• Juniper BGP配置


    网络拓扑如下:

    XRV1配置

    ===========================================================

    root@XRV1# run show configuration 

    ## Last commit: 2019-03-27 13:27:33 UTC by root
    version 14.1R1.10;
    system {
    host-name XRV1;
    root-authentication {
    encrypted-password "$1$iiqdh9ru$CBQygri2MkpfgtgdGo8GO1"; ## SECRET-DATA
    }
    }
    interfaces {
    ge-0/0/0 {
    unit 0 {
    family inet {
    address 10.10.1.1/30;
    }
    family iso;
    }
    }
    ge-0/0/1 {
    unit 0 {
    family inet {
    address 10.10.1.5/30;
    }
    family iso;
    }
    }
    ge-0/0/2 {
    unit 0 {
    family inet {
    address 10.201.1.1/30;
    }
    }
    }
    lo0 {
    unit 0 {
    family inet {
    address 192.168.1.1/32;
    }
    family iso {
    address 49.0000.1921.6811.00;
    }
    }
    }
    }
    routing-options {
    router-id 192.168.1.1;
    autonomous-system 65001;
    }
    protocols {
    bgp {
    group ibgp {
    type internal;
    local-address 192.168.1.1;
    neighbor 192.168.1.2 {
    export as65002_to_as65001;
    }
    neighbor 192.168.1.3 {
    export as65002_to_as65001;
    }
    }
    group ebgp {
    type external;
    neighbor 10.201.1.2 {
    peer-as 65002;
    }
    }
    }
    isis {
    interface ge-0/0/0.0 {
    level 1 disable;
    }
    interface ge-0/0/1.0 {
    level 1 disable;
    }
    interface lo0.0;
    }
    }
    policy-options {
    prefix-list as65002_import {
    10.123.1.0/24;
    10.123.2.0/24;
    10.123.3.0/24;
    10.123.4.0/24;
    10.123.5.0/24;
    10.123.6.0/24;
    10.123.7.0/24;
    10.178.1.0/24;
    10.178.2.0/24;
    10.178.3.0/24;
    10.178.4.0/24;
    10.178.5.0/24;
    10.178.6.0/24;
    10.178.7.0/24;
    10.178.8.0/24;
    }
    policy-statement as65002_to_as65001 {
    from {
    prefix-list as65002_import;
    }
    then {
    next-hop self;
    }
    }
    }

    [edit]
    root@XRV1#

    XRV2配置

    ===========================================================

    root@XRV2# run show configuration
    ## Last commit: 2019-03-27 13:38:59 UTC by root
    version 14.1R1.10;
    system {
    host-name XRV2;
    root-authentication {
    encrypted-password "$1$iiqdh9ru$CBQygri2MkpfgtgdGo8GO1"; ## SECRET-DATA
    }
    }
    interfaces {
    ge-0/0/0 {
    unit 0 {
    family inet {
    address 10.10.1.2/30;
    }
    family iso;
    }
    }
    ge-0/0/1 {
    unit 0 {
    family inet {
    address 10.10.1.9/30;
    }
    family iso;
    }
    }
    ge-0/0/2 {
    unit 0 {
    family inet {
    address 10.201.1.6/30;
    }
    }
    }
    lo0 {
    unit 0 {
    family inet {
    address 192.168.1.2/32;
    }
    family iso {
    address 49.0000.1921.6812.00;
    }
    }
    }
    }
    routing-options {
    router-id 192.168.1.2;
    autonomous-system 65001;
    }
    protocols {
    bgp {
    group ibgp {
    type internal;
    local-address 192.168.1.2;
    neighbor 192.168.1.1 {
    export as65002_to_as65001;
    }
    neighbor 192.168.1.3 {
    export as65002_to_as65001;
    }
    }
    group ebgp {
    type external;
    neighbor 10.201.1.5 {
    peer-as 65002;
    }
    }
    }
    isis {
    interface ge-0/0/0.0 {
    level 1 disable;
    }
    interface ge-0/0/1.0 {
    level 1 disable;
    }
    interface lo0.0;
    }
    }
    policy-options {
    prefix-list as65002_import {
    10.123.1.0/24;
    10.123.2.0/24;
    10.123.3.0/24;
    10.123.4.0/24;
    10.123.5.0/24;
    10.123.6.0/24;
    10.123.7.0/24;
    10.178.1.0/24;
    10.178.2.0/24;
    10.178.3.0/24;
    10.178.4.0/24;
    }
    policy-statement as65002_to_as65001 {
    from {
    prefix-list as65002_import;
    }
    then {
    next-hop self;
    }
    }
    }

    [edit protocols bgp group ibgp]
    root@XRV2#

    L3-SW配置

    ===========================================================

    L3-SW#show running-config
    Building configuration...

    Current configuration : 6662 bytes
    !
    ! Last configuration change at 13:30:46 UTC Wed Mar 27 2019
    !
    version 15.2
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    service compress-config
    !
    hostname L3-SW
    !
    boot-start-marker
    boot-end-marker
    !
    !
    !
    no aaa new-model
    !
    !
    !
    !
    !
    !
    !
    !
    no ip domain-lookup
    ip cef
    no ipv6 cef
    !
    !
    !
    spanning-tree mode rapid-pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface Loopback0
    ip address 192.168.1.3 255.255.255.255
    ip router isis 1
    !
    interface GigabitEthernet0/0
    switchport access vlan 100
    media-type rj45
    negotiation auto
    !
    interface GigabitEthernet0/1
    switchport access vlan 200
    media-type rj45
    negotiation auto
    !
    interface GigabitEthernet0/2
    switchport trunk encapsulation dot1q
    media-type rj45
    negotiation auto
    !
    interface GigabitEthernet0/3
    media-type rj45
    negotiation auto
    !
    interface Vlan1
    ip address 10.158.1.254 255.255.255.0
    !
    interface Vlan2
    ip address 10.158.2.254 255.255.255.0
    !
    interface Vlan3
    ip address 10.158.3.254 255.255.255.0
    !
    interface Vlan4
    ip address 10.158.4.254 255.255.255.0
    !
    interface Vlan5
    ip address 10.158.5.254 255.255.255.0
    !
    interface Vlan6
    ip address 10.158.6.254 255.255.255.0
    !
    interface Vlan7
    ip address 10.158.7.254 255.255.255.0
    !
    interface Vlan8
    ip address 10.158.8.254 255.255.255.0
    !
    interface Vlan9
    ip address 10.158.9.254 255.255.255.0
    !
    interface Vlan10
    ip address 10.158.10.254 255.255.255.0
    !
    interface Vlan11
    ip address 10.158.11.254 255.255.255.0
    !
    interface Vlan12
    ip address 10.158.12.254 255.255.255.0
    !
    interface Vlan13
    ip address 10.158.13.254 255.255.255.0
    !
    interface Vlan14
    ip address 10.158.14.254 255.255.255.0
    !
    interface Vlan15
    ip address 10.158.15.254 255.255.255.0
    !
    interface Vlan16
    ip address 10.158.16.254 255.255.255.0
    !
    interface Vlan17
    ip address 10.133.1.254 255.255.255.0
    !
    interface Vlan18
    ip address 10.133.2.254 255.255.255.0
    !
    interface Vlan19
    ip address 10.133.3.254 255.255.255.0
    !
    interface Vlan20
    ip address 10.133.4.254 255.255.255.0
    !
    interface Vlan21
    ip address 10.133.5.254 255.255.255.0
    !
    interface Vlan22
    ip address 10.133.6.254 255.255.255.0
    !
    interface Vlan23
    ip address 10.133.7.254 255.255.255.0
    !
    interface Vlan24
    ip address 10.133.8.254 255.255.255.0
    !
    interface Vlan25
    ip address 10.133.9.254 255.255.255.0
    !
    interface Vlan26
    ip address 10.133.10.254 255.255.255.0
    !
    interface Vlan27
    ip address 10.133.11.254 255.255.255.0
    !
    interface Vlan28
    ip address 10.133.12.254 255.255.255.0
    !
    interface Vlan29
    ip address 10.133.13.254 255.255.255.0
    !
    interface Vlan30
    ip address 10.133.14.254 255.255.255.0
    !
    interface Vlan31
    ip address 10.133.15.254 255.255.255.0
    !
    interface Vlan32
    ip address 10.133.16.254 255.255.255.0
    !
    interface Vlan100
    ip address 10.10.1.6 255.255.255.252
    ip router isis 1
    isis circuit-type level-2-only
    !
    interface Vlan200
    ip address 10.10.1.10 255.255.255.252
    ip router isis 1
    isis circuit-type level-2-only
    !
    router isis 1
    net 49.0000.1921.6813.00
    is-type level-2-only
    !
    router bgp 65001
    bgp router-id 192.168.1.3
    bgp log-neighbor-changes
    bgp graceful-restart restart-time 120
    bgp graceful-restart stalepath-time 360
    bgp graceful-restart
    network 10.133.1.0 mask 255.255.255.0
    network 10.133.2.0 mask 255.255.255.0
    network 10.133.3.0 mask 255.255.255.0
    network 10.133.4.0 mask 255.255.255.0
    network 10.133.5.0 mask 255.255.255.0
    network 10.133.6.0 mask 255.255.255.0
    network 10.133.7.0 mask 255.255.255.0
    network 10.133.8.0 mask 255.255.255.0
    network 10.133.9.0 mask 255.255.255.0
    network 10.133.10.0 mask 255.255.255.0
    network 10.133.11.0 mask 255.255.255.0
    network 10.133.12.0 mask 255.255.255.0
    network 10.133.13.0 mask 255.255.255.0
    network 10.133.14.0 mask 255.255.255.0
    network 10.133.15.0 mask 255.255.255.0
    network 10.133.16.0 mask 255.255.255.0
    network 10.158.1.0 mask 255.255.255.0
    network 10.158.2.0 mask 255.255.255.0
    network 10.158.3.0 mask 255.255.255.0
    network 10.158.4.0 mask 255.255.255.0
    network 10.158.5.0 mask 255.255.255.0
    network 10.158.6.0 mask 255.255.255.0
    network 10.158.7.0 mask 255.255.255.0
    network 10.158.8.0 mask 255.255.255.0
    network 10.158.9.0 mask 255.255.255.0
    network 10.158.10.0 mask 255.255.255.0
    network 10.158.11.0 mask 255.255.255.0
    network 10.158.12.0 mask 255.255.255.0
    network 10.158.13.0 mask 255.255.255.0
    network 10.158.14.0 mask 255.255.255.0
    network 10.158.15.0 mask 255.255.255.0
    network 10.158.16.0 mask 255.255.255.0
    neighbor 192.168.1.1 remote-as 65001
    neighbor 192.168.1.1 update-source Loopback0
    neighbor 192.168.1.2 remote-as 65001
    neighbor 192.168.1.2 update-source Loopback0
    !
    ip forward-protocol nd
    !
    no ip http server
    no ip http secure-server

    XRV3配置

    ===========================================================

    root@XRV3# run show configuration
    ## Last commit: 2019-03-27 13:48:14 UTC by root
    version 14.1R1.10;
    system {
    host-name XRV3;
    root-authentication {
    encrypted-password "$1$iiqdh9ru$CBQygri2MkpfgtgdGo8GO1"; ## SECRET-DATA
    }
    }
    interfaces {
    ge-0/0/0 {
    unit 0 {
    family inet {
    address 10.10.2.1/30;
    }
    family iso;
    }
    }
    ge-0/0/1 {
    unit 0 {
    family inet {
    address 10.201.1.2/30;
    }
    }
    }
    ge-0/0/2 {
    unit 0 {
    family inet {
    address 10.10.2.5/30;
    }
    family iso;
    }
    }
    lo0 {
    unit 0 {
    family inet {
    address 192.168.1.3/32;
    }
    family iso {
    address 49.0000.1921.6813.00;
    }
    }
    }
    }
    routing-options {
    router-id 192.168.1.3;
    autonomous-system 65002;
    }
    protocols {
    bgp {
    group ebgp {
    type external;
    neighbor 10.201.1.1 {
    peer-as 65001;
    }
    }
    group ibgp {
    type internal;
    local-address 192.168.1.3;
    neighbor 192.168.1.4 {
    export as65001_to_as65002;
    }
    neighbor 192.168.1.5 {
    export as65001_to_as65002;
    }
    }
    }
    isis {
    interface ge-0/0/0.0 {
    level 1 disable;
    }
    interface ge-0/0/2.0 {
    level 1 disable;
    }
    interface lo0.0;
    }
    }
    policy-options {
    prefix-list as65001_export {
    10.133.1.0/24;
    10.133.2.0/24;
    10.133.3.0/24;
    10.133.4.0/24;
    10.133.5.0/24;
    10.133.6.0/24;
    10.133.7.0/24;
    10.133.8.0/24;
    10.133.9.0/24;
    10.133.10.0/24;
    10.133.11.0/24;
    10.133.12.0/24;
    10.133.13.0/24;
    10.133.14.0/24;
    10.133.15.0/24;
    10.133.16.0/24;
    10.158.1.0/24;
    10.158.2.0/24;
    10.158.3.0/24;
    10.158.4.0/24;
    10.158.5.0/24;
    10.158.6.0/24;
    10.158.7.0/24;
    10.158.8.0/24;
    10.158.9.0/24;
    10.158.10.0/24;
    10.158.11.0/24;
    10.158.12.0/24;
    10.158.13.0/24;
    10.158.14.0/24;
    10.158.15.0/24;
    10.158.16.0/24;
    }
    policy-statement as65001_to_as65002 {
    from {
    prefix-list as65001_export;
    }
    then {
    next-hop self;
    }
    }
    }

    XRV4配置

    ===========================================================

    root@XRV4# run show configuration 
    ## Last commit: 2019-03-27 13:48:24 UTC by root
    version 14.1R1.10;
    system {
    host-name XRV4;
    root-authentication {
    encrypted-password "$1$iiqdh9ru$CBQygri2MkpfgtgdGo8GO1"; ## SECRET-DATA
    }
    }
    interfaces {
    ge-0/0/0 {
    unit 0 {
    family inet {
    address 10.10.2.2/30;
    }
    family iso;
    }
    }
    ge-0/0/1 {
    unit 0 {
    family inet {
    address 10.201.1.5/30;
    }
    }

    ge-0/0/2 {
    unit 0 {
    family inet {
    address 10.10.2.10/30;
    }
    family iso;
    }
    }
    lo0 {
    unit 0 {
    family inet {
    address 192.168.1.4/32;
    }
    family iso {
    address 49.0000.1921.6814.00;
    }
    }
    }
    }
    routing-options {
    router-id 192.168.1.4;
    autonomous-system 65002;

    protocols {
    bgp {
    group ebgp {
    type external;
    neighbor 10.201.1.6 {
    peer-as 65001;
    }
    }
    group ibgp {
    type internal;
    local-address 192.168.1.4;
    neighbor 192.168.1.3 {
    export as65001_to_as65002;
    }
    neighbor 192.168.1.5 {
    export as65001_to_as65002;
    }
    }
    }
    isis {
    interface ge-0/0/0.0 {
    level 1 disable;

    interface ge-0/0/2.0 {
    level 1 disable;
    }
    interface lo0.0;
    }
    }
    policy-options {
    prefix-list as65001_export {
    10.133.1.0/24;
    10.133.2.0/24;
    10.133.3.0/24;
    10.133.4.0/24;
    10.133.5.0/24;
    10.133.6.0/24;
    10.133.7.0/24;
    10.133.8.0/24;
    10.133.9.0/24;
    10.133.10.0/24;
    10.133.11.0/24;
    10.133.12.0/24;
    10.133.13.0/24;
    10.133.14.0/24;
    10.133.15.0/24; 
    10.133.16.0/24;
    10.158.1.0/24;
    10.158.2.0/24;
    10.158.3.0/24;
    10.158.4.0/24;
    10.158.5.0/24;
    10.158.6.0/24;
    10.158.7.0/24;
    10.158.8.0/24;
    10.158.9.0/24;
    10.158.10.0/24;
    10.158.11.0/24;
    10.158.12.0/24;
    10.158.13.0/24;
    10.158.14.0/24;
    10.158.15.0/24;
    10.158.16.0/24;
    }
    policy-statement as65001_to_as65002 {
    from {
    prefix-list as65001_export;
    }
    then { 
    next-hop self;
    }
    }
    }

    [edit protocols bgp group ibgp]
    root@XRV4#

  • 相关阅读:
    Java8新特性之lambda表达式
    查询数据库存在特殊列字段的所有表的表名和字段名
    BigDecimal相关整理
    MyBatis正在爬的坑
    Java面试题整理
    qs库的使用
    配置proxy解决跨域问题
    PDF.js 使用方式
    HTML转义以及防止JS注入攻击
    jquery ajax跨域回调
  • 原文地址:https://www.cnblogs.com/networking/p/10611402.html
Copyright © 2020-2023  润新知