BGP拓扑正确配置
R1的配置
-----------------------------------------------------------------------------
sysname RT1
#
super password level 3 simple h3c
#
domain default enable system
#
telnet server enable
#
acl number 2000
rule 0 permit source 192.168.200.0 0.0.0.255
acl number 2030
rule 0 permit source 192.168.200.1 0
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
group-attribute allow-guest
#
local-user rt1
password simple rt1
authorization-attribute level 2
service-type telnet
local-user useradmin
authorization-attribute level 2
#
wlan rrm
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
attack-defense policy 1
#
bgp 65000
undo synchronization
peer 172.16.1.2 as-number 65001
peer 2.2.2.2 as-number 65000
peer 6.6.6.6 as-number 65000
peer 7.7.7.7 as-number 65000
peer 172.16.1.2 route-policy fk export
peer 172.16.1.2 route-policy fa import
peer 2.2.2.2 next-hop-local
peer 2.2.2.2 connect-interface LoopBack0
peer 6.6.6.6 next-hop-local
peer 6.6.6.6 connect-interface LoopBack0
peer 7.7.7.7 next-hop-local
peer 7.7.7.7 connect-interface LoopBack0
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 172.16.0.2 0.0.0.0
network 172.16.0.9 0.0.0.0
network 1.1.1.1 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply as-path 400 600
route-policy fa permit node 20
route-policy fk permit node 10
if-match as-path 1
#
ip as-path 1 permit ^$
#
snmp-agent
snmp-agent local-engineid 800063A203000FE2D06060
snmp-agent community read h3c-read
snmp-agent sys-info version v2c v3
snmp-agent target-host trap address udp-domain 192.168.200.1 params securityname h3c-read
undo snmp-agent trap enable voice dial
snmp-agent trap source LoopBack0
#
load xml-configuration
#
load tr069-configuration
#
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
acl 2030 inbound
authentication-mode scheme
idle-timeout 0 0
protocol inbound telnet
#
return
R2的配置
--------------------------------------------------------------------------
sysname RT2
#
super password level 3 simple h3c
#
domain default enable system
#
telnet server enable
#
acl number 2000
rule 0 permit source 192.168.100.0 0.0.0.255
acl number 2030
rule 0 permit source 192.168.200.1 0
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
ike proposal 1
#
ike peer rt4
pre-shared-key simple h3c
remote-address 172.16.1.6
#
ipsec proposal 1
#
ipsec policy-template huawei 1
ike-peer rt4
proposal 1
#
ipsec policy h3c 1 isakmp template huawei
#
user-group system
group-attribute allow-guest
#
local-user rt2
password simple rt2
authorization-attribute level 2
service-type telnet
local-user useradmin
authorization-attribute level 2
#
wlan rrm
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
attack-defense policy 1
#
bgp 65000
undo synchronization
peer 1.1.1.1 as-number 65000
peer 172.16.1.6 as-number 65001
peer 6.6.6.6 as-number 65000
peer 7.7.7.7 as-number 65000
peer 1.1.1.1 next-hop-local
peer 1.1.1.1 connect-interface LoopBack0
peer 172.16.1.6 route-policy fk export
peer 172.16.1.6 route-policy fa import
peer 6.6.6.6 next-hop-local
peer 6.6.6.6 connect-interface LoopBack0
peer 7.7.7.7 next-hop-local
peer 7.7.7.7 connect-interface LoopBack0
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 172.16.0.6 0.0.0.0
network 172.16.0.10 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply as-path 400 600
route-policy fa permit node 20
route-policy fk permit node 10
if-match as-path 1
#
ip as-path 1 permit ^$
#
ip route-static 0.0.0.0 0.0.0.0 100.0.0.2
#
snmp-agent
snmp-agent local-engineid 800063A203000FE2E62FC0
snmp-agent community read h3c-read
snmp-agent sys-info version v2c v3
snmp-agent target-host trap address udp-domain 192.168.200.1 params securityname h3c-read
undo snmp-agent trap enable voice dial
snmp-agent trap source LoopBack0
#
load xml-configuration
#
load tr069-configuration
#
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
acl 2030 inbound
authentication-mode scheme
idle-timeout 0 0
protocol inbound telnet
#
return
R3的配置
--------------------------------------------------------------------
sysname RT3
#
super password level 3 simple 123
#
domain default enable system
#
ip ttl-expires enable
ip unreachables enable
#
dar p2p signature-file flash:/p2p_default.mtd
#
port-security enable
#
acl number 2000
rule 0 permit source 192.168.20.0 0.0.0.255
acl number 2008
rule 0 deny source 0.0.0.0 0
rule 5 permit
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
group-attribute allow-guest
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
authorization-attribute level 3
service-type telnet
#
wlan rrm
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
cwmp
undo cwmp enable
#
bgp 65001
undo synchronization
peer 4.4.4.4 as-number 65001
peer 172.16.1.1 as-number 65000
peer 5.5.5.5 as-number 65001
peer 4.4.4.4 next-hop-local
peer 4.4.4.4 connect-interface LoopBack0
peer 172.16.1.1 filter-policy 2008 export
peer 172.16.1.1 route-policy fa import
peer 5.5.5.5 next-hop-local
peer 5.5.5.5 connect-interface LoopBack0
#
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 172.16.2.1 0.0.0.0
network 172.16.2.5 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply as-path 400 600
route-policy fa permit node 20
#
#
voice-setup
#
sip
#
sip-server
#
call-rule-set
#
call-route
#
dial-program
default entity fax protocol standard-t38
default entity fax protocol standard-t38 hb-redundancy 0
default entity fax protocol standard-t38 lb-redundancy 0
#
aaa-client
#
gk-client
#
load xml-configuration
#
load tr069-configuration
#
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
R4的配置
------------------------------------------------------------------------
sysname RT4
#
ipsec cpu-backup enable
#
undo cryptoengine enable
#
domain default enable system
#
acl number 2000
rule 0 permit source 192.168.10.0 0.0.0.255
acl number 2030
rule 0 permit source 192.168.200.0 0.0.0.255
#
acl number 3000
rule 0 permit ip source 192.168.200.0 0.0.0.255 destination 192.168.20.0 0.0.0.255
acl number 3030
rule 0 permit ip source 192.168.20.0 0.0.0.255 destination 192.168.200.0 0.0.0.255
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
ike proposal 1
#
ike peer rt2
pre-shared-key simple h3c
remote-address 172.16.1.5
#
ipsec proposal 1
#
ipsec policy h3c 1 isakmp
security acl 3000
ike-peer rt2
proposal 1
#
traffic classifier oa operator and
if-match acl 3030
#
traffic behavior oa
queue af bandwidth pct 50
#
qos policy h3c
classifier oa behavior oa
#
local-user rt4
password simple h3c
service-type ppp
#
bgp 65001
undo synchronization
peer 5.5.5.5 as-number 65001
peer 172.16.1.5 as-number 65000
peer 3.3.3.3 as-number 65001
peer 5.5.5.5 next-hop-local
peer 5.5.5.5 default-route-advertise
peer 5.5.5.5 connect-interface LoopBack0
peer 172.16.1.5 route-policy fa import
peer 3.3.3.3 next-hop-local
peer 3.3.3.3 default-route-advertise
peer 3.3.3.3 connect-interface LoopBack0
#
ospf 1 router-id 4.4.4.4
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 172.16.2.2 0.0.0.0
network 172.16.2.9 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply as-path 400 600
route-policy fa permit node 20
#
ip route-static 0.0.0.0 0.0.0.0 200.0.0.2
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
#
return
R5的配置
-------------------------------------------------------------------
sysname RT5
#
ipsec cpu-backup enable
#
undo cryptoengine enable
#
domain default enable system
#
acl number 2000
rule 0 permit source 192.168.20.0 0.0.0.255
acl number 2001
rule 0 permit source 192.168.10.0 0.0.0.255
#
acl number 3030
rule 5 permit ip source 192.168.200.0 0.0.0.255 destination 192.168.20.0 0.0.0.255
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
traffic classifier oa operator and
if-match acl 3030
#
traffic behavior oa
queue af bandwidth pct 50
#
qos policy h3c
classifier oa behavior oa
#
local-user rt5
password simple h3c
service-type ppp
#
bgp 65001
network 192.168.100.1 255.255.255.255
network 192.168.200.1 255.255.255.255
undo synchronization
peer 4.4.4.4 as-number 65001
peer 3.3.3.3 as-number 65001
peer 4.4.4.4 route-policy fk import
peer 4.4.4.4 connect-interface LoopBack0
peer 3.3.3.3 route-policy fk import
peer 3.3.3.3 connect-interface LoopBack0
#
ospf 1 router-id 5.5.5.5
area 0.0.0.0
network 5.5.5.5 0.0.0.0
network 172.16.2.6 0.0.0.0
network 172.16.2.10 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply local-preference 400
route-policy fa permit node 20
route-policy fk permit node 10
if-match acl 2001
apply local-preference 400
route-policy fk permit node 20
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
#
return
SW1的配置
----------------------------------------------------------------------
sysname SW1
#
domain default enable system
#
burst-mode enable
#
undo ip http enable
#
password-recovery enable
#
acl number 2000
rule 0 permit source 192.168.10.0 0.0.0.255
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
#
stp region-configuration
region-name h3c
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
#
stp instance 0 root primary
stp instance 1 root primary
stp instance 2 root secondary
stp enable
#
bgp 65000
network 192.168.10.0 route-policy fa
network 192.168.20.0
undo synchronization
peer 1.1.1.1 as-number 65000
peer 2.2.2.2 as-number 65000
peer 1.1.1.1 connect-interface LoopBack0
peer 2.2.2.2 connect-interface LoopBack0
#
ospf 1 router-id 6.6.6.6
area 0.0.0.0
network 6.6.6.6 0.0.0.0
network 172.16.0.1 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply local-preference 400
#
user-interface aux 0
user-interface vty 0 4
#
return
SW2 的配置
--------------------------------------------------------------------------
version 5.20, Release 5319P04
#
sysname SW2
#
super password level 3 cipher $c$3$nbNypWi5fBQG/0cezZ0kQlLgfhZBVkx+anDhOHBaSwsLC8U=
#
domain default enable system
#
burst-mode enable
#
undo ip http enable
#
password-recovery enable
#
acl number 2000
rule 0 permit source 192.168.20.0 0.0.0.255
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
#
stp region-configuration
region-name h3c
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
#
stp instance 0 root secondary
stp instance 1 root secondary
stp instance 2 root primary
stp enable
#
interface Bridge-Aggregation1
port link-type trunk
port trunk permit vlan 1 10 20
stp instance 1 cost 1000
#
interface NULL0
#
interface LoopBack0
ip address 7.7.7.7 255.255.255.255
#
interface Vlan-interface10
ip address 192.168.10.252 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.10.254
vrrp vrid 1 authentication-mode simple cipher $c$3$Bad9sQ7oGU1f3WXX6oCbS+4r///6ZA==
#
interface Vlan-interface20
ip address 192.168.20.252 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.20.254
vrrp vrid 2 priority 110
vrrp vrid 2 track interface Vlan-interface30 reduced 30
vrrp vrid 2 authentication-mode simple cipher $c$3$7y7634QLWJTLfcyELBMFVKnhZ5l8PQ==
#
interface Vlan-interface30
ip address 172.16.0.5 255.255.255.252
#
interface Ethernet1/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 10 20
port link-aggregation group 1
#
interface Ethernet1/0/2
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 10 20
port link-aggregation group 1
#
interface Ethernet1/0/3
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 10 20
#
interface Ethernet1/0/4
port link-mode bridge
port access vlan 30
#
interface Ethernet1/0/5
port link-mode bridge
#
interface Ethernet1/0/6
port link-mode bridge
#
interface Ethernet1/0/7
port link-mode bridge
#
interface Ethernet1/0/8
port link-mode bridge
#
interface Ethernet1/0/9
port link-mode bridge
#
interface Ethernet1/0/10
port link-mode bridge
#
interface Ethernet1/0/11
port link-mode bridge
#
interface Ethernet1/0/12
port link-mode bridge
#
interface Ethernet1/0/13
port link-mode bridge
#
interface Ethernet1/0/14
port link-mode bridge
#
interface Ethernet1/0/15
port link-mode bridge
#
interface Ethernet1/0/16
port link-mode bridge
#
interface Ethernet1/0/17
port link-mode bridge
#
interface Ethernet1/0/18
port link-mode bridge
#
interface Ethernet1/0/19
port link-mode bridge
#
interface Ethernet1/0/20
port link-mode bridge
#
interface Ethernet1/0/21
port link-mode bridge
#
interface Ethernet1/0/22
port link-mode bridge
#
interface Ethernet1/0/23
port link-mode bridge
#
interface Ethernet1/0/24
port link-mode bridge
#
interface GigabitEthernet1/1/1
port link-mode bridge
#
interface GigabitEthernet1/1/2
port link-mode bridge
#
interface GigabitEthernet1/1/3
port link-mode bridge
#
interface GigabitEthernet1/1/4
port link-mode bridge
#
bgp 65000
network 192.168.10.0
network 192.168.20.0 route-policy fa
undo synchronization
peer 1.1.1.1 as-number 65000
peer 2.2.2.2 as-number 65000
peer 1.1.1.1 connect-interface LoopBack0
peer 2.2.2.2 connect-interface LoopBack0
#
ospf 1 router-id 7.7.7.7
area 0.0.0.0
network 7.7.7.7 0.0.0.0
network 172.16.0.5 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply local-preference 400
#
user-interface aux 0
user privilege level 2
user-interface vty 0 4
#
return
SW3的配置
-----------------------------------------------------------------------
sysname SW3
#
super password level 3 cipher *\Y0``CC]'I.BI/aC,8H/Q!!
#
radius scheme system
#
domain system
#
stp bpdu-protection
stp enable
stp region-configuration
region-name h3c
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
#
vlan 1
#
vlan 10
#
vlan 20
#
user-interface aux 0
user privilege level 2
idle-timeout 0 0
user-interface vty 0 4
#
return
BGP拓扑正确配置的更多相关文章
- MySQL数据库集群进行正确配置步骤
MySQL数据库集群进行正确配置步骤 2010-06-09 10:47 arrowcat 博客园 字号:T | T 我们今天是要和大家一起分享的是对MySQL数据库集群进行正确配置,我前两天在相关网站 ...
- phpMyAdmin:无法在发生错误时创建会话,请检查 PHP 或网站服务器日志,并正确配置 PHP 安装。
一:错误提示 英文:Cannot start session without errors, please check errors given in your PHP and/or webserve ...
- Power Point已经检测到你的显卡可能无法正确配置
Microsoft PowerPoint打开ppt时提示信息 PowerPoint已检测到你的显卡可能无法正确配置最佳的幻灯片播放体验(“Power Point has detected that y ...
- VM中ubuntu已经正确配置了静态IP仍无法上网
情况描述:正确配置了ubuntu的IP,getway,DNS..无法ping通getway. 环境:宿主机:win7 32Bit 虚拟机:ununtu 10.04 VM:9.0.1 build-8 ...
- IAR编译ZStack-CC2530为可下载运行的HEX文件的正确配置
转自IAR编译ZStack-CC2530为可下载运行的HEX文件的正确配置 IAR编译ZStack-CC2530为可下载运行的HEX文件的正确配置: 1.正确配置输出文件格式:菜单选择P ...
- Cacti监控Windows主机,Windows主机的正确配置
使用cacti监控Windows主机的时候经常遇到无法获取Windows主机的snmp信息和Windows主机的硬件信息,主要原因是Windows主机没有正确配置snmp,以下是正确的配置步骤:1.安 ...
- sql2008升级到r2提示:检查当前是否正确配置了报表服务器、数据库服务器是否正在运行以及您是否有权访问
sql2008升级到r2提示:检查当前是否正确配置了报表服务器.数据库服务器是否正在运行以及您是否有权访问 解决方法:把服务开启ok
- Oracle APEX 5.1 with Ords 17 in Tomcat 9–Error tips: 请求无法映射到任何数据库。请确保请求 URL 正确, 并且已正确配置 URL 到数据库的映射
一次意外关机引发的血案 1.重新开机打开 tomcat 9, 一切正常 2.打开 ords,异常报错: 404 Not Found 请求无法映射到任何数据库.请确保请求 URL 正确, 并且已正确配置 ...
- struts2 正确配置通配符方式访问,报错解决
今天遇到正确配置通配符访问action的方法,但是还是报错,原因struts 2.3 以后会内部会验证是否允许该方法,而我用的刚好是2.5的版本 要action配置中加上<allowed-met ...
随机推荐
- RESTFul Shiro
RESTFul与服务没有关系?REST的本质是设计风格,不是技术. REST的URL还是个URL,就是个普通的URL,访问这个URL的时候,先被Servlet Filter(即Shiro 的Filte ...
- 语法糖(Syntactic sugar)
语法糖(Syntactic sugar),是由Peter J. Landin(和图灵一样的天才人物,是他最先发现了Lambda演算,由此而创立了函数式编程)创造的一个词语,它意指那些没有给计算机语言添 ...
- PHP学习之-1.6 PHP语句结束符
PHP语句结束符 是不是我们在javascript,Java 的每一句代码结束的地方都有一个分号 ";" PHP的结束符号也是 ";". 注意:在PHP编程中需 ...
- res/drawable目录
在Android Eclipse项目中res/目录下包含有drawable-ldpi/,drawable-mdpi/,drawable-hdpi/,drawable-xhdpi/目录,这几个目录的后缀 ...
- 根据li标签 查找class="alcw4 alcw41"对应的值
jrhmpt01:/root/lwp/0526# cat a2.pl use LWP::UserAgent; use DBI; use POSIX; use Data::Dumper; use HTM ...
- 基于visual Studio2013解决面试题之0707最小元素
题目
- Linux 下获取LAN中指定IP的网卡的MAC(物理地址)
// all.h// 2005/06/20,a.m. wenxy #ifndef _ALL_H#define _ALL_H #include <memory.h>#include < ...
- 能够返回运行结果的system函数加强版本号
/********************************************************************* * Author : Samson * Date ...
- asp.net ajax 检测用户名是否可用代码
原文 asp.net ajax 检测用户名是否可用代码 .net ajax 检测用户名是否可用代码 <script type="text/网页特效" src="c ...
- catalan 数——卡特兰数(转)
Catalan数——卡特兰数 今天阿里淘宝笔试中碰到两道组合数学题,感觉非常亲切,但是笔试中失踪推导不出来后来查了下,原来是Catalan数.悲剧啊,现在整理一下 一.Catalan数的定义令h(1) ...