联盟
//AR1
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface LoopBack1
ip address 10.10.10.10 255.255.255.255
#
interface LoopBack2
ip address 10.10.10.20 255.255.255.255
#
bgp 100
peer 12.1.1.2 as-number 200
#
ipv4-family unicast
undo synchronization
network 10.10.10.10 255.255.255.255
network 10.10.10.20 255.255.255.255
peer 12.1.1.2 enable
#
//AR2
#
interface GigabitEthernet0/0/0
ip address 12.1.1.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 23.1.1.2 255.255.255.0
ospf enable 1 area 0.0.0.0
#
interface NULL0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
ospf enable 1 area 0.0.0.0
#
bgp 65001
confederation id 200
peer 3.3.3.3 as-number 65001
peer 3.3.3.3 connect-interface LoopBack0
peer 12.1.1.1 as-number 100
#
ipv4-family unicast
undo synchronization
peer 3.3.3.3 enable
peer 3.3.3.3 next-hop-local
peer 12.1.1.1 enable
#
ospf 1
area 0.0.0.0
#
//AR3
#
interface GigabitEthernet0/0/0
ip address 23.1.1.3 255.255.255.0
ospf enable 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
ip address 34.1.1.3 255.255.255.0
ospf enable 1 area 0.0.0.0
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
ospf enable 1 area 0.0.0.0
#
bgp 65001
confederation id 200
confederation peer-as 65002
peer 2.2.2.2 as-number 65001
peer 2.2.2.2 connect-interface LoopBack0
peer 4.4.4.4 as-number 65002
peer 4.4.4.4 ebgp-max-hop 255
peer 4.4.4.4 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 4.4.4.4 enable
#
ospf 1
area 0.0.0.0
#
//AR4
#
interface GigabitEthernet0/0/0
ip address 34.1.1.4 255.255.255.0
ospf enable 1 area 0.0.0.0
#
interface GigabitEthernet0/0/1
ip address 45.1.1.4 255.255.255.0
#
interface NULL0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
ospf enable 1 area 0.0.0.0
#
bgp 65002
confederation id 200
confederation peer-as 65001
peer 3.3.3.3 as-number 65001
peer 3.3.3.3 ebgp-max-hop 255
peer 3.3.3.3 connect-interface LoopBack0
peer 45.1.1.5 as-number 300
#
ipv4-family unicast
undo synchronization
peer 3.3.3.3 enable
peer 3.3.3.3 next-hop-local
peer 45.1.1.5 enable
#
ospf 1
area 0.0.0.0
#
//AR5
#
interface GigabitEthernet0/0/0
ip address 45.1.1.5 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface NULL0
#
interface LoopBack1
ip address 50.50.50.50 255.255.255.255
#
bgp 300
peer 45.1.1.4 as-number 200
#
ipv4-family unicast
undo synchronization
network 50.50.50.50 255.255.255.255
peer 45.1.1.4 enable
#
Community属性
如果现在要AR3不接收到10.10.10.10/32这条路由
//AR1
#
acl number 2000
rule 5 permit source 10.10.10.10 0
#
bgp 100
peer 12.1.1.2 as-number 200
#
ipv4-family unicast
undo synchronization
network 10.10.10.10 255.255.255.255
network 10.10.10.20 255.255.255.255
peer 12.1.1.2 enable
peer 12.1.1.2 route-policy 1 export
peer 12.1.1.2 advertise-community//因为是可选过渡,所以传递路由的时候带上Community属性,就必须加这条命令
#
route-policy 1 permit node 1
if-match acl 2000
apply community no-advertise
#
//AR2
bgp 65001
confederation id 200
peer 3.3.3.3 as-number 65001
peer 3.3.3.3 connect-interface LoopBack0
peer 12.1.1.1 as-number 100
#
ipv4-family unicast
undo synchronization
peer 3.3.3.3 enable
peer 3.3.3.3 next-hop-local
peer 3.3.3.3 advertise-community//AR2也要加上这条让Community属性生效
peer 12.1.1.1 enable
#
如果现在要AR5不接收到10.10.10.10/32这条路由
在AR1改成apply community no-export,并且AR3上执行peer 4.4.4.4 advertise-community
如果现在要AR4和AR5不接收到10.10.10.10/32这条路由
在AR1改成apply community no-export-subconfed
如果要将AR3接收到的10.10.10.10/32的origin改成incomplete
现在AR1自定义Community属性
//AR1
bgp 100
peer 12.1.1.2 as-number 200
#
ipv4-family unicast
undo synchronization
network 10.10.10.10 255.255.255.255
network 10.10.10.20 255.255.255.255
peer 12.1.1.2 enable
peer 12.1.1.2 route-policy 1 export
peer 12.1.1.2 advertise-community
#
route-policy 1 permit node 1
if-match acl 2000
apply community 100:100
#
route-policy 1 permit node 2
#
然后AR2会接收到Community属性100:100
然后在AR2上对该Community属性做操作
#
route-policy 1 permit node 1
if-match community-filter 1
apply origin incomplete
#
route-policy 1 permit node 2
#
ip community-filter 1 permit 100:100
#
此时AR3上就会将origin改成incomplete
可以在network时候使用route-policy
//AR1
#
bgp 100
peer 12.1.1.2 as-number 200
#
ipv4-family unicast
undo synchronization
network 10.10.10.10 255.255.255.255 route-policy 1
network 10.10.10.20 255.255.255.255
peer 12.1.1.2 enable
peer 12.1.1.2 advertise-community
#
route-policy 1 permit node 1
apply community 100:100
#
route-policy 1 permit node 2
#
此时AR2上接收到,如图:
