【實驗要求】

使用 community 中的No-Export 屬性配置AS2，保證AS3與AS1通告的網(wǎng)絡之間不能互相訪問， 本實驗主要為了在多個bgp出口存在的情況下如何不把從一個AS學習的路由傳遞給其他AS。
?
? 【實驗拓撲】

?

【實驗基本配置】

R1： interface FastEthernet0/0 ip address 155.1.146.1 255.255.255.0 interface Serial0/0 ip address 155.1.13.1 255.255.255.0 clock rate 2000000 router eigrp 2 network 155.1.13.1 0.0.0.0 no auto-summary ! router bgp 2 no synchronization bgp log-neighbor-changes neighbor 155.1.13.3 remote-as 2 neighbor 155.1.13.3 next-hop-self neighbor 155.1.23.2 remote-as 2 neighbor 155.1.23.2 next-hop-self neighbor 155.1.146.4 remote-as 3 no auto-summary R2： interface Serial0/0 ip address 155.1.23.2 255.255.255.0 clock rate 2000000 interface Serial0/1 ip address 155.1.0.2 255.255.255.0 encapsulation frame-relay clock rate 2000000 frame-relay map ip 155.1.0.5 205 broadcast router eigrp 2 network 155.1.23.2 0.0.0.0 auto-summary ! router bgp 2 no synchronization bgp log-neighbor-changes neighbor 155.1.0.5 remote-as 1 neighbor 155.1.13.1 remote-as 2 neighbor 155.1.13.1 next-hop-self neighbor 155.1.23.3 remote-as 2 neighbor 155.1.23.3 next-hop-self

R3：(注意R3不用配置next-hop-self，因為它不不是邊界路由器) interface Loopback0 ip address 155.1.37.3 255.255.255.0 interface Serial0/0 ip address 155.1.13.3 255.255.255.0 clock rate 2000000 interface Serial0/1 ip address 155.1.23.3 255.255.255.0 clock rate 2000000 router eigrp 2 network 155.1.13.3 0.0.0.0 network 155.1.23.3 0.0.0.0 auto-summary ! router bgp 2 no synchronization bgp log-neighbor-changes network 155.1.37.0 mask 255.255.255.0 neighbor 155.1.13.1 remote-as 2 neighbor 155.1.23.2 remote-as 2 no auto-summary R4： interface Loopback0 ip address 204.12.1.4 255.255.255.0 ! interface FastEthernet0/0 ip address 155.1.146.4 255.255.255.0 router bgp 3 no synchronization bgp log-neighbor-changes network 204.12.1.0 neighbor 155.1.146.1 remote-as 2 no auto-summary R5： interface Loopback0 ip address 155.1.5.5 255.255.255.0 interface Serial0/0 ip address 155.1.0.5 255.255.255.0 encapsulation frame-relay clock rate 2000000 frame-relay map ip 155.1.0.2 502 broadcast router bgp 1 no synchronization bgp log-neighbor-changes network 155.1.5.0 mask 255.255.255.0 neighbor 155.1.0.2 remote-as 2 no auto-summary ?

【實驗前驗證】 驗證的目的是在同步關閉的情況下，AS1、AS2、AS3 之間通告的網(wǎng)絡都可以學習到，而且可以互相ping通 R4： R4#show ip bgp 我們看到AS3學習到了AS1和AS2通告的路由，如下高亮部分 <省略部分輸出結(jié)果> Network Next Hop Metric LocPrf Weight Path *> 155.1.5.0/24 155.1.146.1 0 2 1 i *> 155.1.37.0/24 155.1.146.1 0 2 i *> 204.12.1.0 0.0.0.0 0 32768 i
? R4： R4#ping 155.1.5.5 source 204.12.1.4 并且R4能夠ping通AS1所通告的155.1.5.5 的地址
? Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 155.1.5.5, timeout is 2 seconds: Packet sent with a source address of 204.12.1.4 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 76/100/124 ms
?

【實驗配置】

R1: route-map NO_EXPORT permit 10 set community no-export router bgp 2 neighbor 155.1.146.4 route-map NO_EXPORT in neighbor 155.1.23.2 send-community R2: route-map NO_EXPORT permit 10 set community no-export router bgp 2 neighbor 155.1.0.5 route-map NO_EXPORT in neighbor 155.1.13.1 send-community 注意：上面配置為什么是in，因為是為了讓學習到的路由進來的時候帶上no-export的標記 send community no-export 只發(fā)給邊界路由器
? 【實驗后驗證】 我們此時需要驗證，在AS1與AS3之間能否相互學習到對方通告的地址即可 R1#show ip bgp 204.12.1.0 BGP routing table entry for 204.12.1.0/24, version 4 Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to EBGP peer) Flag: 0x820 Advertised to update-groups: 2 3 3 155.1.146.4 from 155.1.146.4 (204.12.1.4) Origin IGP, metric 0, localpref 100, valid, external, best Community: no-export 我們在R1上可以看到從AS3學習到的路由帶上了 community：no-export 標記

R4#show ip bgp 我們看到AS3無法學習到了AS1所通告的路由，如下高亮部分 <省略部分輸出結(jié)果> Network Next Hop Metric LocPrf Weight Path *> 155.1.37.0/24 155.1.146.1 0 2 i *> 204.12.1.0 0.0.0.0 0 32768 i
?

轉(zhuǎn)載于:https://blog.51cto.com/haolun/992833

總結(jié)

以上是生活随笔為你收集整理的BGP no-export的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。