Juniper BGP配置

网络拓扑如下:

Juniper BGP配置

XRV1配置

===========================================================

root@XRV1# run show configuration

## Last commit: 2019-03-27 13:27:33 UTC by root
version 14.1R1.10;
system {
host-name XRV1;
root-authentication {
encrypted-password "$1$iiqdh9ru$CBQygri2MkpfgtgdGo8GO1"; ## SECRET-DATA
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.1.1/30;
}
family iso;
}
}
ge-0/0/1 {
unit 0 {
family inet {
address 10.10.1.5/30;
}
family iso;
}
}
ge-0/0/2 {
unit 0 {
family inet {
address 10.201.1.1/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 192.168.1.1/32;
}
family iso {
address 49.0000.1921.6811.00;
}
}
}
}
routing-options {
router-id 192.168.1.1;
autonomous-system 65001;
}
protocols {
bgp {
group ibgp {
type internal;
local-address 192.168.1.1;
neighbor 192.168.1.2 {
export as65002_to_as65001;
}
neighbor 192.168.1.3 {
export as65002_to_as65001;
}
}
group ebgp {
type external;
neighbor 10.201.1.2 {
peer-as 65002;
}
}
}
isis {
interface ge-0/0/0.0 {
level 1 disable;
}
interface ge-0/0/1.0 {
level 1 disable;
}
interface lo0.0;
}
}
policy-options {
prefix-list as65002_import {
10.123.1.0/24;
10.123.2.0/24;
10.123.3.0/24;
10.123.4.0/24;
10.123.5.0/24;
10.123.6.0/24;
10.123.7.0/24;
10.178.1.0/24;
10.178.2.0/24;
10.178.3.0/24;
10.178.4.0/24;
10.178.5.0/24;
10.178.6.0/24;
10.178.7.0/24;
10.178.8.0/24;
}
policy-statement as65002_to_as65001 {
from {
prefix-list as65002_import;
}
then {
next-hop self;
}
}
}

[edit]
root@XRV1#

XRV2配置

===========================================================

root@XRV2# run show configuration
## Last commit: 2019-03-27 13:38:59 UTC by root
version 14.1R1.10;
system {
host-name XRV2;
root-authentication {
encrypted-password "$1$iiqdh9ru$CBQygri2MkpfgtgdGo8GO1"; ## SECRET-DATA
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.1.2/30;
}
family iso;
}
}
ge-0/0/1 {
unit 0 {
family inet {
address 10.10.1.9/30;
}
family iso;
}
}
ge-0/0/2 {
unit 0 {
family inet {
address 10.201.1.6/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 192.168.1.2/32;
}
family iso {
address 49.0000.1921.6812.00;
}
}
}
}
routing-options {
router-id 192.168.1.2;
autonomous-system 65001;
}
protocols {
bgp {
group ibgp {
type internal;
local-address 192.168.1.2;
neighbor 192.168.1.1 {
export as65002_to_as65001;
}
neighbor 192.168.1.3 {
export as65002_to_as65001;
}
}
group ebgp {
type external;
neighbor 10.201.1.5 {
peer-as 65002;
}
}
}
isis {
interface ge-0/0/0.0 {
level 1 disable;
}
interface ge-0/0/1.0 {
level 1 disable;
}
interface lo0.0;
}
}
policy-options {
prefix-list as65002_import {
10.123.1.0/24;
10.123.2.0/24;
10.123.3.0/24;
10.123.4.0/24;
10.123.5.0/24;
10.123.6.0/24;
10.123.7.0/24;
10.178.1.0/24;
10.178.2.0/24;
10.178.3.0/24;
10.178.4.0/24;
}
policy-statement as65002_to_as65001 {
from {
prefix-list as65002_import;
}
then {
next-hop self;
}
}
}

[edit protocols bgp group ibgp]
root@XRV2#

L3-SW配置

===========================================================

L3-SW#show running-config
Building configuration...

Current configuration : 6662 bytes
!
! Last configuration change at 13:30:46 UTC Wed Mar 27 2019
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname L3-SW
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
no ip domain-lookup
ip cef
no ipv6 cef
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 192.168.1.3 255.255.255.255
ip router isis 1
!
interface GigabitEthernet0/0
switchport access vlan 100
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
switchport access vlan 200
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
!
interface Vlan1
ip address 10.158.1.254 255.255.255.0
!
interface Vlan2
ip address 10.158.2.254 255.255.255.0
!
interface Vlan3
ip address 10.158.3.254 255.255.255.0
!
interface Vlan4
ip address 10.158.4.254 255.255.255.0
!
interface Vlan5
ip address 10.158.5.254 255.255.255.0
!
interface Vlan6
ip address 10.158.6.254 255.255.255.0
!
interface Vlan7
ip address 10.158.7.254 255.255.255.0
!
interface Vlan8
ip address 10.158.8.254 255.255.255.0
!
interface Vlan9
ip address 10.158.9.254 255.255.255.0
!
interface Vlan10
ip address 10.158.10.254 255.255.255.0
!
interface Vlan11
ip address 10.158.11.254 255.255.255.0
!
interface Vlan12
ip address 10.158.12.254 255.255.255.0
!
interface Vlan13
ip address 10.158.13.254 255.255.255.0
!
interface Vlan14
ip address 10.158.14.254 255.255.255.0
!
interface Vlan15
ip address 10.158.15.254 255.255.255.0
!
interface Vlan16
ip address 10.158.16.254 255.255.255.0
!
interface Vlan17
ip address 10.133.1.254 255.255.255.0
!
interface Vlan18
ip address 10.133.2.254 255.255.255.0
!
interface Vlan19
ip address 10.133.3.254 255.255.255.0
!
interface Vlan20
ip address 10.133.4.254 255.255.255.0
!
interface Vlan21
ip address 10.133.5.254 255.255.255.0
!
interface Vlan22
ip address 10.133.6.254 255.255.255.0
!
interface Vlan23
ip address 10.133.7.254 255.255.255.0
!
interface Vlan24
ip address 10.133.8.254 255.255.255.0
!
interface Vlan25
ip address 10.133.9.254 255.255.255.0
!
interface Vlan26
ip address 10.133.10.254 255.255.255.0
!
interface Vlan27
ip address 10.133.11.254 255.255.255.0
!
interface Vlan28
ip address 10.133.12.254 255.255.255.0
!
interface Vlan29
ip address 10.133.13.254 255.255.255.0
!
interface Vlan30
ip address 10.133.14.254 255.255.255.0
!
interface Vlan31
ip address 10.133.15.254 255.255.255.0
!
interface Vlan32
ip address 10.133.16.254 255.255.255.0
!
interface Vlan100
ip address 10.10.1.6 255.255.255.252
ip router isis 1
isis circuit-type level-2-only
!
interface Vlan200
ip address 10.10.1.10 255.255.255.252
ip router isis 1
isis circuit-type level-2-only
!
router isis 1
net 49.0000.1921.6813.00
is-type level-2-only
!
router bgp 65001
bgp router-id 192.168.1.3
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
network 10.133.1.0 mask 255.255.255.0
network 10.133.2.0 mask 255.255.255.0
network 10.133.3.0 mask 255.255.255.0
network 10.133.4.0 mask 255.255.255.0
network 10.133.5.0 mask 255.255.255.0
network 10.133.6.0 mask 255.255.255.0
network 10.133.7.0 mask 255.255.255.0
network 10.133.8.0 mask 255.255.255.0
network 10.133.9.0 mask 255.255.255.0
network 10.133.10.0 mask 255.255.255.0
network 10.133.11.0 mask 255.255.255.0
network 10.133.12.0 mask 255.255.255.0
network 10.133.13.0 mask 255.255.255.0
network 10.133.14.0 mask 255.255.255.0
network 10.133.15.0 mask 255.255.255.0
network 10.133.16.0 mask 255.255.255.0
network 10.158.1.0 mask 255.255.255.0
network 10.158.2.0 mask 255.255.255.0
network 10.158.3.0 mask 255.255.255.0
network 10.158.4.0 mask 255.255.255.0
network 10.158.5.0 mask 255.255.255.0
network 10.158.6.0 mask 255.255.255.0
network 10.158.7.0 mask 255.255.255.0
network 10.158.8.0 mask 255.255.255.0
network 10.158.9.0 mask 255.255.255.0
network 10.158.10.0 mask 255.255.255.0
network 10.158.11.0 mask 255.255.255.0
network 10.158.12.0 mask 255.255.255.0
network 10.158.13.0 mask 255.255.255.0
network 10.158.14.0 mask 255.255.255.0
network 10.158.15.0 mask 255.255.255.0
network 10.158.16.0 mask 255.255.255.0
neighbor 192.168.1.1 remote-as 65001
neighbor 192.168.1.1 update-source Loopback0
neighbor 192.168.1.2 remote-as 65001
neighbor 192.168.1.2 update-source Loopback0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server

XRV3配置

===========================================================

root@XRV3# run show configuration
## Last commit: 2019-03-27 13:48:14 UTC by root
version 14.1R1.10;
system {
host-name XRV3;
root-authentication {
encrypted-password "$1$iiqdh9ru$CBQygri2MkpfgtgdGo8GO1"; ## SECRET-DATA
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.2.1/30;
}
family iso;
}
}
ge-0/0/1 {
unit 0 {
family inet {
address 10.201.1.2/30;
}
}
}
ge-0/0/2 {
unit 0 {
family inet {
address 10.10.2.5/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.1.3/32;
}
family iso {
address 49.0000.1921.6813.00;
}
}
}
}
routing-options {
router-id 192.168.1.3;
autonomous-system 65002;
}
protocols {
bgp {
group ebgp {
type external;
neighbor 10.201.1.1 {
peer-as 65001;
}
}
group ibgp {
type internal;
local-address 192.168.1.3;
neighbor 192.168.1.4 {
export as65001_to_as65002;
}
neighbor 192.168.1.5 {
export as65001_to_as65002;
}
}
}
isis {
interface ge-0/0/0.0 {
level 1 disable;
}
interface ge-0/0/2.0 {
level 1 disable;
}
interface lo0.0;
}
}
policy-options {
prefix-list as65001_export {
10.133.1.0/24;
10.133.2.0/24;
10.133.3.0/24;
10.133.4.0/24;
10.133.5.0/24;
10.133.6.0/24;
10.133.7.0/24;
10.133.8.0/24;
10.133.9.0/24;
10.133.10.0/24;
10.133.11.0/24;
10.133.12.0/24;
10.133.13.0/24;
10.133.14.0/24;
10.133.15.0/24;
10.133.16.0/24;
10.158.1.0/24;
10.158.2.0/24;
10.158.3.0/24;
10.158.4.0/24;
10.158.5.0/24;
10.158.6.0/24;
10.158.7.0/24;
10.158.8.0/24;
10.158.9.0/24;
10.158.10.0/24;
10.158.11.0/24;
10.158.12.0/24;
10.158.13.0/24;
10.158.14.0/24;
10.158.15.0/24;
10.158.16.0/24;
}
policy-statement as65001_to_as65002 {
from {
prefix-list as65001_export;
}
then {
next-hop self;
}
}
}

XRV4配置

===========================================================

root@XRV4# run show configuration 
## Last commit: 2019-03-27 13:48:24 UTC by root
version 14.1R1.10;
system {
host-name XRV4;
root-authentication {
encrypted-password "$1$iiqdh9ru$CBQygri2MkpfgtgdGo8GO1"; ## SECRET-DATA
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.2.2/30;
}
family iso;
}
}
ge-0/0/1 {
unit 0 {
family inet {
address 10.201.1.5/30;
}
}

ge-0/0/2 {
unit 0 {
family inet {
address 10.10.2.10/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.1.4/32;
}
family iso {
address 49.0000.1921.6814.00;
}
}
}
}
routing-options {
router-id 192.168.1.4;
autonomous-system 65002;

protocols {
bgp {
group ebgp {
type external;
neighbor 10.201.1.6 {
peer-as 65001;
}
}
group ibgp {
type internal;
local-address 192.168.1.4;
neighbor 192.168.1.3 {
export as65001_to_as65002;
}
neighbor 192.168.1.5 {
export as65001_to_as65002;
}
}
}
isis {
interface ge-0/0/0.0 {
level 1 disable;

interface ge-0/0/2.0 {
level 1 disable;
}
interface lo0.0;
}
}
policy-options {
prefix-list as65001_export {
10.133.1.0/24;
10.133.2.0/24;
10.133.3.0/24;
10.133.4.0/24;
10.133.5.0/24;
10.133.6.0/24;
10.133.7.0/24;
10.133.8.0/24;
10.133.9.0/24;
10.133.10.0/24;
10.133.11.0/24;
10.133.12.0/24;
10.133.13.0/24;
10.133.14.0/24;
10.133.15.0/24; 
10.133.16.0/24;
10.158.1.0/24;
10.158.2.0/24;
10.158.3.0/24;
10.158.4.0/24;
10.158.5.0/24;
10.158.6.0/24;
10.158.7.0/24;
10.158.8.0/24;
10.158.9.0/24;
10.158.10.0/24;
10.158.11.0/24;
10.158.12.0/24;
10.158.13.0/24;
10.158.14.0/24;
10.158.15.0/24;
10.158.16.0/24;
}
policy-statement as65001_to_as65002 {
from {
prefix-list as65001_export;
}
then { 
next-hop self;
}
}
}

[edit protocols bgp group ibgp]
root@XRV4#

上一篇:如何成为一个牛逼的C/C++程序员?


下一篇:引用JS表单验证大全 以后方便查看用