这是关于如何在华为路由器和另一台路由器之间配置外部边界网关协议(EBGP)的示例教程,我将重点介绍华为路由器(RouterA)的配置。
实验拓扑
实验配置
1. 配置 Loopback IP 地址
输入系统视图
命令:system-view
<RouterA>system-view
Enter system view, return user view with return command.
代码语言:javascript复制<RouterA>interface LoopBack0
<RouterA>description RouterA Loopback0
<RouterA>ip address 172.16.1.1 255.255.255.255
<RouterA>quit
验证:
<RouterA>
显示当前配置接口 LoopBack 0
2.配置P2P(点对点)IP
我们假设2个路由器之间的连接在100GigaEthernet接口,并通过LACP在Bundle中配置
配置物理接口
代码语言:javascript复制<RouterA>interface 100GE6/0/0
<RouterA>description Connection to Peer
<RouterA>undo shutdown
<RouterA>damp-interface enable
<RouterA>eth-trunk 8
<RouterA>undo lldp enable
<RouterA>undo dcn
配置Eth-Trunk
代码语言:javascript复制<RouterA>interface Eth-Trunk8
<RouterA>description Eth-Trunk to Peer
<RouterA>set flow-stat interval 10
<RouterA>ip address 192.168.10.2 255.255.255.252
<RouterA>trust upstream default
<RouterA>mode lacp-static
<RouterA>lacp timeout fast
验证:
代码语言:javascript复制<RouterA>display current-configuration interface 100GE6/0/0
<RouterA>display current-configuration interface Eth-Trunk8
<RouterA>display interface Eth-Trunk8
<RouterA>display lacp statistics Eth-Trunk8
ping P2P IP 以验证连接性:
代码语言:javascript复制<RouterA>ping 192.168.10.1
PING 192.168.10.1: 56 data bytes, press CTRL_C to break
Reply from 192.168.10.1: bytes=56 Sequence=1 ttl=255 time=4 ms
Reply from 192.168.10.1: bytes=56 Sequence=2 ttl=255 time=1 ms
Reply from 192.168.10.1: bytes=56 Sequence=3 ttl=255 time=1 ms
Reply from 192.168.10.1: bytes=56 Sequence=4 ttl=255 time=1 ms
Reply from 192.168.10.1: bytes=56 Sequence=5 ttl=255 time=1 ms
— 192.168.10.1 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/1/4 ms
3.配置传入策略
假设你一个允许来自邻居的默认路由
创建前缀列表以允许默认路由
代码语言:javascript复制<RouterA> ip ip-prefix DEFAULT-PREFIX index 10 permit 0.0.0.0 0
创建路由策略以匹配前缀,然后显式添加默认拒绝
代码语言:javascript复制<RouterA> route-policy DEFAULTv4 permit node 10
if-match ip-prefix DEFAULT-PREFIX
route-policy DEFAULTv4 deny node 10000
4.配置传出策略
创建前缀列表来宣告前缀
代码语言:javascript复制<RouterA> ip ip-prefix OUTPREFIX index 10 permit 172.16.1.1 32
创建路由策略以匹配前缀,然后显式添加默认拒绝
代码语言:javascript复制<RouterA>r out-policy OUTPOLICY permit node 10
if-match ip-prefix OUTPREFIX
route-policy OUTPOLICY deny node 10000
5.配置eBGP
假设对等体之间约定的MD5密码为bGP@p455w0rd
代码语言:javascript复制<RouterA>bgp 65555
router-id 172.16.1.1
graceful-restart
peer 192.168.10.1 as-number 65577
peer 192.168.10.1 description Peer BGP IPv4
peer 192.168.10.1 password cipher bGP@p455w0rd
ipv4-family unicast
undo synchronization
import-route unr
peer 192.168.10.1 enable
peer 192.168.10.1 route-policy DEFAULTv4 import
peer 192.168.10.1 route-policy OUTPOLICY export
6.验证:
代码语言:javascript复制<RouterA>display bgp all summary
<RouterA>display bgp peer
<RouterA>display bgp routing-table
<RouterA>display bgp routing-table peer 192.168.10.1 advertised-routes
<RouterA>display bgp routing-table peer 192.168.10.1 received-routes
<RouterA>display bgp routing-table peer 192.168.10.1 accepted-routes
<RouterA>display bgp routing-table peer 192.168.10.1 not-accepted-routes
样本输出:
代码语言:javascript复制<RouterA>display bgp peer
BGP local router ID : 172.16.1.1
Local AS number : 65555
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
192.168.10.1 4 65577 10359 10065 0 0071h55m Established 1
可以观察到,eBGP IPv4 邻居关系“已建立”并从 AS65577 接收到 1 个前缀,用于对等 192.168.10.1