Lab - Configuring BGP with Default Routing

Topology

Objectives
• Configure BGP to exchange routing information with two ISPs.

Step 1: Prepare the routers for the lab.
Cable the network as shown in the topology diagram. Erase the startup configuration and reload each router to clear previous configurations.

Step 2: Configure the hostname and interface addresses.
a. Assign the routers hostnames. Using the addressing scheme in the diagram, create the loopback interfaces and apply IP addresses to these and the serial interfaces on ISP1 (R1), ISP2 (R3), and ITA (R2). The ISP loopbacks simulate real networks that can be reached through the ISP. The two loopbacks for the ITA router simulate the connections between the ITA boundary router and their core routers.

Step 3: Configure BGP on the ISP routers.
On the ISP1 and ISP2 routers, configure BGP to peer with the ITA boundary router and advertise the ISP loopback networks.
ISP1(config)# router bgp 200
ISP1(config-router)# neighbor 10.0.0.2 remote-as 100
ISP1(config-router)# network 10.1.1.0 mask 255.255.255.0

ISP2(config)# router bgp 300
ISP2(config-router)# neighbor 172.16.0.2 remote-as 100
ISP2(config-router)# network 172.16.1.0 mask 255.255.255.0

Step 4: Configure BGP on the ITA boundary router.
a. Configure the ITA router to run BGP with both Internet providers.

ITA(config)# router bgp 100
ITA(config-router)# neighbor 10.0.0.1 remote-as 200
ITA(config-router)# neighbor 172.16.0.1 remote-as 300
ITA(config-router)# network 192.168.0.0
ITA(config-router)# network 192.168.1.0

b. To verify the configuration, check the ITA routing table with the show ip route command.

ITA(config-router)#do show ip route bgp
     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:00:59
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:00:59

c. Run the following Tcl script on all routers to verify connectivity If these pings are not successful, troubleshoot.

foreach address {
10.0.0.1
10.0.0.2
10.1.1.1
172.16.0.1
172.16.0.2
172.16.1.1
192.168.0.1
192.168.1.1
} {
ping $address }

ITA#tclsh
ITA(tcl)#foreach address {
+>10.0.0.1
+>10.0.0.2
+>10.1.1.1
+>172.16.0.1
+>172.16.0.2
+>172.16.1.1
+>192.168.0.1
+>192.168.1.1
+>} {
+>ping $address }

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/35/52 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/62/68 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/26/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/21/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/60/64 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/36 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

Step 5: Verify BGP on the routers.

ITA#show ip bgp
BGP table version is 5, local router ID is 192.168.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network          Next Hop            Metric LocPrf Weight Path
*> 10.1.1.0/24      10.0.0.1                 0             0 200 i
*> 172.16.1.0/24    172.16.0.1               0             0 300 i
*> 192.168.0.0      0.0.0.0                  0         32768 i
*> 192.168.1.0      0.0.0.0                  0         32768 i

An asterisk (*) next to a route indicates that it is valid.

An angle bracket (>) indicates that the route has been selected as the best route.

c. On the ISP1 router, issue the shutdown command on Loopback0. Then on ITA, issue the show ip bgp command again.

ITA#show ip bgp
BGP table version is 6, local router ID is 192.168.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.1.0/24    172.16.0.1               0             0 300 i
*> 192.168.0.0      0.0.0.0                  0         32768 i
*> 192.168.1.0      0.0.0.0                  0         32768 i

没有了10.1.1.0/24 这条路由。

d. On ITA, issue the show ip bgp neighbors command.

ITA#show ip bgp neighbors
BGP neighbor is 10.0.0.1remote AS 200, external link
  BGP version 4, remote router ID 10.1.1.1
  BGP state = Established, up for 00:12:18
  Last read 00:00:18, last write 00:00:18, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
    Route refresh: advertised and received(old & new)
    Address family IPv4 Unicast: advertised and received
  Message statistics:
    InQ depth is 0
    OutQ depth is 0
                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                5          3
    Keepalives:            14         14
    Route Refresh:          0          0
    Total:                 20         18
  Default minimum time between advertisement runs is 30 seconds

For address family: IPv4 Unicast
  BGP table version 7, neighbor version 7/0
  Output queue size: 0
  Index 1, Offset 0, Mask 0x2
  1 update-group member
                                 Sent       Rcvd
  Prefix activity:               ----       ----
    Prefixes Current:               4          1 (Consumes 52 bytes)
    Prefixes Total:                 5          2
    Implicit Withdraw:              0          0
    Explicit Withdraw:              1          1
    Used as bestpath:             n/a          1
    Used as multipath:            n/a          0

Outbound    Inbound
  Local Policy Denied Prefixes:    --------    -------
    Total:                                0          0
  Number of NLRIs in the update sent: max 2, min 0

Connections established 1; dropped 0
  Last reset never
Connection state is ESTAB, I/O status: 1, unread input bytes: 0            
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
Local host: 10.0.0.2, Local port: 179
Foreign host: 10.0.0.1, Foreign port: 32194
Connection tableid (VRF): 0

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0x1B3078):
Timer          Starts    Wakeups            Next
Retrans            18          0             0x0
TimeWait            0          0             0x0
AckHold            18          2             0x0
SendWnd             0          0             0x0
KeepAlive           0          0             0x0
GiveUp              0          0             0x0
PmtuAger            0          0             0x0
DeadWait            0          0             0x0
Linger              0          0             0x0
ProcessQ            0          0             0x0

iss: 1790198363  snduna: 1790198899  sndnxt: 1790198899     sndwnd:  15849
irs: 2181555036  rcvnxt: 2181555479  rcvwnd:      15942  delrcvwnd:    442
          
SRTT: 273 ms, RTTO: 490 ms, RTV: 217 ms, KRTT: 0 ms
minRTT: 20 ms, maxRTT: 300 ms, ACK hold: 200 ms
Status Flags: passive open, gen tcbs
Option Flags: nagle
IP Precedence value : 6

Datagrams (max data segment is 1460 bytes):
Rcvd: 35 (out of order: 0), with data: 18, total data bytes: 442
Sent: 23 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 20, total data bytes: 535
 Packets received in fast path: 0, fast processed: 0, slow path: 0
 Packets send in fast path: 0
 fast lock acquisition failures: 0, slow path: 0

Step 6: Configure route filters.

a. Check the ISP2 routing table using the show ip route command. ISP2 should have a route that belongs to ISP1, network 10.1.1.0.

ISP2#show ip route bgp
     10.0.0.0/24 is subnetted, 1 subnets
B       10.1.1.0 [20/0] via 172.16.0.2, 00:06:59
B    192.168.0.0/24 [20/0] via 172.16.0.2, 00:17:02
B    192.168.1.0/24 [20/0] via 172.16.0.2, 00:17:02

If ITA advertises a route belonging to ISP1, ISP2 installs that route in its table.

ISP2 might then attempt to route transit traffic through the ITA. Configure the ITA router so that it advertises only ITA networks 192.168.0.0 and 192.168.1.0 to both providers.

b. On the ITA router, configure the following access list.

ITA(config)# access-list 1 permit 192.168.0.0 0.0.1.255

c. Apply this access list as a route filter using the distribute-list keyword with the BGP neighbor statement.
ITA(config)# router bgp 100
ITA(config-router)# neighbor 10.0.0.1 distribute-list 1 out
ITA(config-router)# neighbor 172.16.0.1 distribute-list 1 out

d. Return to ITA and issue the clear ip bgp * command. Wait until the routers reach the established state, which might take several seconds, and then recheck the ISP2 routing table. The route to ISP1, network 10.1.1.0, should no longer be in the routing table for ISP2, and the route to ISP2, network 172.16.1.0, should not be in the routing table for ISP1.
ITA# clear ip bgp *
ITA#
*Mar 4 14:45:28.091: %BGP-5-ADJCHANGE: neighbor 10.0.0.1 Down User reset
*Mar 4 14:45:28.091: %BGP-5-ADJCHANGE: neighbor 172.16.0.1 Down User reset
*Mar 4 14:45:31.151: %BGP-5-ADJCHANGE: neighbor 172.16.0.1 Up
*Mar 4 14:45:47.095: %BGP-5-ADJCHANGE: neighbor 10.0.0.1 Up

ISP1#show ip route | b Ga
Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       10.1.1.0/24 is directly connected, Loopback0
C       10.0.0.0/30 is directly connected, Serial1/0
B    192.168.0.0/24 [20/0] via 10.0.0.2, 00:01:59
B    192.168.1.0/24 [20/0] via 10.0.0.2, 00:01:59

ISP2#show ip route | b Ga  
Gateway of last resort is not set

172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial1/1
C       172.16.1.0/24 is directly connected, Loopback0
B    192.168.0.0/24 [20/0] via 172.16.0.2, 00:03:02
B    192.168.1.0/24 [20/0] via 172.16.0.2, 00:03:02

Step 7: Configure primary and backup routes using floating static routes.

With bidirectional communication established with each ISP via BGP, configure the primary and backup routes. This can be done with floating static routes or BGP.

a.

ITA#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial1/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:24:53
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:14:50
C       10.0.0.0/30 is directly connected, Serial1/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1

Notice that there is no gateway of last resort defined. This is a problem because ITA is the border router for the corporate network.

b. Configure static routes to reflect the policy that ISP1 is the primary provider and that ISP2 acts as the backup by specifying a lower distance metric for the route to ISP1 (210) as compared to the backup route to ISP2 (distance metric 220).
ITA(config)# ip route 0.0.0.0 0.0.0.0 10.0.0.1 210
ITA(config)# ip route 0.0.0.0 0.0.0.0 172.16.0.1 220

ITA#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.0.1 to network 0.0.0.0

172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial1/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:27:53
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:17:50
C       10.0.0.0/30 is directly connected, Serial1/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
S*   0.0.0.0/0 [210/0] via 10.0.0.1

c. Test this default route by creating an unadvertised loopback on the router for ISP1.
ISP1# config t
ISP1(config)# interface loopback 100
ISP1(config-if)# ip address 192.168.100.1 255.255.255.0

Step 8: Configure primary and backup routes using a default network and a static route.

Another method for configuring primary and backup routes is to use the ip default-network command instead of a 0.0.0.0/0 route.

a. Remove the floating static routes configured in Step 7.
ITA(config)# no ip route 0.0.0.0 0.0.0.0 10.0.0.1 210
ITA(config)# no ip route 0.0.0.0 0.0.0.0 172.16.0.1 220

b. The network that was added in Step 7, 192.168.100.0/24, should now be advertised on the ISP1 router. You might need to wait a few moments for BGP to advertise the new network.
ISP1(config)# router bgp 200
ISP1(config-router)# network 192.168.100.0
ISP1(config-router)# end

c. On the ITA router, configure the ip default-network statement to reestablish a gateway of last resort.
ITA(config)# ip default-network 192.168.100.0

ITA#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.0.1 to network 192.168.100.0

172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial1/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:36:10
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:26:07
C       10.0.0.0/30 is directly connected, Serial1/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
B*   192.168.100.0/24 [20/0] via 10.0.0.1, 00:01:05

Note: The behavior of this command is oriented toward legacy classful protocols and should be used only with classful networks.

d. Make ISP2 the backup ISP by adding a backup route on ITA to ISP2 serial 0/0/1 interface 172.16.0.1.

ITA(config)# ip route 0.0.0.0 0.0.0.0 172.16.0.1 220

EBGP learned routes have an administrative distance of 20 and are preferred over any routes with an administrative distance greater than 20, such as the default route defined above with an administrative distance of 220. The default route acts as a backup if the 192.168.100.0 /24 network is unavailable because of a fault or misconfiguration, or during the short period after a clear ip bgp 10.0.0.1 command is issued.

Note: Another option for setting up default routing is to inject a default route via BGP. The following example configures the ISP1 router to inject a default route to itself that can be used by the ITA router:
ISP1(config)# router bgp 200
ISP1(config-router)# neighbor 10.0.0.2 default-originate

时间: 2024-10-07 07:54:10

Lab - Configuring BGP with Default Routing的相关文章

LAB - CCNP BGP Case Study

Topology Objectives: Plan, design, and implement the internation Travel Agency core network. Plan, design, nad implement the Travel Data Providers netwrok. Allow the networks to communicate via BGP. Verify that all implementations are operational and

ASP.NET Routing

ASP.NET Routing Other Versions ASP.NET routing enables you to use URLs that do not have to map to specific files in a Web site. Because the URL does not have to map to a file, you can use URLs that are descriptive of the user's action and therefore a

如何使用 Quagga BGP(边界网关协议)路由器来过滤 BGP 路由

在之前的文章中,我们介绍了如何使用 Quagga 将 CentOS 服务器变成一个 BGP 路由器,也介绍了 BGP 对等体和前缀交换设置.在本教程中,我们将重点放在如何使用前缀列表prefix-list和路由映射route-map来分别控制数据注入和数据输出. 之前的文章已经说过,BGP 的路由判定是基于前缀的收取和前缀的广播.为避免错误的路由,你需要使用一些过滤机制来控制这些前缀的收发.举个例子,如果你的一个 BGP 邻居开始广播一个本不属于它们的前缀,而你也将错就错地接收了这些不正常前缀,

A Quick Introduction to Linux Policy Routing

A Quick Introduction to Linux Policy Routing 29 May 2013 In this post, I’m going to introduce you to policy routing as implemented in recent versions of Ubuntu Linux (and possibly other Linux distributions as well, but I’ll be using Ubuntu 12.04 LTS)

Introduction to BGP (1)

1. Border Gateway Protocol advertises , learns , and choosed the best paths inside the global Internet.When two ISPs connect , they typically use BGP to exchanges routing information. Enterprises sometimes use BGP to exchange routing information with

BGP - 5,BGP属性

metric,自己决定去哪个EBGP邻居 local-pre,影响AS内部IBGP邻居的路由决策 med,影响AS外部EBGP邻居的路由决策 1,BGP属性 公认传递(well-known mandatory ):必须支持,而且必须包含,包括as-path,next-hop,origin 公认非传递(well-known discretionary):必须支持,但是可以不包含,包括local-preference 可选传递(optional transitive ):可以不支持,但是必须往下传,

CISCO Configuration Examples and TechNotes

from:  http://www.cisco.com/c/en/us/tech/ip/ip-routing/tech-configuration-examples-list.html Border Gateway Protocol (BGP) Adjust Administrative Distance for Route Selection in Cisco IOS Routers Configuration Example Allowas-in Feature in BGP Configu

linux 下的软路由zebra 安装使用

一.安安装zebra Configuring RIP with  Quagga Routing Suite in Fedora 1.download quagga quagga-0.99.16.tar.gz 2.解压缩  #tar zxvf quagga-0.99.16.tar.gz 3.配置  # cd quagga-0.99.16  # ./configure --prefix=/usr/local/zebra --enable-vtysh --enable-user=root --enab

VDOM

1.什么是VDOM? Virtual Domain 2.VDOM之间如何连接和通信? Configuring VDOM links   Inter-VDOM routing   3.为什么需要VDOM links? VDOM link 起到什么作用? VDOM links are a way of connecting VDOMs (virtual firewalls) within a FortiGate without the need to use external physical po