CCNP(BSCI)實驗：BGP實驗利用聯邦使全網互通

其實是65023和65045，但R1和R5的配置人員不知道，配置成了234（指定錯了），咱們能夠經過confederation identifier欺騙R1和R5說我是234，這樣等於說234就造成了一個聯邦。
預配置
R1上的配置
en
conf t
no ip do lo
line c 0
no exec-t
logg syn
host R1
int lo0
ip add 1.1.1.1 255.255.255.0
int s2/1
ip add 12.0.0.1 255.255.255.0
no sh

R2上的配置
en
conf t
no ip do lo
line c 0
no exec-t
logg syn
host R2
int lo0
ip add 2.2.2.2 255.255.255.0
int s2/1
ip add 12.0.0.2 255.255.255.0
no sh
int s2/2
ip add 23.0.0.2 255.255.255.0
no sh

R3上的配置
en
conf t
no ip do lo
line c 0
no exec-t
logg syn
host R3
int lo0
ip add 3.3.3.3 255.255.255.0
int s2/1
ip add 23.0.0.3 255.255.255.0
no sh
int s2/2
ip add 34.0.0.3 255.255.255.0
no sh

R4上的配置
en
conf t
no ip do lo
line c 0
no exec-t
logg syn
host R4
int lo0
ip add 4.4.4.4 255.255.255.0
int s2/1
ip add 34.0.0.4 255.255.255.0
no sh
int s2/2
ip add 45.0.0.4 255.255.255.0
no sh

R5上的配置
en
conf t
no ip do lo
line c 0
no exec-t
logg syn
host R5
int lo0
ip add 5.5.5.5 255.255.255.0
int s2/2
ip add 45.0.0.5 255.255.255.0
no sh
實驗過程：
第一步：先讓R2-R4上的EIGRP協議跑起來

R2(config)#router ei 11
R2(config-router)#net 2.2.2.2
R2(config-router)#net 23.0.0.2
R2(config-router)#no au

R3(config)#router ei 11
R3(config-router)#net 3.3.3.3
R3(config-router)#net 23.0.0.3
R3(config-router)#net 34.0.0.4
R3(config-router)#no au

R4(config)#router ei 11
R4(config-router)#net 4.4.4.4
R4(config-router)#net 34.0.0.4
R4(config-router)#no au
第二步：再在R1—R5上跑BGP協議
第二步分步：本文重點
第一步：在R1上指定鄰居R2的物理接口12.0.0.2爲AS爲234.其實R2的AS爲65023。咱們想到會在R1上出現錯誤，咱們來看看實際狀況
R1(config)#router b 100
R1(config-router)#nei 12.0.0.2 remot 234

R2(config-router)#router b 65023
R2(config-router)#nei 12.0.0.1 remot 100

Nov 29 17:18:21.315: %BGP-3-NOTIFICATION: sent to neighbor 12.0.0.2 2/2 (peer in wrong AS) 2 bytes FDFF
R1(config-router)# FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 FDFF 00B4 0202 0202 1002 0601 0400 0100 0102 0280 0002 0202 00
//咱們看到了在R1上出現的錯誤
接着咱們再配置完R2
R2(config-router)#bgp confederation identifier 234
//這裏咱們對外宣佈as爲234，也就是說欺騙R1說我是234。這樣R1上不會出現錯誤提示
R2(config-router)#nei 3.3.3.3 remot 65
R2(config-router)#nei 3.3.3.3 remot 65023
R2(config-router)#nei 3.3.3.3 up lo0
R2(config-router)#
第二步：在其它各路由器上配置bgp
在R5上和R1上出現的狀況是一致的，咱們在這裏不在演示
R3(config)#router b 65023
R3(config-router)#bgp confederation identifier 234
R3(config-router)#bgp confederation peers 65034
R3(config-router)#nei 2.2.2.2 remot 65023
R3(config-router)#nei 2.2.2.2 up lo0
R3(config-router)#nei 4.4.4.4 remot 65034
R3(config-router)#nei 4.4.4.4 up lo0
R3(config-router)#nei 4.4.4.4 e
R4(config-router)#router b 65034
R4(config-router)#bgp con id 234
R4(config-router)#bgp con p 65023
R4(config-router)#nei 45.0.0.5 remot 500
R4(config-router)#nei 3.3.3.3 remot 65023
R4(config-router)#nei 3.3.3.3 up lo0
R4(config-router)#nei 3.3.3.3 ebgp-multihop *

R5(config)#router b 500
R5(config-router)#nei 45.0.0.4 remot 234
第三步：在各個路由器上宣告本身的網段
R1(config-router)#net 1.1.1.0 mask 255.255.255.0
R1(config-router)#net 12.0.0.0 mask 255.255.255.0
R2(config-router)#net 2.2.2.0 mask 255.255.255.0
R3(config-router)#net 3.3.3.0 mask 255.255.255.0
R3(config-router)#net 23.0.0.0 mask 255.255.255.0
R3(config-router)#net 34.0.0.0 mask 255.255.255.0
R4(config-router)#net 4.4.4.0 mask 255.255.255.0
R5(config-router)#net 5.5.5.0 mask 255.255.255.0
R5(config-router)#net 45.0.0.0 mask 255.255.255.0
//從上面的這些宣告的例子咱們能夠看出，每一個路由器都宣告本身的迴環接口和直連網段，可是相鄰的兩個路由器只須要宣告本身共同的網段一次就行
即全部的路由器宣告的全部網段沒有重複的路由條目
第三步：在各個路由上查看相關配置
在R3上出現了這樣的狀況

第四步：測試
R1#tclsh
R1(tcl)#foreach ip {
+>(tcl)#2.2.2.2
+>(tcl)#3.3.3.3
+>(tcl)#4.4.4.4
+>(tcl)#5.5.5.5
+>(tcl)#12.0.0.2
+>(tcl)#23.0.0.2
+>(tcl)#23.0.0.3
+>(tcl)#34.0.0.3
+>(tcl)#34.0.0.4
+>(tcl)#45.0.0.4
+>(tcl)#45.0.0.5
+>(tcl)#1.1.1.1
+>(tcl)#} {ping $ip}

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/33/80 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/56/100 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/71/120 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 80/119/180 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/39/64 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 23.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/26/44 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 23.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/55/80 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 34.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/70/124 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 34.0.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/101/184 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 45.0.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/54/100 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 45.0.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/85/136 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

R5#tclsh
R5(tcl)#foreach ip {
+>(tcl)#2.2.2.2
+>(tcl)#1.1.1.1
+>(tcl)#3.3.3.3
+>(tcl)#4.4.4.4
+>(tcl)#12.0.0.1
+>(tcl)#12.0.0.2
+>(tcl)#23.0.0.2
+>(tcl)#23.0.0.3
+>(tcl)#34.0.0.3
+>(tcl)#34.0.0.4
+>(tcl)#45.0.0.4
+>(tcl)#45.0.0.5
+>(tcl)#5.5.5.5
+>(tcl)#} {ping $ip}

Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 76/108/188 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 44/98/140 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 36/73/96 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 12/38/80 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 12.0.0.1, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 76/98/140 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 12.0.0.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 60/84/108 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 23.0.0.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 80/100/128 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 23.0.0.3, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 20/64/116 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 34.0.0.3, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 12/88/124 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 34.0.0.4, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 12/41/60 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 45.0.0.4, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 8/32/52 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 45.0.0.5, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 24/43/92 msType escape sequence to abort.Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 msR5(tcl)#