华为路由器EBGP配置

2023-03-05 09:30:58 浏览数 (1)

来源:网络技术联盟站 链接:https://www.wljslmz.cn/15162.html

这是关于如何在华为路由器和另一台路由器之间配置外部边界网关协议(EBGP)的示例教程,我将重点介绍华为路由器(RouterA)的配置。

实验拓扑

实验配置

1. 配置 Loopback IP 地址

输入系统视图

命令:system-view

代码语言:javascript复制
<RouterA>system-view
Enter system view, return user view with return command.
代码语言:javascript复制
<RouterA>interface LoopBack0
<RouterA>description RouterA Loopback0
<RouterA>ip address 172.16.1.1 255.255.255.255
<RouterA>quit

验证:

<RouterA>显示当前配置接口 LoopBack 0

2.配置P2P(点对点)IP

我们假设2个路由器之间的连接在100GigaEthernet接口,并通过LACP在Bundle中配置

配置物理接口

代码语言:javascript复制
<RouterA>interface 100GE6/0/0
<RouterA>description Connection to Peer
<RouterA>undo shutdown
<RouterA>damp-interface enable
<RouterA>eth-trunk 8
<RouterA>undo lldp enable
<RouterA>undo dcn

配置Eth-Trunk

代码语言:javascript复制
<RouterA>interface Eth-Trunk8
<RouterA>description Eth-Trunk to Peer
<RouterA>set flow-stat interval 10
<RouterA>ip address 192.168.10.2 255.255.255.252
<RouterA>trust upstream default
<RouterA>mode lacp-static
<RouterA>lacp timeout fast

验证:

代码语言:javascript复制
<RouterA>display current-configuration interface 100GE6/0/0
<RouterA>display current-configuration interface Eth-Trunk8
<RouterA>display interface Eth-Trunk8
<RouterA>display lacp statistics Eth-Trunk8

ping P2P IP 以验证连接性:

代码语言:javascript复制
<RouterA>ping 192.168.10.1
PING 192.168.10.1: 56 data bytes, press CTRL_C to break
Reply from 192.168.10.1: bytes=56 Sequence=1 ttl=255 time=4 ms
Reply from 192.168.10.1: bytes=56 Sequence=2 ttl=255 time=1 ms
Reply from 192.168.10.1: bytes=56 Sequence=3 ttl=255 time=1 ms
Reply from 192.168.10.1: bytes=56 Sequence=4 ttl=255 time=1 ms
Reply from 192.168.10.1: bytes=56 Sequence=5 ttl=255 time=1 ms

— 192.168.10.1 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/1/4 ms

3.配置传入策略

假设你一个允许来自邻居的默认路由

创建前缀列表以允许默认路由

代码语言:javascript复制
<RouterA> ip ip-prefix DEFAULT-PREFIX index 10 permit 0.0.0.0 0

创建路由策略以匹配前缀,然后显式添加默认拒绝

代码语言:javascript复制
<RouterA> route-policy DEFAULTv4 permit node 10
  if-match ip-prefix DEFAULT-PREFIX
route-policy DEFAULTv4 deny node 10000

4.配置传出策略

创建前缀列表来宣告前缀

代码语言:javascript复制
<RouterA> ip ip-prefix OUTPREFIX index 10 permit 172.16.1.1 32

创建路由策略以匹配前缀,然后显式添加默认拒绝

代码语言:javascript复制
<RouterA>r out-policy OUTPOLICY permit node 10
   if-match ip-prefix OUTPREFIX
route-policy OUTPOLICY deny node 10000

5.配置eBGP

假设对等体之间约定的MD5密码为bGP@p455w0rd

代码语言:javascript复制
<RouterA>bgp 65555
 router-id 172.16.1.1
 graceful-restart
 peer 192.168.10.1 as-number 65577
 peer 192.168.10.1 description Peer BGP IPv4
 peer 192.168.10.1 password cipher bGP@p455w0rd

ipv4-family unicast
 undo synchronization
 import-route unr
 peer 192.168.10.1 enable
 peer 192.168.10.1 route-policy DEFAULTv4 import
 peer 192.168.10.1 route-policy OUTPOLICY export

6.验证:

代码语言:javascript复制
<RouterA>display bgp all summary
<RouterA>display bgp peer
<RouterA>display bgp routing-table
<RouterA>display bgp routing-table peer 192.168.10.1 advertised-routes
<RouterA>display bgp routing-table peer 192.168.10.1 received-routes
<RouterA>display bgp routing-table peer 192.168.10.1 accepted-routes
<RouterA>display bgp routing-table peer 192.168.10.1 not-accepted-routes

样本输出:

代码语言:javascript复制
<RouterA>display bgp peer

BGP local router ID : 172.16.1.1
Local AS number : 65555
Total number of peers : 1 Peers in established state : 1

Peer           V  AS      MsgRcvd MsgSent OutQ Up/Down  State          PrefRcv
192.168.10.1   4 65577 10359        10065 0         0071h55m  Established 1

可以观察到,eBGP IPv4 邻居关系“已建立”并从 AS65577 接收到 1 个前缀,用于对等 192.168.10.1

0 人点赞