docEsercitazione BGP 29-05-2009
download 
Reclamo Transcript
Esercitazione BGP 29-05-2009
Esercitazione BGP 29-05-2009 • Configurazione del processo BGP: • router bgp ASN • il comando abilita il BGP per uno specifico AS • bgp router-id A.B.C.D • il comando indica il router-id che verrà utilizzato dal processo • se non è settato viene scelto per defalut l’indirizzo più alto • distance bgp <1-255> <1-255> <1-255> • il comando indica la distanza BGP per external routes, internal routes and local routes • network A.B.C.D/M • annuncia la network a tutti i neighbors Esercitazione BGP 29-05-2009 • Route Aggregation: •aggregate-address A.B.C.D/M • permette di specificare un indirizzo aggregato • aggregate-address A.B.C.D/M as-set • viene aggiunta l’informazione sugli AS • aggregate-address A.B.C.D/M summary-only • il comando fa annuncia solo le rotte aggregate gli annnunci specifici vengono filtrati Esercitazione BGP 29-05-2009 • Redistribute to BGP: • redistribute kernel • redistribute static • redistribute connected • redistribute rip • redistribute ospf • i comandi permettono di redistribuire le rotte apprese in BGP Esercitazione BGP 29-05-2009 • Peer Filtering: •neighbor peer distribute-list name [in|out] •This command specifies a distribute-list for the peer. direct is in or out. •neighbor peer prefix-list name [in|out] •neighbor peer filter-list name [in|out] •neighbor peer route-map name [in|out] ••Apply a route-map on the neighbor. direct must be in or out. • IP Prefix List • ip prefix-list name (permit|deny) prefix • ip prefix-list name seq number (permit|deny) prefix 160.10.1.0/16 160.20.1.0/16 .100 / eth0 .100 / eth0 .1 / eth1 .1/ eth0 Router A HostB HostA .2 / eth0 AS 100 Router B AS 300 .3/ eth0 .1 / eth2 .1 / eth0 AS 200 .1 / eth1 Router C .1 / eth2 160.30.1.0/16 .100 / eth0 .4 / eth0 .1 / eth3 .5 / eth0 Router E HostE .6 / eth1 .1 / eth2 .1 / eth2 Router D .1 / eth1 HostD 180.20.1.0/16 .100 / eth0 .100 / eth0 180.30.1.0/16 AS 500 HostF AS 400 Configurazioni AS 100 hostname RouterA password zebra enable password zebra ! ! Interface's description. ! interface lo description Loopback ip address 127.0.0.1/8 interface eth0 description Verso AS 300 ip address 2.2.2.2/8 interface eth1 description Entro l'AS ip address 160.20.1.1/16 interface eth2 description Verso AS 500 ip address 5.5.5.1/8 ! ! ! Static default route sample. ! !ip route 0.0.0.0/0 203.181.89.241 ! log file /var/log/zebra/zebra.log ! hostname bgpd password zebra enable password zebra ! router bgp 100 network 160.20.0.0 neighbor 2.2.2.1 remote-as 300 neighbor 5.5.5.5 remote-as 500 redistribute connected log file /var/log/zebra/bgpd.log ! debug bgp debug bgp events debug bgp filters debug bgp fsm debug bgp keepalives debug bgp updates ! hostname HostA password zebra enable password zebra ! ! Interface's description. ! interface lo description Loopback ip address 127.0.0.1/8 interface eth0 description Verso il router ip address 160.20.1.100/16 !Static default route. ip route 0.0.0.0/0 160.20.1.1 log file /var/log/zebra/zebra.log Configurazioni AS 200 hostname RouterB password zebra enable password zebra ! ! Interface's description. ! interface lo description Loopback ip address 127.0.0.1/8 interface eth0 description Verso AS 300 ip address 3.3.3.3/8 interface eth1 description Verso interno ip address 160.10.1.1/16 ! ! ! Static default route sample. ! !ip route 0.0.0.0/0 203.181.89.241 ! log file /var/log/zebra/zebra.log ! hostname bgpd password zebra enable password zebra ! router bgp 200 network 160.10.0.0 neighbor 3.3.3.1 remote-as 300 ! log file /var/log/zebra/bgpd.log ! debug bgp debug bgp events debug bgp filters debug bgp fsm debug bgp keepalives debug bgp updates ! hostname HostB password zebra enable password zebra ! ! Interface's description. ! interface lo description Loopback ip address 127.0.0.1/8 interface eth0 description Verso il router ip address 160.10.1.100/16 ! Static default route sample. ip route 0.0.0.0/0 160.10.1.1 log file /var/log/zebra/zebra.log Configurazioni AS 400 hostname RouterD password zebra enable password zebra ! ! Interface's description. ! interface lo description Loopback ip address 127.0.0.1/8 interface eth0 description Verso AS 300 ip address 4.4.4.4/8 interface eth1 description Verso interno ip address 180.30.1.1/16 interface eth2 description Verso AS 500 ip address 6.6.6.1/8 ! ! ! Static default route sample. ! !ip route 0.0.0.0/0 203.181.89.241 ! log file /var/log/zebra/zebra.log !hostname bgpd password zebra enable password zebra ! router bgp 400 network 180.30.0.0 neighbor 4.4.4.1 remote-as 300 neighbor 6.6.6.6 remote-as 500 redistribute connected ! log file /var/log/zebra/bgpd.log ! debug bgp debug bgp events debug bgp filters debug bgp fsm debug bgp keepalives debug bgp updates ! hostname HostD password zebra enable password zebra ! ! Interface's description. ! interface lo description Loopback ip address 127.0.0.1/8 interface eth0 description Verso il router ip address 180.30.1.100/16 !Static default route. ip route 0.0.0.0/0 180.30.1.1 log file /var/log/zebra/zebra.log Configurazioni AS 300 hostname RouterC password zebra enable password zebra ! ! Interface's description. ! interface lo description Loopback ip address 127.0.0.1/8 interface eth0 description Verso AS 100 ip address 2.2.2.1/8 interface eth1 description Verso AS 200 ip address 3.3.3.1/8 interface eth2 description Verso AS 400 ip address 4.4.4.1/8 ! ! ! Static default route sample. ! !ip route 0.0.0.0/0 203.181.89.241 ! log file /var/log/zebra/zebra.log hostname bgpd password zebra enable password zebra ! router bgp 300 neighbor 2.2.2.2 remote-as 100 neighbor 3.3.3.3 remote-as 200 neighbor 4.4.4.4 remote-as 400 redistribute connected ! Pubblica soltanto come “summary" le reti aggregate-address 160.10.0.0/16 summary-only aggregate-address 160.20.0.0/16 summary-only aggregate-address 180.30.0.0/16 summary-only ! aggrega le due reti !aggregate-address 160.0.0.0/8 summary-only ! Pubblica una route aggregata as-set !aggregate-address 160.0.0.0/8 summary-only as-set !aggregate-address 180.30.0.0/16 summary-only !network 180.30.0.0/16 log file /var/log/zebra/bgpd.log ! debug bgp debug bgp events debug bgp filters debug bgp fsm debug bgp keepalives debug bgp updates Configurazioni AS 500 hostname RouterE password zebra enable password zebra ! ! Interface's description. ! interface lo description Loopback ip address 127.0.0.1/8 interface eth0 description Verso AS 100 ip address 5.5.5.5/8 interface eth1 description Verso AS 400 ip address 6.6.6.6/8 interface eth2 description Verso interno ip address 180.20.1.1/16 interface eth3 description Verso interno ip address 160.30.1.1/16 ! Static default route sample. !ip route 0.0.0.0/0 203.181.89.241 log file /var/log/zebra/zebra.log hostname bgpd password zebra enable password zebra ! router bgp 500 network 180.20.0.0 network 160.30.0.0 neighbor 5.5.5.1 remote-as 100 neighbor 6.6.6.1 remote-as 400 redistribute connected ! log file /var/log/zebra/bgpd.log debug bgp debug bgp events debug bgp filters debug bgp fsm debug bgp keepalives debug bgp updates Configurazioni AS 500 • Configurazione BGP per: • Utilizzare il link RouterE-RouterD per il traffico diretto alla rete 180.20.1.0/24 • Utilizzare il link RouterE-RouterA per il traffico diretto alla rete 160.30.1.0/24 • In caso di fualt di uno dei link • RouterE-RouterA • RouterE-RouterD far in modo che il traffico diretto alle reti precedenti non vada perso Configurazioni AS 500 hostname RouterE password zebra enable password zebra ! ! Interface's description. ! interface lo description Loopback ip address 127.0.0.1/8 interface eth0 description Verso AS 100 ip address 5.5.5.5/8 interface eth1 description Verso AS 400 ip address 6.6.6.6/8 interface eth2 description Verso interno ip address 180.20.1.1/16 interface eth3 description Verso interno ip address 160.30.1.1/16 ! Static default route sample. !ip route 0.0.0.0/0 203.181.89.241 log file /var/log/zebra/zebra.log hostname bgpd password zebra enable password zebra ! router bgp 500 redistribute connected !ip prefix-list In400 permit 0.0.0.0/0 ip prefix-list Out400 permit 180.20.0.0/16 ip prefix-list Out400 permit 160.30.0.0/16 ip prefix-list Out400 permit 180.20.1.0/24 !ip prefix-list Out400 permit 5.5.0.0/16 !ip prefix-list Out400 permit 6.6.6.0/24 network 180.20.0.0/16 network 180.20.1.0/24 network 160.30.0.0/16 network 160.30.1.0/24 log file /var/log/zebra/bgpd.log debug bgp debug bgp events debug bgp filters debug bgp fsm debug bgp keepalives debug bgp updates neighbor 5.5.5.1 remote-as 100 !neighbor 5.5.5.1 prefix-list In100 in neighbor 5.5.5.1 prefix-list Out100 out neighbor 6.6.6.1 remote-as 400 !neighbor 6.6.6.1 prefix-list In400 in neighbor 6.6.6.1 prefix-list Out400 out !ip prefix-list In100 permit 0.0.0.0/0 ip prefix-list Out100 permit 160.30.0.0/16 ip prefix-list Out100 permit 180.20.0.0/16 ip prefix-list Out100 permit 160.30.1.0/24 !ip prefix-list Out100 permit 5.5.5.0/24 !ip prefix-list Out100 permit 6.6.0.0/16
Documenti analoghi
Esercitazione BGP 22-05-2009
•aggregate-address A.B.C.D/M
• permette di specificare un indirizzo aggregato
Release Notes
set gprs secondary-apn
2. Sono state introdotte le funzioni di Antispoofing DHCP abilitate dal parametro:
set dhcp
