企业BGP网络规划案例(一)
网络拓扑:

如上图为一家企业的办公网,分为总部AS6500,分公司AS65001和分公司AS65002,其中每个站点都有生产、办公和服务器区域的网络互访,分公司和总公司之间通过两条联通/电信的MSTP线路互联。考虑到本案例需要做路由的控制和选路,为了更好的进行路由的选路和控制,本例选择BGP作为路由协议。
XRV1
==============================================================
!
hostname XRV1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
subscriber templating
!
multilink bundle-name authenticated
!
!
!
!
!
key chain cisco
key 1
key-string cisco
!
license udi pid CSR1000V sn 9TNB5YCPUP5
!
spanning-tree extend system-id
!
!
redundancy
!
interface Loopback0
ip address 10.255.255.1 255.255.255.255
ip router isis 100
isis circuit-type level-2-only
!
interface GigabitEthernet1
ip address 10.10.1.1 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet2
ip address 10.201.1.1 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet3
ip address 10.201.1.9 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet4
ip address 10.10.1.6 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
router isis 100
net 49.0000.1025.5255.1000.00
is-type level-2-only
!
router bgp 65000
bgp router-id 10.255.255.1
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.201.1.2 remote-as 65001
neighbor 10.201.1.2 password cisco
neighbor 10.201.1.2 fall-over bfd
neighbor 10.201.1.2 send-community
neighbor 10.201.1.10 remote-as 65002
neighbor 10.201.1.10 password cisco
neighbor 10.201.1.10 send-community
neighbor 10.255.255.2 remote-as 65000
neighbor 10.255.255.2 password cisco
neighbor 10.255.255.2 update-source Loopback0
neighbor 10.255.255.2 next-hop-self
neighbor 10.255.255.7 remote-as 65000
neighbor 10.255.255.7 password cisco
neighbor 10.255.255.7 update-source Loopback0
neighbor 10.255.255.7 next-hop-self
XRV2
==============================================================
!
hostname XRV2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
subscriber templating
!
multilink bundle-name authenticated
!
key chain cisco
key 1
key-string cisco
!
license udi pid CSR1000V sn 9RXESOZ20H8
!
spanning-tree extend system-id
!
!
redundancy
!
interface Loopback0
ip address 10.255.255.2 255.255.255.255
ip router isis 100
isis circuit-type level-2-only
!
interface GigabitEthernet1
ip address 10.10.1.2 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet2
ip address 10.201.1.5 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet3
ip address 10.201.1.13 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet4
ip address 10.10.1.10 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
router isis 100
net 49.0000.1025.5255.2000.00
is-type level-2-only
!
router bgp 65000
bgp router-id 10.255.255.2
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.201.1.6 remote-as 65001
neighbor 10.201.1.6 password cisco
neighbor 10.201.1.6 fall-over bfd
neighbor 10.201.1.14 remote-as 65002
neighbor 10.201.1.14 password cisco
neighbor 10.201.1.14 fall-over bfd
neighbor 10.255.255.1 remote-as 65000
neighbor 10.255.255.1 password cisco
neighbor 10.255.255.1 update-source Loopback0
neighbor 10.255.255.1 next-hop-self
neighbor 10.255.255.7 remote-as 65000
neighbor 10.255.255.7 password cisco
neighbor 10.255.255.7 update-source Loopback0
neighbor 10.255.255.7 next-hop-self
!
XRV3
==============================================================
!
hostname XRV3
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
multilink bundle-name authenticated
!
!
!
!
!
key chain cisco
key 1
key-string cisco
!
!
!
!
!
!
!
!
!
license udi pid CSR1000V sn 975F6E0JVTP
!
spanning-tree extend system-id
!
!
redundancy
!
interface Loopback0
ip address 10.255.255.3 255.255.255.255
ip router isis 100
!
interface GigabitEthernet1
ip address 10.10.2.1 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet2
ip address 10.201.1.2 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet3
ip address 10.10.2.5 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet4
no ip address
shutdown
negotiation auto
!
router isis 100
net 49.0000.1025.5255.3000.00
is-type level-2-only
!
router bgp 65001
bgp router-id 192.168.1.3
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.201.1.1 remote-as 65000
neighbor 10.201.1.1 password cisco
neighbor 10.201.1.1 fall-over bfd
neighbor 10.201.1.1 send-community
neighbor 10.201.1.1 route-map as65001-export-cu out
neighbor 10.255.255.4 remote-as 65001
neighbor 10.255.255.4 password cisco
neighbor 10.255.255.4 update-source Loopback0
neighbor 10.255.255.4 next-hop-self
neighbor 10.255.255.4 send-community
neighbor 10.255.255.8 remote-as 65001
neighbor 10.255.255.8 password cisco
neighbor 10.255.255.8 update-source Loopback0
neighbor 10.255.255.8 next-hop-self
neighbor 10.255.255.8 send-community
!
!
virtual-service csr_mgmt
!
ip forward-protocol nd
!
ip bgp-community new-format
no ip http server
no ip http secure-server
!
!
route-map as65001-export-cu permit 10
match community 65001:100
set as-path prepend 65001 65001 65001
!
route-map as65001-export-cu permit 20
!
XRV4
==============================================================
!
hostname XRV4
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
subscriber templating
!
multilink bundle-name authenticated
!
key chain cisco
key 0
key-string cisco
key 1
key-string cisco
!
license udi pid CSR1000V sn 9LQFX0T7L21
!
spanning-tree extend system-id
!
!
redundancy
!
!
interface Loopback0
ip address 10.255.255.4 255.255.255.255
ip router isis 100
isis circuit-type level-2-only
!
interface GigabitEthernet1
ip address 10.10.2.2 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet2
ip address 10.201.1.6 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet3
ip address 10.10.2.9 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text level-2
isis authentication key-chain cisco
!
interface GigabitEthernet4
no ip address
shutdown
negotiation auto
!
router isis 100
net 49.0000.1025.5255.4000.00
is-type level-2-only
!
router bgp 65001
bgp router-id 192.168.1.4
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.201.1.5 remote-as 65000
neighbor 10.201.1.5 password cisco
neighbor 10.201.1.5 fall-over bfd
neighbor 10.201.1.5 route-map as65001-export-ct out
neighbor 10.255.255.3 remote-as 65001
neighbor 10.255.255.3 password cisco
neighbor 10.255.255.3 update-source Loopback0
neighbor 10.255.255.3 next-hop-self
neighbor 10.255.255.8 remote-as 65001
neighbor 10.255.255.8 password cisco
neighbor 10.255.255.8 update-source Loopback0
neighbor 10.255.255.8 next-hop-self
!
!
virtual-service csr_mgmt
!
ip forward-protocol nd
!
ip bgp-community new-format
no ip http server
no ip http secure-server
!
!
route-map as65001-export-cu permit 20
!
route-map as65001-export-ct permit 10
match community 65001:200
set as-path prepend 65001 65001 65001
!
XRV5
==============================================================
!
hostname XRV5
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
subscriber templating
!
multilink bundle-name authenticated
!
key chain cisco
key 1
key-string cisco
!
license udi pid CSR1000V sn 9A06X1RGMNL
!
spanning-tree extend system-id
!
!
redundancy
!
interface Loopback0
ip address 10.255.255.5 255.255.255.255
ip router isis 100
!
interface GigabitEthernet1
ip address 10.10.3.1 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet2
ip address 10.201.1.10 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet3
ip address 10.10.3.5 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet4
no ip address
shutdown
negotiation auto
!
router isis 100
net 49.0000.1025.5255.5000.00
is-type level-2-only
!
router bgp 65002
bgp router-id 10.255.255.5
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.201.1.9 remote-as 65000
neighbor 10.201.1.9 password cisco
neighbor 10.201.1.9 fall-over bfd
neighbor 10.255.255.6 remote-as 65002
neighbor 10.255.255.6 password cisco
neighbor 10.255.255.6 next-hop-self
neighbor 10.255.255.9 remote-as 65002
neighbor 10.255.255.9 password cisco
neighbor 10.255.255.9 update-source Loopback0
neighbor 10.255.255.9 next-hop-self
!
XRV6
==============================================================
!
hostname XRV6
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
subscriber templating
!
multilink bundle-name authenticated
!
key chain cisco
key 1
key-string cisco
!
license udi pid CSR1000V sn 9T2BOC64F2X
!
spanning-tree extend system-id
!
!
redundancy
!
!
interface Loopback0
ip address 10.255.255.6 255.255.255.255
ip router isis 100
!
interface GigabitEthernet1
ip address 10.10.3.2 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet2
ip address 10.201.1.14 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet3
ip address 10.10.3.9 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet4
no ip address
shutdown
negotiation auto
!
router isis 100
net 49.0000.1025.5255.6000.00
is-type level-2-only
!
router bgp 65002
bgp router-id 10.255.255.6
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.201.1.13 remote-as 65000
neighbor 10.201.1.13 password cisco
neighbor 10.201.1.13 fall-over bfd
neighbor 10.255.255.5 remote-as 65002
neighbor 10.255.255.5 password cisco
neighbor 10.255.255.5 update-source Loopback0
neighbor 10.255.255.5 next-hop-self
neighbor 10.255.255.9 remote-as 65002
neighbor 10.255.255.9 password cisco
neighbor 10.255.255.9 update-source Loopback0
neighbor 10.255.255.9 next-hop-self
!
XRV7
==============================================================
!
hostname XRV7
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
no ipv6 cef
!
key chain cisco
key 1
key-string cisco
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface Loopback0
ip address 10.255.255.7 255.255.255.255
ip router isis 100
!
interface GigabitEthernet0/0
switchport access vlan 100
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
switchport access vlan 200
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
!
interface Vlan1
ip address 10.158.1.254 255.255.255.0
!
interface Vlan2
ip address 10.158.2.254 255.255.255.0
!
interface Vlan3
ip address 10.158.3.254 255.255.255.0
!
interface Vlan4
ip address 10.158.4.254 255.255.255.0
!
interface Vlan5
ip address 10.158.5.254 255.255.255.0
!
interface Vlan6
ip address 10.158.6.254 255.255.255.0
!
interface Vlan7
ip address 10.158.7.254 255.255.255.0
!
interface Vlan8
ip address 10.158.8.254 255.255.255.0
!
interface Vlan9
ip address 10.158.9.254 255.255.255.0
!
interface Vlan10
ip address 10.158.10.254 255.255.255.0
!
interface Vlan11
ip address 10.158.11.254 255.255.255.0
!
interface Vlan12
ip address 10.158.12.254 255.255.255.0
!
interface Vlan13
ip address 10.158.13.254 255.255.255.0
!
interface Vlan14
ip address 10.158.14.254 255.255.255.0
!
interface Vlan15
ip address 10.158.15.254 255.255.255.0
!
interface Vlan16
ip address 10.158.16.254 255.255.255.0
!
interface Vlan17
ip address 10.133.1.254 255.255.255.0
!
interface Vlan18
ip address 10.133.2.254 255.255.255.0
!
interface Vlan19
ip address 10.133.3.254 255.255.255.0
!
interface Vlan20
ip address 10.133.4.254 255.255.255.0
!
interface Vlan21
ip address 10.133.5.254 255.255.255.0
!
interface Vlan22
ip address 10.133.6.254 255.255.255.0
!
interface Vlan23
ip address 10.133.7.254 255.255.255.0
!
interface Vlan24
ip address 10.133.8.254 255.255.255.0
!
interface Vlan25
ip address 10.133.9.254 255.255.255.0
!
interface Vlan26
ip address 10.133.10.254 255.255.255.0
!
interface Vlan27
ip address 10.133.11.254 255.255.255.0
!
interface Vlan28
ip address 10.133.12.254 255.255.255.0
!
interface Vlan29
ip address 10.133.13.254 255.255.255.0
!
interface Vlan30
ip address 10.133.14.254 255.255.255.0
!
interface Vlan31
ip address 10.133.15.254 255.255.255.0
!
interface Vlan32
ip address 10.133.16.254 255.255.255.0
!
interface Vlan33
ip address 10.78.1.254 255.255.255.0
!
interface Vlan34
ip address 10.78.2.254 255.255.255.0
!
interface Vlan35
ip address 10.78.3.254 255.255.255.0
!
interface Vlan36
ip address 10.78.4.254 255.255.255.0
!
interface Vlan37
ip address 10.78.5.254 255.255.255.0
!
interface Vlan38
ip address 10.78.6.254 255.255.255.0
!
interface Vlan39
ip address 10.78.7.254 255.255.255.0
!
interface Vlan40
ip address 10.78.8.254 255.255.255.0
!
interface Vlan41
ip address 10.78.9.254 255.255.255.0
!
interface Vlan42
ip address 10.78.10.254 255.255.255.0
!
interface Vlan43
ip address 10.78.11.254 255.255.255.0
!
interface Vlan44
ip address 10.78.12.254 255.255.255.0
!
interface Vlan45
ip address 10.78.13.254 255.255.255.0
!
interface Vlan46
ip address 10.78.14.254 255.255.255.0
!
interface Vlan47
ip address 10.78.15.254 255.255.255.0
!
interface Vlan48
ip address 10.78.16.254 255.255.255.0
!
interface Vlan100
ip address 10.10.1.5 255.255.255.252
ip router isis 100
isis circuit-type level-2-only
isis password cisco level-1
isis authentication mode text level-2
isis authentication key-chain cisco
!
interface Vlan200
ip address 10.10.1.9 255.255.255.252
ip router isis 100
isis circuit-type level-2-only
isis authentication mode text level-2
isis authentication key-chain cisco
!
router isis 100
net 49.0000.1025.5255.7000.00
is-type level-2-only
!
router bgp 65000
bgp router-id 10.255.255.7
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
network 10.78.1.0 mask 255.255.255.0
network 10.78.2.0 mask 255.255.255.0
network 10.78.3.0 mask 255.255.255.0
network 10.78.4.0 mask 255.255.255.0
network 10.78.5.0 mask 255.255.255.0
network 10.78.6.0 mask 255.255.255.0
network 10.78.7.0 mask 255.255.255.0
network 10.78.8.0 mask 255.255.255.0
network 10.78.9.0 mask 255.255.255.0
network 10.78.10.0 mask 255.255.255.0
network 10.78.11.0 mask 255.255.255.0
network 10.78.12.0 mask 255.255.255.0
network 10.78.13.0 mask 255.255.255.0
network 10.78.14.0 mask 255.255.255.0
network 10.78.15.0 mask 255.255.255.0
network 10.78.16.0 mask 255.255.255.0
network 10.133.1.0 mask 255.255.255.0
network 10.133.2.0 mask 255.255.255.0
network 10.133.3.0 mask 255.255.255.0
network 10.133.4.0 mask 255.255.255.0
network 10.133.5.0 mask 255.255.255.0
network 10.133.6.0 mask 255.255.255.0
network 10.133.7.0 mask 255.255.255.0
network 10.133.8.0 mask 255.255.255.0
network 10.133.9.0 mask 255.255.255.0
network 10.133.10.0 mask 255.255.255.0
network 10.133.11.0 mask 255.255.255.0
network 10.133.12.0 mask 255.255.255.0
network 10.133.13.0 mask 255.255.255.0
network 10.133.14.0 mask 255.255.255.0
network 10.133.15.0 mask 255.255.255.0
network 10.133.16.0 mask 255.255.255.0
network 10.158.1.0 mask 255.255.255.0
network 10.158.2.0 mask 255.255.255.0
network 10.158.3.0 mask 255.255.255.0
network 10.158.4.0 mask 255.255.255.0
network 10.158.5.0 mask 255.255.255.0
network 10.158.6.0 mask 255.255.255.0
network 10.158.7.0 mask 255.255.255.0
network 10.158.8.0 mask 255.255.255.0
network 10.158.9.0 mask 255.255.255.0
network 10.158.10.0 mask 255.255.255.0
network 10.158.11.0 mask 255.255.255.0
network 10.158.12.0 mask 255.255.255.0
network 10.158.13.0 mask 255.255.255.0
network 10.158.14.0 mask 255.255.255.0
network 10.158.15.0 mask 255.255.255.0
network 10.158.16.0 mask 255.255.255.0
neighbor 10.255.255.1 remote-as 65000
neighbor 10.255.255.1 password cisco
neighbor 10.255.255.1 update-source Loopback0
neighbor 10.255.255.1 next-hop-self
neighbor 10.255.255.2 remote-as 65000
neighbor 10.255.255.2 password cisco
neighbor 10.255.255.2 update-source Loopback0
neighbor 10.255.255.2 next-hop-self
!
XRV8
==============================================================
!
hostname XRV8
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
no ipv6 cef
!
key chain cisco
key 0
key-string cisco
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface Loopback0
ip address 10.255.255.8 255.255.255.255
ip router isis 100
isis circuit-type level-2-only
!
interface GigabitEthernet0/0
switchport access vlan 100
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
switchport access vlan 200
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
!
interface Vlan1
ip address 10.138.1.254 255.255.255.0
!
interface Vlan2
ip address 10.138.2.254 255.255.255.0
!
interface Vlan3
ip address 10.138.3.254 255.255.255.0
!
interface Vlan4
ip address 10.138.4.254 255.255.255.0
!
interface Vlan5
ip address 10.138.5.254 255.255.255.0
!
interface Vlan6
ip address 10.138.6.254 255.255.255.0
!
interface Vlan7
ip address 10.138.7.254 255.255.255.0
!
interface Vlan8
ip address 10.138.8.254 255.255.255.0
!
interface Vlan9
ip address 10.138.9.254 255.255.255.0
!
interface Vlan10
ip address 10.138.10.254 255.255.255.0
!
interface Vlan11
ip address 10.138.11.254 255.255.255.0
!
interface Vlan12
ip address 10.138.12.254 255.255.255.0
!
interface Vlan13
ip address 10.138.13.254 255.255.255.0
!
interface Vlan14
ip address 10.138.14.254 255.255.255.0
!
interface Vlan15
ip address 10.138.15.254 255.255.255.0
!
interface Vlan16
ip address 10.138.16.254 255.255.255.0
!
interface Vlan17
ip address 10.173.1.254 255.255.255.0
!
interface Vlan18
ip address 10.173.2.254 255.255.255.0
!
interface Vlan19
ip address 10.173.3.254 255.255.255.0
!
interface Vlan20
ip address 10.173.4.254 255.255.255.0
!
interface Vlan21
ip address 10.173.5.254 255.255.255.0
!
interface Vlan22
ip address 10.173.6.254 255.255.255.0
!
interface Vlan23
ip address 10.173.7.254 255.255.255.0
!
interface Vlan24
ip address 10.173.8.254 255.255.255.0
!
interface Vlan25
ip address 10.173.9.254 255.255.255.0
!
interface Vlan26
ip address 10.173.10.254 255.255.255.0
!
interface Vlan27
ip address 10.173.11.254 255.255.255.0
!
interface Vlan28
ip address 10.173.12.254 255.255.255.0
!
interface Vlan29
ip address 10.173.13.254 255.255.255.0
!
interface Vlan30
ip address 10.173.14.254 255.255.255.0
!
interface Vlan31
ip address 10.173.15.254 255.255.255.0
!
interface Vlan32
ip address 10.173.16.254 255.255.255.0
!
interface Vlan33
ip address 10.178.1.254 255.255.255.0
!
interface Vlan34
ip address 10.178.2.254 255.255.255.0
!
interface Vlan35
ip address 10.178.3.254 255.255.255.0
!
interface Vlan36
ip address 10.178.4.254 255.255.255.0
!
interface Vlan37
ip address 10.178.5.254 255.255.255.0
!
interface Vlan38
ip address 10.178.6.254 255.255.255.0
!
interface Vlan39
ip address 10.178.7.254 255.255.255.0
!
interface Vlan40
ip address 10.178.8.254 255.255.255.0
!
interface Vlan41
ip address 10.178.9.254 255.255.255.0
!
interface Vlan42
ip address 10.178.10.254 255.255.255.0
!
interface Vlan43
ip address 10.178.11.254 255.255.255.0
!
interface Vlan44
ip address 10.178.12.254 255.255.255.0
!
interface Vlan45
ip address 10.178.13.254 255.255.255.0
!
interface Vlan46
ip address 10.178.14.254 255.255.255.0
!
interface Vlan47
ip address 10.178.15.254 255.255.255.0
!
interface Vlan48
ip address 10.178.16.254 255.255.255.0
!
interface Vlan100
ip address 10.10.2.6 255.255.255.252
ip router isis 100
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco level-2
!
interface Vlan200
ip address 10.10.2.10 255.255.255.252
ip router isis 100
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco level-2
!
router isis 100
net 49.0000.1025.5255.8000.00
is-type level-2-only
!
router bgp 65001
bgp router-id 10.255.255.8
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
network 10.138.1.0 mask 255.255.255.0
network 10.138.2.0 mask 255.255.255.0
network 10.138.3.0 mask 255.255.255.0
network 10.138.4.0 mask 255.255.255.0
network 10.138.5.0 mask 255.255.255.0
network 10.138.6.0 mask 255.255.255.0
network 10.138.7.0 mask 255.255.255.0
network 10.138.8.0 mask 255.255.255.0
network 10.138.9.0 mask 255.255.255.0
network 10.138.10.0 mask 255.255.255.0
network 10.138.11.0 mask 255.255.255.0
network 10.138.12.0 mask 255.255.255.0
network 10.138.13.0 mask 255.255.255.0
network 10.138.14.0 mask 255.255.255.0
network 10.138.15.0 mask 255.255.255.0
network 10.138.16.0 mask 255.255.255.0
network 10.173.1.0 mask 255.255.255.0
network 10.173.2.0 mask 255.255.255.0
network 10.173.3.0 mask 255.255.255.0
network 10.173.4.0 mask 255.255.255.0
network 10.173.5.0 mask 255.255.255.0
network 10.173.6.0 mask 255.255.255.0
network 10.173.7.0 mask 255.255.255.0
network 10.173.8.0 mask 255.255.255.0
network 10.173.9.0 mask 255.255.255.0
network 10.173.10.0 mask 255.255.255.0
network 10.173.11.0 mask 255.255.255.0
network 10.173.12.0 mask 255.255.255.0
network 10.173.13.0 mask 255.255.255.0
network 10.173.14.0 mask 255.255.255.0
network 10.173.15.0 mask 255.255.255.0
network 10.173.16.0 mask 255.255.255.0
network 10.178.1.0 mask 255.255.255.0
network 10.178.2.0 mask 255.255.255.0
network 10.178.3.0 mask 255.255.255.0
network 10.178.4.0 mask 255.255.255.0
network 10.178.5.0 mask 255.255.255.0
network 10.178.6.0 mask 255.255.255.0
network 10.178.7.0 mask 255.255.255.0
network 10.178.8.0 mask 255.255.255.0
network 10.178.9.0 mask 255.255.255.0
network 10.178.10.0 mask 255.255.255.0
network 10.178.11.0 mask 255.255.255.0
network 10.178.12.0 mask 255.255.255.0
network 10.178.13.0 mask 255.255.255.0
network 10.178.14.0 mask 255.255.255.0
network 10.178.15.0 mask 255.255.255.0
network 10.178.16.0 mask 255.255.255.0
neighbor 10.255.255.3 remote-as 65001
neighbor 10.255.255.3 password cisco
neighbor 10.255.255.3 update-source Loopback0
neighbor 10.255.255.3 send-community
neighbor 10.255.255.3 route-map as65001-export out
neighbor 10.255.255.4 remote-as 65001
neighbor 10.255.255.4 password cisco
neighbor 10.255.255.4 update-source Loopback0
neighbor 10.255.255.4 send-community
neighbor 10.255.255.4 route-map as65001-export out
!
ip forward-protocol nd
!
ip bgp-community new-format
no ip http server
no ip http secure-server
!
!
!
!
ip prefix-list as65001-bangong-100 seq 5 permit 10.138.1.0/24
ip prefix-list as65001-bangong-100 seq 10 permit 10.138.2.0/24
ip prefix-list as65001-bangong-100 seq 15 permit 10.138.3.0/24
ip prefix-list as65001-bangong-100 seq 20 permit 10.138.4.0/24
ip prefix-list as65001-bangong-100 seq 25 permit 10.138.5.0/24
ip prefix-list as65001-bangong-100 seq 30 permit 10.138.6.0/24
ip prefix-list as65001-bangong-100 seq 35 permit 10.138.7.0/24
ip prefix-list as65001-bangong-100 seq 40 permit 10.138.8.0/24
ip prefix-list as65001-bangong-100 seq 45 permit 10.138.9.0/24
ip prefix-list as65001-bangong-100 seq 50 permit 10.138.10.0/24
ip prefix-list as65001-bangong-100 seq 55 permit 10.138.11.0/24
ip prefix-list as65001-bangong-100 seq 60 permit 10.138.12.0/24
ip prefix-list as65001-bangong-100 seq 65 permit 10.138.13.0/24
ip prefix-list as65001-bangong-100 seq 70 permit 10.138.14.0/24
ip prefix-list as65001-bangong-100 seq 75 permit 10.138.15.0/24
ip prefix-list as65001-bangong-100 seq 80 permit 10.138.16.0/24
!
ip prefix-list as65001-dc-300 seq 5 permit 10.178.1.0/24
ip prefix-list as65001-dc-300 seq 10 permit 10.178.2.0/24
ip prefix-list as65001-dc-300 seq 15 permit 10.178.3.0/24
ip prefix-list as65001-dc-300 seq 20 permit 10.178.4.0/24
ip prefix-list as65001-dc-300 seq 25 permit 10.178.5.0/24
ip prefix-list as65001-dc-300 seq 30 permit 10.178.6.0/24
ip prefix-list as65001-dc-300 seq 35 permit 10.178.7.0/24
ip prefix-list as65001-dc-300 seq 40 permit 10.178.8.0/24
ip prefix-list as65001-dc-300 seq 45 permit 10.178.9.0/24
ip prefix-list as65001-dc-300 seq 50 permit 10.178.10.0/24
ip prefix-list as65001-dc-300 seq 55 permit 10.178.11.0/24
ip prefix-list as65001-dc-300 seq 60 permit 10.178.12.0/24
ip prefix-list as65001-dc-300 seq 65 permit 10.178.13.0/24
ip prefix-list as65001-dc-300 seq 70 permit 10.178.14.0/24
ip prefix-list as65001-dc-300 seq 75 permit 10.178.15.0/24
ip prefix-list as65001-dc-300 seq 80 permit 10.178.16.0/24
!
ip prefix-list as65001-shengchan-200 seq 5 permit 10.173.1.0/24
ip prefix-list as65001-shengchan-200 seq 10 permit 10.173.2.0/24
ip prefix-list as65001-shengchan-200 seq 15 permit 10.173.3.0/24
ip prefix-list as65001-shengchan-200 seq 20 permit 10.173.4.0/24
ip prefix-list as65001-shengchan-200 seq 25 permit 10.173.5.0/24
ip prefix-list as65001-shengchan-200 seq 30 permit 10.173.6.0/24
ip prefix-list as65001-shengchan-200 seq 35 permit 10.173.7.0/24
ip prefix-list as65001-shengchan-200 seq 40 permit 10.173.8.0/24
ip prefix-list as65001-shengchan-200 seq 45 permit 10.173.9.0/24
ip prefix-list as65001-shengchan-200 seq 50 permit 10.173.10.0/24
ip prefix-list as65001-shengchan-200 seq 55 permit 10.173.11.0/24
ip prefix-list as65001-shengchan-200 seq 60 permit 10.173.12.0/24
ip prefix-list as65001-shengchan-200 seq 65 permit 10.173.13.0/24
ip prefix-list as65001-shengchan-200 seq 70 permit 10.173.14.0/24
ip prefix-list as65001-shengchan-200 seq 75 permit 10.173.15.0/24
ip prefix-list as65001-shengchan-200 seq 80 permit 10.173.16.0/24
!
route-map as65001-export permit 10
match ip address prefix-list as65001-bangong-100
set community 65001:100
!
route-map as65001-export permit 20
match ip address prefix-list as65001-shengchan-200
set community 65001:200
!
route-map as65001-export permit 30
match ip address prefix-list as65001-dc-300
set community 65001:300
!
XRV9
==============================================================
!
hostname XRV9
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
no ipv6 cef
!
key chain cisco
key 1
key-string cisco
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface Loopback0
ip address 10.255.255.9 255.255.255.255
ip router isis 100
!
interface GigabitEthernet0/0
switchport access vlan 100
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
switchport access vlan 200
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
!
interface Vlan1
ip address 10.38.1.254 255.255.255.0
!
interface Vlan2
ip address 10.38.2.254 255.255.255.0
!
interface Vlan3
ip address 10.38.3.254 255.255.255.0
!
interface Vlan4
ip address 10.38.4.254 255.255.255.0
!
interface Vlan5
ip address 10.38.5.254 255.255.255.0
!
interface Vlan6
ip address 10.38.6.254 255.255.255.0
!
interface Vlan7
ip address 10.38.7.254 255.255.255.0
!
interface Vlan8
ip address 10.38.8.254 255.255.255.0
!
interface Vlan9
ip address 10.38.9.254 255.255.255.0
!
interface Vlan10
ip address 10.38.10.254 255.255.255.0
!
interface Vlan11
ip address 10.38.11.254 255.255.255.0
!
interface Vlan12
ip address 10.38.12.254 255.255.255.0
!
interface Vlan13
ip address 10.38.13.254 255.255.255.0
!
interface Vlan14
ip address 10.38.14.254 255.255.255.0
!
interface Vlan15
ip address 10.38.15.254 255.255.255.0
!
interface Vlan16
ip address 10.38.16.254 255.255.255.0
!
interface Vlan17
ip address 10.17.1.254 255.255.255.0
!
interface Vlan18
ip address 10.17.2.254 255.255.255.0
!
interface Vlan19
ip address 10.17.3.254 255.255.255.0
!
interface Vlan20
ip address 10.17.4.254 255.255.255.0
!
interface Vlan21
ip address 10.17.5.254 255.255.255.0
!
interface Vlan22
ip address 10.17.6.254 255.255.255.0
!
interface Vlan23
ip address 10.17.7.254 255.255.255.0
!
interface Vlan24
ip address 10.17.8.254 255.255.255.0
!
interface Vlan25
ip address 10.17.9.254 255.255.255.0
!
interface Vlan26
ip address 10.17.10.254 255.255.255.0
!
interface Vlan27
ip address 10.17.11.254 255.255.255.0
!
interface Vlan28
ip address 10.17.12.254 255.255.255.0
!
interface Vlan29
ip address 10.17.13.254 255.255.255.0
!
interface Vlan30
ip address 10.17.14.254 255.255.255.0
!
interface Vlan31
ip address 10.17.15.254 255.255.255.0
!
interface Vlan32
ip address 10.17.16.254 255.255.255.0
!
interface Vlan33
ip address 10.175.1.254 255.255.255.0
!
interface Vlan34
ip address 10.175.2.254 255.255.255.0
!
interface Vlan35
ip address 10.175.3.254 255.255.255.0
!
interface Vlan36
ip address 10.175.4.254 255.255.255.0
!
interface Vlan37
ip address 10.175.5.254 255.255.255.0
!
interface Vlan38
ip address 10.175.6.254 255.255.255.0
!
interface Vlan39
ip address 10.175.7.254 255.255.255.0
!
interface Vlan40
ip address 10.175.8.254 255.255.255.0
!
interface Vlan41
ip address 10.175.9.254 255.255.255.0
!
interface Vlan42
ip address 10.175.10.254 255.255.255.0
!
interface Vlan43
ip address 10.175.11.254 255.255.255.0
!
interface Vlan44
ip address 10.175.12.254 255.255.255.0
!
interface Vlan45
ip address 10.175.13.254 255.255.255.0
!
interface Vlan46
ip address 10.175.14.254 255.255.255.0
!
interface Vlan47
ip address 10.175.15.254 255.255.255.0
!
interface Vlan48
ip address 10.175.16.254 255.255.255.0
!
interface Vlan100
ip address 10.10.3.6 255.255.255.252
ip router isis 100
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface Vlan200
ip address 10.10.3.10 255.255.255.252
ip router isis 100
isis authentication mode text
isis authentication key-chain cisco
!
router isis 100
net 49.0000.1025.5255.9000.00
is-type level-2-only
!
router bgp 65002
bgp router-id 10.255.255.9
bgp log-neighbor-changes
network 10.17.1.0 mask 255.255.255.0
network 10.17.2.0 mask 255.255.255.0
network 10.17.3.0 mask 255.255.255.0
network 10.17.4.0 mask 255.255.255.0
network 10.17.5.0 mask 255.255.255.0
network 10.17.6.0 mask 255.255.255.0
network 10.17.7.0 mask 255.255.255.0
network 10.17.8.0 mask 255.255.255.0
network 10.17.9.0 mask 255.255.255.0
network 10.17.10.0 mask 255.255.255.0
network 10.17.11.0 mask 255.255.255.0
network 10.17.12.0 mask 255.255.255.0
network 10.17.13.0 mask 255.255.255.0
network 10.17.14.0 mask 255.255.255.0
network 10.17.15.0 mask 255.255.255.0
network 10.17.16.0 mask 255.255.255.0
network 10.38.1.0 mask 255.255.255.0
network 10.38.2.0 mask 255.255.255.0
network 10.38.3.0 mask 255.255.255.0
network 10.38.4.0 mask 255.255.255.0
network 10.38.5.0 mask 255.255.255.0
network 10.38.6.0 mask 255.255.255.0
network 10.38.7.0 mask 255.255.255.0
network 10.38.8.0 mask 255.255.255.0
network 10.38.9.0 mask 255.255.255.0
network 10.38.10.0 mask 255.255.255.0
network 10.38.11.0 mask 255.255.255.0
network 10.38.12.0 mask 255.255.255.0
network 10.38.13.0 mask 255.255.255.0
network 10.38.14.0 mask 255.255.255.0
network 10.38.15.0 mask 255.255.255.0
network 10.38.16.0 mask 255.255.255.0
network 10.175.1.0 mask 255.255.255.0
network 10.175.2.0 mask 255.255.255.0
network 10.175.3.0 mask 255.255.255.0
network 10.175.4.0 mask 255.255.255.0
network 10.175.5.0 mask 255.255.255.0
network 10.175.6.0 mask 255.255.255.0
network 10.175.7.0 mask 255.255.255.0
network 10.175.8.0 mask 255.255.255.0
network 10.175.9.0 mask 255.255.255.0
network 10.175.10.0 mask 255.255.255.0
network 10.175.11.0 mask 255.255.255.0
network 10.175.12.0 mask 255.255.255.0
network 10.175.13.0 mask 255.255.255.0
network 10.175.14.0 mask 255.255.255.0
network 10.175.15.0 mask 255.255.255.0
neighbor 10.255.255.5 remote-as 65002
neighbor 10.255.255.5 password cisco
neighbor 10.255.255.6 remote-as 65002
neighbor 10.255.255.6 password cisco
neighbor 10.255.255.6 update-source Loopback0
!
企业BGP网络规划案例(一)的更多相关文章
- 企业BGP网络规划案例(四)
关于路由的发布和接收使用route-map过滤,防止本AS作为一个转发区域. 在XRV3上和XRV4上使用prefix-list 进行路由接搜和发布的过滤 XRV3配置 =============== ...
- 企业BGP网络规划案例(三)
路由选路 1.分支的办公流和生产流默认走联通MSTP线路,DC流默认走电信MSTP线路,当其中某条互联的链路down后才会进行流量切换 XRV1配置 ========================= ...
- 企业BGP网络规划案例(二)
设计思路梳理 1.AS的划分 : 由于该办公网物理上被划分为总部和两个异地的办公分支,总部和分支互联采用MSTP线路,为了方便管理和更为灵活的进行路由控制,选择BGP作为总部和分支的路由协议.关于AS ...
- Hadoop企业开发场景案例,虚拟机服务器调优
Hadoop企业开发场景案例 1 案例需求 (1)需求:从1G数据中,统计每个单词出现次数.服务器3台,每台配置4G内存,4核CPU,4线程. (2)需求分析: 1G/128m = 8个M ...
- openvpn用户管理、linux客户端配置及企业常用真实案例解析
1.给企业用户分配VPN账户的流程: 添加拨号需要密码的用户 # source vars NOTE: If you run ./clean-all, I will be doing a rm -rf ...
- 企业SOA架构案例分析
面向服务的架构(SOA)是一个组件模型,它将应用程序的不同功能单元(称为服务)进行拆分,并通过这些服务之间定义良好的接口和契约联系起来.接口是采用中立的方式进行定义的,它应该独立于实现服务的硬件平台. ...
- linux系统文件属性及企业精典故障案例
linux系统文件属性: [root@nginx_back ~]# stat keepalived-1.2.7.tar.gz 查看文件属性 File: "keepalived-1.2.7.t ...
- 技术交流:DDD在企业开发的案例分享
背景 因为工作上的原因,这次技术交流准备的不够充分,晚上通宵写的演示代码,不过整个过程还是收获蛮大的,具体如下: 对原子操作有了更深入的了解,自己写的无锁循环队列(有点类似 RingBuffer)终于 ...
- 企业运维案例:xxx is not in the sudoers file.This incident will be reported” 错误解决方法
CentOS6系统下,普通用户使用sudo执行命令时报错: xxx is not in the sudoers file.This incident will be reported" 解决 ...
随机推荐
- 发现一个非常有趣好用的git博主,收录热门OC、swift项目三方架构
日常学习: https://github.com/iOShuyang/Book-Recommend-Github
- python,列表,元祖,字典
list 列表 li = [1,",[3,4]] 1.用中括号括起来 2.用,来分割每一个元素 3.列表中的元素可以是,数字,字符串,列表,布尔值 4.“集合”,内部可以放置任何东西 li ...
- python-web自动化:下拉列表操作
非select/option元素: 1.触发下拉列表出现 2.等待下拉列表中的元素出现,然后进行选择元素即可. select/option元素: 下拉框操作-Select类selenium提供Sele ...
- 软件职位进阶--立Flag
PS:是我从看过的书籍<软件测试进阶之路>上摘录的 很喜欢:深耕细作一词,可以走管理leader方向,但我更愿意是技术掌握到手后,兼职管理岗位. 庆幸吧,脚踏实地,没有上来就学自动化,所以 ...
- Eclipse下支持编写HTML/JS/CSS/JSP页面的自动提示
地址:https://blog.csdn.net/AinUser/article/details/64904339 使用eclipse自带的插件,无需另外安装插件,具体步骤如下 1.打开eclipse ...
- [持续交付实践] Jenkins 中国用户大会参会见闻
前言 上周日在上海召开了Jenkins中国用户大会(Jenkins User Confluence China),这应该是Jenkins在中国第一次举办吧.Jenkins的创始人Kohsuke Kaw ...
- SpringBoot整合StringData JPA
目录 SpringBoot整合StringData JPA application.yml User.class UserRepository.java UserController SpringBo ...
- 13. nginx,lvs之一
摘要: 1.详细描述常见nginx常用模块和模块的使用示例 2.简述Linux集群类型.系统扩展方式及调度方法 3.简述lvs四种集群有点及使用场景 4.描述LVS-NAT.LVS-DR的工作原理并实 ...
- 关联tomcat源代码
1.进入tomcat官网下载对应版本源代码文件 2. 3..ctrl+鼠标左键 点击Cookie对象 4. 5.
- Laravel--查询构造器 方法 及聚合函数
controller内内容如下 <?php /** * Created by PhpStorm. * User: work * Date: 2018/1/2 * Time: 20:36 */ n ...