ex4550与防火墙旁路BGP牵引配置
创建as域及对端
set routing-options autonomous-system 65533
set protocols bgp group ebgp type external
set protocols bgp group ebgp neighbor 10.0.0.2 multihop
set protocols bgp group ebgp neighbor 10.0.0.2 import bgp_permit
set protocols bgp group ebgp neighbor 10.0.0.2 export bgp_deny
set protocols bgp group ebgp neighbor 10.0.0.2 peer-as 65534
编写需要发布/不发布的路由,需要引入的路由。
set policy-options policy-statement bgp_deny term 1 from route-filter 0.0.0.0/0 orlonger
set policy-options policy-statement bgp_deny term 1 then reject
set policy-options policy-statement bgp_permit term 1 from route-filter 1.0.0.0/24 upto /32
set policy-options policy-statement bgp_permit term 1 then accept
set policy-options policy-statement bgp_permit term 2 then reject
创建策略路由指定回注端口。
set firewall family inet filter zzidcip term pass from destination-address 1.0.0.0/24
set firewall family inet filter zzidcip term pass then routing-instance zzidcip
set firewall family inet filter zzidcip term 1 then accept
set routing-instances zzidcip instance-type forwarding
set routing-instances zzidcip routing-options static route 0.0.0.0/0 next-hop 172.31.4.5
主策略路由内引入附表 。
set routing-options rib-groups celve import-rib zzidcip.inet.0
端口应用策略路由。
set interfaces xe-0/0/20 unit 0 family inet filter input zzidcip
set interfaces xe-0/0/20 unit 0 family inet address 10.0.0.1/30
通过show bgp summary查看bgp状态