor 1.1.4.41 route-map COMMUNITY out access-list 11 permit 110.1.2.0 access-list 11 permit 110.1.4.0 access-list 11 permit 110.1.6.0 route-map COMMUNITY permit 10 match ip address 11 set community no-export route-map COMMUNITY permit 20
R15/R16でルートマップを適用したあと、clear ip bgp * outでBGPルートの再送信が必要です。
Step6:Well Known Communityの設定
R31/R41でAS110の集約前ルートにno-exportのWell Known Communityが付加されていることを確認します。そのために、次のshowコマンドを利用します。
- show ip bgp community no-export
R31では、次のような表示になります。
R31 show ip bgp community no-export
R31#show ip bgp community no-export BGP table version is 74, local router ID is 130.1.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 110.1.2.0/24 1.1.3.15 0 110 i *> 110.1.4.0/24 1.1.3.15 0 110 i *> 110.1.6.0/24 1.1.3.15 0 110 i
また、R31/R41でAS150へアドバタイズするAS110のルートを確認します。そのために、次のshowコマンドを実行します。
- show ip bgp neighbor <ip-address> advertised-routes | include 110 i
R31では、次のような表示になります。
R31 show ip bgp neighbor advertised-routes | include 110 i
R31#show ip bgp neighbors 1.1.5.51 advertised-routes | include 110 i *> 110.1.0.0/21 1.1.3.15 0 0 110 i
R31からR51へは集約ルート110.1.0.0/21のみがアドバタイズされていることがわかります。
Step7:MEDの設定
AS120にパケットをルーティングするときにR21を経由させるために、MEDの設定を行います。R21でAS120内の集約ルートをアドバタイズするときにMED 10を付加し、R22でAS120内の集約ルートをアドバタイズするときにMED 100を付加します。
R21 MEDの設定
router bgp 120 neighbor 1.1.1.11 route-map MED out access-list 10 permit 120.1.0.0 route-map MED permit 10 match ip address 10 set metric 10 route-map MED permit 20
R22 MEDの設定
router bgp 120 neighbor 1.1.2.12 route-map MED out access-list 10 permit 120.1.0.0 route-map MED permit 10 match ip address 10 set metric 100 route-map MED permit 20
R21/R22でルートマップを適用したあと、clear ip bgp * outでBGPルートの再送信が必要です。
Step8:MEDの確認
R11/R12でAS120の集約ルートにMEDが付加されていることを確認します。そのために、次のshowコマンドを利用します。
- show ip bgp regexp _120$
R11 show ip bgp regexp _120$
R11#show ip bgp regexp _120$ BGP table version is 102, local router ID is 192.168.0.11 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 120.1.0.0/22 1.1.1.21 10 0 120 i
R12 show ip bgp regexp _120$
R12#show ip bgp regexp _120$ BGP table version is 91, local router ID is 192.168.0.12 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>i120.1.0.0/22 192.168.0.11 10 100 0 (65100) 120 i * 1.1.2.22 100 0 120 i
そして、AS110内のルータからAS120へTracerouteを実行します。R13からTracerouteを実行すると次のようになります。
R13 traceroute
R13#traceroute Protocol [ip]: Target IP address: 120.1.3.1 Source address: 110.1.3.1 Numeric display [n]: Timeout in seconds [3]: Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 120.1.3.1 1 192.168.1.11 16 msec 32 msec 4 msec 2 1.1.1.21 8 msec 20 msec 8 msec 3 172.16.1.23 28 msec * 20 msec
AS120のネットワークへルーティングするときには、R21を経由していることがわかります。
Part3完了の設定ファイル
R11 Completed Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R11 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.0.11 255.255.255.255 ! interface Loopback1 ip address 110.1.1.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 1.1.1.11 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.1.11 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 11.11.11.11 log-adjacency-changes network 110.1.0.0 0.0.255.255 area 0 network 192.168.0.0 0.0.255.255 area 0 ! router bgp 65100 no synchronization bgp log-neighbor-changes bgp confederation identifier 110 network 110.1.1.0 mask 255.255.255.0 aggregate-address 110.1.0.0 255.255.248.0 suppress-map ODD neighbor 1.1.1.21 remote-as 120 neighbor 1.1.1.21 password cisco neighbor 192.168.0.13 remote-as 65100 neighbor 192.168.0.13 update-source Loopback0 neighbor 192.168.0.13 next-hop-self no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 10 permit 110.1.1.0 0.0.254.0 ! route-map ODD permit 10 match ip address 10 ! route-map ODD deny 20 ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R12 Completed Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R12 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.0.12 255.255.255.255 ! interface Loopback1 ip address 110.1.2.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 1.1.2.12 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.1.12 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 12.12.12.12 log-adjacency-changes network 110.1.0.0 0.0.255.255 area 0 network 192.168.0.0 0.0.255.255 area 0 ! router bgp 65200 no synchronization bgp log-neighbor-changes bgp confederation identifier 110 network 110.1.2.0 mask 255.255.255.0 aggregate-address 110.1.0.0 255.255.248.0 suppress-map ODD neighbor 1.1.2.22 remote-as 120 neighbor 1.1.2.22 password cisco neighbor 192.168.0.14 remote-as 65200 neighbor 192.168.0.14 update-source Loopback0 neighbor 192.168.0.14 next-hop-self no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 10 permit 110.1.1.0 0.0.254.0 ! route-map ODD permit 10 match ip address 10 ! route-map ODD deny 20 ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R13 Completed Configuration(Click)
! ! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R13 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.0.13 255.255.255.255 ! interface Loopback1 ip address 110.1.3.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 192.168.1.13 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.2.13 255.255.255.0 duplex auto speed auto ! interface FastEthernet2/0 ip address 192.168.3.13 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 13.13.13.13 log-adjacency-changes network 110.1.0.0 0.0.255.255 area 0 network 192.168.0.0 0.0.255.255 area 0 ! router bgp 65100 no synchronization bgp log-neighbor-changes bgp confederation identifier 110 bgp confederation peers 65200 network 110.1.3.0 mask 255.255.255.0 neighbor 192.168.0.11 remote-as 65100 neighbor 192.168.0.11 update-source Loopback0 neighbor 192.168.0.11 route-reflector-client neighbor 192.168.0.14 remote-as 65200 neighbor 192.168.0.14 ebgp-multihop 255 neighbor 192.168.0.14 update-source Loopback0 neighbor 192.168.0.15 remote-as 65100 neighbor 192.168.0.15 update-source Loopback0 neighbor 192.168.0.15 route-reflector-client no auto-summary ! ip http server ip forward-protocol nd ! ! ! ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R14 Completed Configuration(Click)
! ! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R14 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.0.14 255.255.255.255 ! interface Loopback1 ip address 110.1.4.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 192.168.1.14 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.2.14 255.255.255.0 duplex auto speed auto ! interface FastEthernet2/0 ip address 192.168.3.14 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 14.14.14.14 log-adjacency-changes network 110.1.0.0 0.0.255.255 area 0 network 192.168.0.0 0.0.255.255 area 0 ! router bgp 65200 no synchronization bgp log-neighbor-changes bgp confederation identifier 110 bgp confederation peers 65100 network 110.1.4.0 mask 255.255.255.0 neighbor 192.168.0.12 remote-as 65200 neighbor 192.168.0.12 update-source Loopback0 neighbor 192.168.0.12 route-reflector-client neighbor 192.168.0.13 remote-as 65100 neighbor 192.168.0.13 ebgp-multihop 255 neighbor 192.168.0.13 update-source Loopback0 neighbor 192.168.0.16 remote-as 65200 neighbor 192.168.0.16 update-source Loopback0 neighbor 192.168.0.16 route-reflector-client no auto-summary ! ip http server ip forward-protocol nd ! ! ! ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R15 Completed Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R15 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.0.15 255.255.255.255 ! interface Loopback1 ip address 110.1.5.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 1.1.3.15 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.2.15 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 15.15.15.15 log-adjacency-changes network 110.1.0.0 0.0.255.255 area 0 network 192.168.0.0 0.0.255.255 area 0 ! router bgp 65100 no synchronization bgp log-neighbor-changes bgp confederation identifier 110 network 110.1.5.0 mask 255.255.255.0 aggregate-address 110.1.0.0 255.255.248.0 suppress-map ODD neighbor 1.1.3.31 remote-as 130 neighbor 1.1.3.31 password cisco neighbor 1.1.3.31 send-community neighbor 1.1.3.31 route-map LP in neighbor 1.1.3.31 route-map COMMUNITY out neighbor 192.168.0.13 remote-as 65100 neighbor 192.168.0.13 update-source Loopback0 neighbor 192.168.0.13 next-hop-self no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 1 permit 151.1.1.0 access-list 10 permit 110.1.1.0 0.0.254.0 access-list 20 permit 110.1.6.0 access-list 20 permit 110.1.4.0 access-list 20 permit 110.1.2.0 ! route-map LP permit 10 match ip address 1 set local-preference 200 ! route-map LP permit 20 set local-preference 100 ! route-map ODD permit 10 match ip address 10 ! route-map ODD deny 20 ! route-map COMMUNITY permit 10 match ip address 20 set community no-export ! route-map COMMUNITY permit 20 ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R16 Completed Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R16 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 192.168.0.16 255.255.255.255 ! interface Loopback1 ip address 110.1.6.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 1.1.4.16 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 192.168.2.16 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 16.16.16.16 log-adjacency-changes network 110.1.0.0 0.0.255.255 area 0 network 192.168.0.0 0.0.255.255 area 0 ! router bgp 65200 no synchronization bgp log-neighbor-changes bgp confederation identifier 110 network 110.1.6.0 mask 255.255.255.0 aggregate-address 110.1.0.0 255.255.248.0 suppress-map ODD neighbor 1.1.4.41 remote-as 140 neighbor 1.1.4.41 password cisco neighbor 192.168.0.14 remote-as 65200 neighbor 192.168.0.14 update-source Loopback0 neighbor 192.168.0.14 next-hop-self no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 10 permit 110.1.1.0 0.0.254.0 ! route-map ODD permit 10 match ip address 10 ! route-map ODD deny 20 ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R21 Completed Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R21 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 172.16.0.21 255.255.255.255 ! interface Loopback1 ip address 120.1.1.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 1.1.1.21 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 172.16.1.21 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 21.21.21.21 log-adjacency-changes network 120.1.0.0 0.0.255.255 area 0 network 172.16.0.0 0.0.255.255 area 0 ! router bgp 120 no synchronization bgp log-neighbor-changes aggregate-address 120.1.0.0 255.255.252.0 summary-only redistribute ospf 1 route-map AS120 neighbor 1.1.1.11 remote-as 110 neighbor 1.1.1.11 password cisco neighbor 172.16.0.22 remote-as 120 neighbor 172.16.0.22 update-source Loopback0 neighbor 172.16.0.22 next-hop-self neighbor 172.16.0.23 remote-as 120 neighbor 172.16.0.23 update-source Loopback0 neighbor 172.16.0.23 next-hop-self no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 1 permit 120.1.0.0 0.0.255.255 ! route-map AS120 permit 10 match ip address 1 set origin igp ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R22 Completed Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R22 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 172.16.0.22 255.255.255.255 ! interface Loopback1 ip address 120.1.2.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 1.1.2.22 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 172.16.2.22 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 22.22.22.22 log-adjacency-changes network 120.1.0.0 0.0.255.255 area 0 network 172.16.0.0 0.0.255.255 area 0 ! router bgp 120 no synchronization bgp log-neighbor-changes aggregate-address 120.1.0.0 255.255.252.0 summary-only redistribute ospf 1 route-map AS120 neighbor 1.1.2.12 remote-as 110 neighbor 1.1.2.12 password cisco neighbor 172.16.0.21 remote-as 120 neighbor 172.16.0.21 update-source Loopback0 neighbor 172.16.0.21 next-hop-self neighbor 172.16.0.23 remote-as 120 neighbor 172.16.0.23 update-source Loopback0 neighbor 172.16.0.23 next-hop-self no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 1 permit 120.1.0.0 0.0.255.255 ! route-map AS120 permit 10 match ip address 1 set origin igp ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R23 Completed Configuration(Click)
! ! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R23 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 172.16.0.23 255.255.255.255 ! interface Loopback1 ip address 120.1.3.1 255.255.255.0 ip ospf network point-to-point ! interface FastEthernet0/0 ip address 172.16.1.23 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 172.16.2.23 255.255.255.0 duplex auto speed auto ! ! router ospf 1 router-id 23.23.23.23 log-adjacency-changes network 120.1.0.0 0.0.255.255 area 0 network 172.16.0.0 0.0.255.255 area 0 ! router bgp 120 no synchronization bgp log-neighbor-changes neighbor 172.16.0.21 remote-as 120 neighbor 172.16.0.21 update-source Loopback0 neighbor 172.16.0.22 remote-as 120 neighbor 172.16.0.22 update-source Loopback0 no auto-summary ! ip http server ip forward-protocol nd ! ! ! ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R31 Completed Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R31 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback1 ip address 130.1.3.1 255.255.255.0 secondary ip address 130.1.2.1 255.255.255.0 secondary ip address 130.1.1.1 255.255.255.0 ! interface FastEthernet0/0 ip address 1.1.3.31 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 1.1.5.31 255.255.255.0 duplex auto speed auto ! ! router bgp 130 no synchronization bgp log-neighbor-changes network 130.1.1.0 mask 255.255.255.0 network 130.1.2.0 mask 255.255.255.0 network 130.1.3.0 mask 255.255.255.0 aggregate-address 130.1.0.0 255.255.252.0 summary-only attribute-map ATT aggregate-address 150.1.0.0 255.255.252.0 as-set neighbor 1.1.3.15 remote-as 110 neighbor 1.1.3.15 password cisco neighbor 1.1.5.51 remote-as 150 neighbor 1.1.5.51 password cisco no auto-summary ! ip http server ip forward-protocol nd ! ! ip bgp-community new-format ! ! route-map ATT permit 10 set community 130:1 ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R41 Completed Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R41 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback1 ip address 140.1.3.1 255.255.255.0 secondary ip address 140.1.2.1 255.255.255.0 secondary ip address 140.1.1.1 255.255.255.0 ! interface FastEthernet0/0 ip address 1.1.4.41 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 1.1.6.41 255.255.255.0 duplex auto speed auto ! ! router bgp 140 no synchronization bgp log-neighbor-changes network 140.1.1.0 mask 255.255.255.0 network 140.1.2.0 mask 255.255.255.0 network 140.1.3.0 mask 255.255.255.0 aggregate-address 140.1.0.0 255.255.252.0 summary-only aggregate-address 150.1.0.0 255.255.252.0 as-set neighbor 1.1.4.16 remote-as 110 neighbor 1.1.4.16 password cisco neighbor 1.1.6.51 remote-as 150 neighbor 1.1.6.51 password cisco neighbor 1.1.6.51 unsuppress-map UNSUPP no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 1 permit 140.1.2.0 ! route-map UNSUPP permit 10 match ip address 1 ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
R51 Completed Configuration(Click)
! ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R51 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback1 ip address 150.1.2.1 255.255.255.0 secondary ip address 150.1.3.1 255.255.255.0 secondary ip address 150.1.1.1 255.255.255.0 ! interface Loopback2 ip address 152.1.1.1 255.255.255.0 secondary ip address 151.1.1.1 255.255.255.0 ! interface FastEthernet0/0 ip address 1.1.5.51 255.255.255.0 duplex auto speed auto ! interface FastEthernet1/0 ip address 1.1.6.51 255.255.255.0 duplex auto speed auto ! ! router bgp 150 no synchronization bgp log-neighbor-changes network 150.1.1.0 mask 255.255.255.0 network 150.1.2.0 mask 255.255.255.0 network 150.1.3.0 mask 255.255.255.0 network 151.1.1.0 mask 255.255.255.0 network 152.1.1.0 mask 255.255.255.0 neighbor 1.1.5.31 remote-as 130 neighbor 1.1.5.31 password cisco neighbor 1.1.5.31 route-map AS_PATH out neighbor 1.1.6.41 remote-as 140 neighbor 1.1.6.41 password cisco neighbor 1.1.6.41 route-map AS_PATH out no auto-summary ! ip http server ip forward-protocol nd ! ! ! access-list 1 permit 151.1.1.0 access-list 2 permit 152.1.1.0 ! route-map AS_PATH permit 10 match ip address 1 set as-path prepend 151 ! route-map AS_PATH permit 20 match ip address 2 set as-path prepend 152 ! ! ! control-plane ! ! ! ! mgcp behavior g729-variants static-pt ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 line aux 0 line vty 0 4 login ! ! end
関連記事
関連記事
BGPの仕組み
- BGPの概要 ~AS間でルート情報を交換~
- BGPの動作
- BGPの基本設定と確認コマンド
- BGPピアグループ(Peer Group) ~ネイバーの設定をまとめよう~
- BGPネイバーの状態
- BGPコンフェデレーションの設定
- BGPコンフェデレーションの設定例
- BGPネイバー認証
- BGP Well Known Mandatory アトリビュート -ORIGIN/AS_PATH/NEXT_HOP-
- 図解!BGPベストパス選択アルゴリズム
- BGP 基本的な設定についての演習[Cisco]
- BGPの基本的な設定についての演習 ~トラブルシュート~
- BGP KEEPALIVEタイマ/ホールドタイムの設定
- BGPルート 最小送信間隔の設定
- BGPルートダンプニング
- マルチホーム – インターネット接続の冗長化 –
- マルチホームAS BGPルートフィルタのポイント
- マルチホームAS ベストパス選択のポイント
- マルチホームAS IGPとBGPの連携のポイント
- マルチホームAS BGPの設定例
- IP-VPNでのBGPの利用 設定例
- BGPルートフィルタの種類
- BGPルートフィルタ -ディストリビュートリスト-
- BGPルートフィルタ -ディストリビュートリスト設定例-
- BGPルートフィルタ -プレフィクスリスト-
- BGPルートフィルタ -プレフィクスリスト設定例-
- BGPルートフィルタ -フィルタリスト(AS_PATH ACL)-
- BGPルートフィルタ -フィルタリスト(AS_PATH ACL)設定例-
- BGPルートフィルタ -ルートマップ(route-map)-
- BGPルートフィルタ -ルートマップ(route-map)設定例-
- BGP neighbor allowas-inコマンド
- BGP neighbor as-overrideコマンド
- BGPルート RIB Failure
- BGPルート アドミニストレイティブディスタンスの制御
- BGPルートの負荷分散
- BGPルート 条件付き生成
- BGPルート 条件付きアドバタイズ
- BGP ルート集約 自動集約
- BGPルート集約 networkコマンドによる集約
- BGPルート集約 networkコマンドによる集約 設定例
- BGP ルート集約 aggregate-addressコマンドによる集約
- aggregate-addressコマンドのオプション summary-only
- aggregate-addressコマンドのオプション attribute-map
- aggregate-addressコマンドのオプション as-set
- aggregate-addressコマンドのオプション advertise-map
- aggregate-addressコマンド as-set/attribute-map/advertise-map 設定例
- BGP選択型集約の概要
- BGP選択型集約 suppress-map
- BGP選択型集約 unsuppress-map
- BGP 選択型集約 suppress-map/unsuppress-map 設定例
- BGP local-as ~ネイバーに他のASのように見せる~
- BGP neighbor remove-private-ASコマンド
- bgp fast external-fallover
- BGP プレフィクス数の制限
- BGP COMMUNITYアトリビュートの使い方
- BGP Well-known COMMUNITYのルートフィルタ設定例
- BGP プライベートCOMMUNITYによるルート制御の設定例
- [演習]BGP応用 Part1:BGP基本設定
- [演習]BGP応用 Part2:ルート集約
- [演習]BGP応用 Part3:ポリシーベースルーティング
- [演習]BGP応用 Part4:トラブルシューティング
- BGP 設定ミスの切り分けと修正 Part1
- BGP 設定ミスの切り分けと修正 Part2
- BGP 設定ミスの切り分けと修正 Part3
- BGP 設定ミスの切り分けと修正 Part4
- BGP 設定ミスの切り分けと修正 Part5
- BGP 設定ミスの切り分けと修正 Part6
- BGP 設定ミスの切り分けと修正 Part7
- IPv6 BGPの設定例 Part1
- IPv6 BGPの設定例 Part2
- 2021年10月4日 Facebookに何が起こったか?
- IPv4 BGPネイバーでのIPv6プレフィックスの交換