企业BGP网络规划案例(一)

时间:2023-01-17 04:54:46

网络拓扑:

企业BGP网络规划案例(一)

如上图为一家企业的办公网,分为总部AS6500,分公司AS65001和分公司AS65002,其中每个站点都有生产、办公和服务器区域的网络互访,分公司和总公司之间通过两条联通/电信的MSTP线路互联。考虑到本案例需要做路由的控制和选路,为了更好的进行路由的选路和控制,本例选择BGP作为路由协议。

XRV1

==============================================================

!
hostname XRV1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model

!
subscriber templating
!
multilink bundle-name authenticated
!
!
!
!
!
key chain cisco
key 1
key-string cisco
!
license udi pid CSR1000V sn 9TNB5YCPUP5
!
spanning-tree extend system-id
!
!
redundancy
!
interface Loopback0
ip address 10.255.255.1 255.255.255.255
ip router isis 100
isis circuit-type level-2-only
!
interface GigabitEthernet1
ip address 10.10.1.1 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet2
ip address 10.201.1.1 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet3
ip address 10.201.1.9 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet4
ip address 10.10.1.6 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
router isis 100
net 49.0000.1025.5255.1000.00
is-type level-2-only
!
router bgp 65000
bgp router-id 10.255.255.1
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.201.1.2 remote-as 65001
neighbor 10.201.1.2 password cisco
neighbor 10.201.1.2 fall-over bfd
neighbor 10.201.1.2 send-community
neighbor 10.201.1.10 remote-as 65002
neighbor 10.201.1.10 password cisco
neighbor 10.201.1.10 send-community
neighbor 10.255.255.2 remote-as 65000
neighbor 10.255.255.2 password cisco
neighbor 10.255.255.2 update-source Loopback0
neighbor 10.255.255.2 next-hop-self
neighbor 10.255.255.7 remote-as 65000
neighbor 10.255.255.7 password cisco
neighbor 10.255.255.7 update-source Loopback0
neighbor 10.255.255.7 next-hop-self

XRV2

==============================================================

!
hostname XRV2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!

subscriber templating
!
multilink bundle-name authenticated
!
key chain cisco
key 1
key-string cisco
!
license udi pid CSR1000V sn 9RXESOZ20H8
!
spanning-tree extend system-id
!
!
redundancy
!
interface Loopback0
ip address 10.255.255.2 255.255.255.255
ip router isis 100
isis circuit-type level-2-only
!
interface GigabitEthernet1
ip address 10.10.1.2 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet2
ip address 10.201.1.5 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet3
ip address 10.201.1.13 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet4
ip address 10.10.1.10 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
router isis 100
net 49.0000.1025.5255.2000.00
is-type level-2-only
!
router bgp 65000
bgp router-id 10.255.255.2
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.201.1.6 remote-as 65001
neighbor 10.201.1.6 password cisco
neighbor 10.201.1.6 fall-over bfd
neighbor 10.201.1.14 remote-as 65002
neighbor 10.201.1.14 password cisco
neighbor 10.201.1.14 fall-over bfd
neighbor 10.255.255.1 remote-as 65000
neighbor 10.255.255.1 password cisco
neighbor 10.255.255.1 update-source Loopback0
neighbor 10.255.255.1 next-hop-self
neighbor 10.255.255.7 remote-as 65000
neighbor 10.255.255.7 password cisco
neighbor 10.255.255.7 update-source Loopback0
neighbor 10.255.255.7 next-hop-self
!

XRV3

==============================================================

!
hostname XRV3
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!

!
!
!
!
!
!
!
!
!
!
subscriber templating
!
multilink bundle-name authenticated
!
!
!
!
!
key chain cisco
key 1
key-string cisco
!
!
!
!
!
!
!
!
!
license udi pid CSR1000V sn 975F6E0JVTP
!
spanning-tree extend system-id
!
!
redundancy
!
interface Loopback0
ip address 10.255.255.3 255.255.255.255
ip router isis 100
!
interface GigabitEthernet1
ip address 10.10.2.1 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet2
ip address 10.201.1.2 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet3
ip address 10.10.2.5 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet4
no ip address
shutdown
negotiation auto
!
router isis 100
net 49.0000.1025.5255.3000.00
is-type level-2-only
!
router bgp 65001
bgp router-id 192.168.1.3
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.201.1.1 remote-as 65000
neighbor 10.201.1.1 password cisco
neighbor 10.201.1.1 fall-over bfd
neighbor 10.201.1.1 send-community
neighbor 10.201.1.1 route-map as65001-export-cu out
neighbor 10.255.255.4 remote-as 65001
neighbor 10.255.255.4 password cisco
neighbor 10.255.255.4 update-source Loopback0
neighbor 10.255.255.4 next-hop-self
neighbor 10.255.255.4 send-community
neighbor 10.255.255.8 remote-as 65001
neighbor 10.255.255.8 password cisco
neighbor 10.255.255.8 update-source Loopback0
neighbor 10.255.255.8 next-hop-self
neighbor 10.255.255.8 send-community
!
!
virtual-service csr_mgmt
!
ip forward-protocol nd
!
ip bgp-community new-format
no ip http server
no ip http secure-server
!
!
route-map as65001-export-cu permit 10
match community 65001:100
set as-path prepend 65001 65001 65001
!
route-map as65001-export-cu permit 20
!

XRV4

==============================================================

!
hostname XRV4
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!

subscriber templating
!
multilink bundle-name authenticated
!
key chain cisco
key 0
key-string cisco
key 1
key-string cisco
!
license udi pid CSR1000V sn 9LQFX0T7L21
!
spanning-tree extend system-id
!
!
redundancy
!
!
interface Loopback0
ip address 10.255.255.4 255.255.255.255
ip router isis 100
isis circuit-type level-2-only
!
interface GigabitEthernet1
ip address 10.10.2.2 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet2
ip address 10.201.1.6 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet3
ip address 10.10.2.9 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text level-2
isis authentication key-chain cisco
!
interface GigabitEthernet4
no ip address
shutdown
negotiation auto
!
router isis 100
net 49.0000.1025.5255.4000.00
is-type level-2-only
!
router bgp 65001
bgp router-id 192.168.1.4
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.201.1.5 remote-as 65000
neighbor 10.201.1.5 password cisco
neighbor 10.201.1.5 fall-over bfd
neighbor 10.201.1.5 route-map as65001-export-ct out
neighbor 10.255.255.3 remote-as 65001
neighbor 10.255.255.3 password cisco
neighbor 10.255.255.3 update-source Loopback0
neighbor 10.255.255.3 next-hop-self
neighbor 10.255.255.8 remote-as 65001
neighbor 10.255.255.8 password cisco
neighbor 10.255.255.8 update-source Loopback0
neighbor 10.255.255.8 next-hop-self
!
!
virtual-service csr_mgmt
!
ip forward-protocol nd
!
ip bgp-community new-format
no ip http server
no ip http secure-server
!
!
route-map as65001-export-cu permit 20
!
route-map as65001-export-ct permit 10
match community 65001:200
set as-path prepend 65001 65001 65001
!

XRV5

==============================================================

!
hostname XRV5
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!

subscriber templating
!
multilink bundle-name authenticated
!
key chain cisco
key 1
key-string cisco
!
license udi pid CSR1000V sn 9A06X1RGMNL
!
spanning-tree extend system-id
!
!
redundancy
!
interface Loopback0
ip address 10.255.255.5 255.255.255.255
ip router isis 100
!
interface GigabitEthernet1
ip address 10.10.3.1 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet2
ip address 10.201.1.10 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet3
ip address 10.10.3.5 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet4
no ip address
shutdown
negotiation auto
!
router isis 100
net 49.0000.1025.5255.5000.00
is-type level-2-only
!
router bgp 65002
bgp router-id 10.255.255.5
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.201.1.9 remote-as 65000
neighbor 10.201.1.9 password cisco
neighbor 10.201.1.9 fall-over bfd
neighbor 10.255.255.6 remote-as 65002
neighbor 10.255.255.6 password cisco
neighbor 10.255.255.6 next-hop-self
neighbor 10.255.255.9 remote-as 65002
neighbor 10.255.255.9 password cisco
neighbor 10.255.255.9 update-source Loopback0
neighbor 10.255.255.9 next-hop-self
!

XRV6

==============================================================

!
hostname XRV6
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!

subscriber templating
!
multilink bundle-name authenticated
!
key chain cisco
key 1
key-string cisco
!
license udi pid CSR1000V sn 9T2BOC64F2X
!
spanning-tree extend system-id
!
!
redundancy
!
!
interface Loopback0
ip address 10.255.255.6 255.255.255.255
ip router isis 100
!
interface GigabitEthernet1
ip address 10.10.3.2 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet2
ip address 10.201.1.14 255.255.255.252
negotiation auto
bfd interval 250 min_rx 250 multiplier 3
!
interface GigabitEthernet3
ip address 10.10.3.9 255.255.255.252
ip router isis 100
negotiation auto
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface GigabitEthernet4
no ip address
shutdown
negotiation auto
!
router isis 100
net 49.0000.1025.5255.6000.00
is-type level-2-only
!
router bgp 65002
bgp router-id 10.255.255.6
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
neighbor 10.201.1.13 remote-as 65000
neighbor 10.201.1.13 password cisco
neighbor 10.201.1.13 fall-over bfd
neighbor 10.255.255.5 remote-as 65002
neighbor 10.255.255.5 password cisco
neighbor 10.255.255.5 update-source Loopback0
neighbor 10.255.255.5 next-hop-self
neighbor 10.255.255.9 remote-as 65002
neighbor 10.255.255.9 password cisco
neighbor 10.255.255.9 update-source Loopback0
neighbor 10.255.255.9 next-hop-self
!

XRV7

==============================================================

!
hostname XRV7
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
no ipv6 cef
!
key chain cisco
key 1
key-string cisco
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface Loopback0
ip address 10.255.255.7 255.255.255.255
ip router isis 100
!
interface GigabitEthernet0/0
switchport access vlan 100
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
switchport access vlan 200
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
!
interface Vlan1
ip address 10.158.1.254 255.255.255.0
!
interface Vlan2
ip address 10.158.2.254 255.255.255.0
!
interface Vlan3
ip address 10.158.3.254 255.255.255.0
!
interface Vlan4
ip address 10.158.4.254 255.255.255.0
!
interface Vlan5
ip address 10.158.5.254 255.255.255.0
!
interface Vlan6
ip address 10.158.6.254 255.255.255.0
!
interface Vlan7
ip address 10.158.7.254 255.255.255.0
!
interface Vlan8
ip address 10.158.8.254 255.255.255.0
!
interface Vlan9
ip address 10.158.9.254 255.255.255.0
!
interface Vlan10
ip address 10.158.10.254 255.255.255.0
!
interface Vlan11
ip address 10.158.11.254 255.255.255.0
!
interface Vlan12
ip address 10.158.12.254 255.255.255.0
!
interface Vlan13
ip address 10.158.13.254 255.255.255.0
!
interface Vlan14
ip address 10.158.14.254 255.255.255.0
!
interface Vlan15
ip address 10.158.15.254 255.255.255.0
!
interface Vlan16
ip address 10.158.16.254 255.255.255.0
!
interface Vlan17
ip address 10.133.1.254 255.255.255.0
!
interface Vlan18
ip address 10.133.2.254 255.255.255.0
!
interface Vlan19
ip address 10.133.3.254 255.255.255.0
!
interface Vlan20
ip address 10.133.4.254 255.255.255.0
!
interface Vlan21
ip address 10.133.5.254 255.255.255.0
!
interface Vlan22
ip address 10.133.6.254 255.255.255.0
!
interface Vlan23
ip address 10.133.7.254 255.255.255.0
!
interface Vlan24
ip address 10.133.8.254 255.255.255.0
!
interface Vlan25
ip address 10.133.9.254 255.255.255.0
!
interface Vlan26
ip address 10.133.10.254 255.255.255.0
!
interface Vlan27
ip address 10.133.11.254 255.255.255.0
!
interface Vlan28
ip address 10.133.12.254 255.255.255.0
!
interface Vlan29
ip address 10.133.13.254 255.255.255.0
!
interface Vlan30
ip address 10.133.14.254 255.255.255.0
!
interface Vlan31
ip address 10.133.15.254 255.255.255.0
!
interface Vlan32
ip address 10.133.16.254 255.255.255.0
!
interface Vlan33
ip address 10.78.1.254 255.255.255.0
!
interface Vlan34
ip address 10.78.2.254 255.255.255.0
!
interface Vlan35
ip address 10.78.3.254 255.255.255.0
!
interface Vlan36
ip address 10.78.4.254 255.255.255.0
!
interface Vlan37
ip address 10.78.5.254 255.255.255.0
!
interface Vlan38
ip address 10.78.6.254 255.255.255.0
!
interface Vlan39
ip address 10.78.7.254 255.255.255.0
!
interface Vlan40
ip address 10.78.8.254 255.255.255.0
!
interface Vlan41
ip address 10.78.9.254 255.255.255.0
!
interface Vlan42
ip address 10.78.10.254 255.255.255.0
!
interface Vlan43
ip address 10.78.11.254 255.255.255.0
!
interface Vlan44
ip address 10.78.12.254 255.255.255.0
!
interface Vlan45
ip address 10.78.13.254 255.255.255.0
!
interface Vlan46
ip address 10.78.14.254 255.255.255.0
!
interface Vlan47
ip address 10.78.15.254 255.255.255.0
!
interface Vlan48
ip address 10.78.16.254 255.255.255.0
!
interface Vlan100
ip address 10.10.1.5 255.255.255.252
ip router isis 100
isis circuit-type level-2-only
isis password cisco level-1
isis authentication mode text level-2
isis authentication key-chain cisco
!
interface Vlan200
ip address 10.10.1.9 255.255.255.252
ip router isis 100
isis circuit-type level-2-only
isis authentication mode text level-2
isis authentication key-chain cisco
!
router isis 100
net 49.0000.1025.5255.7000.00
is-type level-2-only
!
router bgp 65000
bgp router-id 10.255.255.7
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
network 10.78.1.0 mask 255.255.255.0
network 10.78.2.0 mask 255.255.255.0
network 10.78.3.0 mask 255.255.255.0
network 10.78.4.0 mask 255.255.255.0
network 10.78.5.0 mask 255.255.255.0
network 10.78.6.0 mask 255.255.255.0
network 10.78.7.0 mask 255.255.255.0
network 10.78.8.0 mask 255.255.255.0
network 10.78.9.0 mask 255.255.255.0
network 10.78.10.0 mask 255.255.255.0
network 10.78.11.0 mask 255.255.255.0
network 10.78.12.0 mask 255.255.255.0
network 10.78.13.0 mask 255.255.255.0
network 10.78.14.0 mask 255.255.255.0
network 10.78.15.0 mask 255.255.255.0
network 10.78.16.0 mask 255.255.255.0
network 10.133.1.0 mask 255.255.255.0
network 10.133.2.0 mask 255.255.255.0
network 10.133.3.0 mask 255.255.255.0
network 10.133.4.0 mask 255.255.255.0
network 10.133.5.0 mask 255.255.255.0
network 10.133.6.0 mask 255.255.255.0
network 10.133.7.0 mask 255.255.255.0
network 10.133.8.0 mask 255.255.255.0
network 10.133.9.0 mask 255.255.255.0
network 10.133.10.0 mask 255.255.255.0
network 10.133.11.0 mask 255.255.255.0
network 10.133.12.0 mask 255.255.255.0
network 10.133.13.0 mask 255.255.255.0
network 10.133.14.0 mask 255.255.255.0
network 10.133.15.0 mask 255.255.255.0
network 10.133.16.0 mask 255.255.255.0
network 10.158.1.0 mask 255.255.255.0
network 10.158.2.0 mask 255.255.255.0
network 10.158.3.0 mask 255.255.255.0
network 10.158.4.0 mask 255.255.255.0
network 10.158.5.0 mask 255.255.255.0
network 10.158.6.0 mask 255.255.255.0
network 10.158.7.0 mask 255.255.255.0
network 10.158.8.0 mask 255.255.255.0
network 10.158.9.0 mask 255.255.255.0
network 10.158.10.0 mask 255.255.255.0
network 10.158.11.0 mask 255.255.255.0
network 10.158.12.0 mask 255.255.255.0
network 10.158.13.0 mask 255.255.255.0
network 10.158.14.0 mask 255.255.255.0
network 10.158.15.0 mask 255.255.255.0
network 10.158.16.0 mask 255.255.255.0
neighbor 10.255.255.1 remote-as 65000
neighbor 10.255.255.1 password cisco
neighbor 10.255.255.1 update-source Loopback0
neighbor 10.255.255.1 next-hop-self
neighbor 10.255.255.2 remote-as 65000
neighbor 10.255.255.2 password cisco
neighbor 10.255.255.2 update-source Loopback0
neighbor 10.255.255.2 next-hop-self
!

XRV8

==============================================================

!
hostname XRV8
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
no ipv6 cef
!
key chain cisco
key 0
key-string cisco
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface Loopback0
ip address 10.255.255.8 255.255.255.255
ip router isis 100
isis circuit-type level-2-only
!
interface GigabitEthernet0/0
switchport access vlan 100
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
switchport access vlan 200
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
!
interface Vlan1
ip address 10.138.1.254 255.255.255.0
!
interface Vlan2
ip address 10.138.2.254 255.255.255.0
!
interface Vlan3
ip address 10.138.3.254 255.255.255.0
!
interface Vlan4
ip address 10.138.4.254 255.255.255.0
!
interface Vlan5
ip address 10.138.5.254 255.255.255.0
!
interface Vlan6
ip address 10.138.6.254 255.255.255.0
!
interface Vlan7
ip address 10.138.7.254 255.255.255.0
!
interface Vlan8
ip address 10.138.8.254 255.255.255.0
!
interface Vlan9
ip address 10.138.9.254 255.255.255.0
!
interface Vlan10
ip address 10.138.10.254 255.255.255.0
!
interface Vlan11
ip address 10.138.11.254 255.255.255.0
!
interface Vlan12
ip address 10.138.12.254 255.255.255.0
!
interface Vlan13
ip address 10.138.13.254 255.255.255.0
!
interface Vlan14
ip address 10.138.14.254 255.255.255.0
!
interface Vlan15
ip address 10.138.15.254 255.255.255.0
!
interface Vlan16
ip address 10.138.16.254 255.255.255.0
!
interface Vlan17
ip address 10.173.1.254 255.255.255.0
!
interface Vlan18
ip address 10.173.2.254 255.255.255.0
!
interface Vlan19
ip address 10.173.3.254 255.255.255.0
!
interface Vlan20
ip address 10.173.4.254 255.255.255.0
!
interface Vlan21
ip address 10.173.5.254 255.255.255.0
!
interface Vlan22
ip address 10.173.6.254 255.255.255.0
!
interface Vlan23
ip address 10.173.7.254 255.255.255.0
!
interface Vlan24
ip address 10.173.8.254 255.255.255.0
!
interface Vlan25
ip address 10.173.9.254 255.255.255.0
!
interface Vlan26
ip address 10.173.10.254 255.255.255.0
!
interface Vlan27
ip address 10.173.11.254 255.255.255.0
!
interface Vlan28
ip address 10.173.12.254 255.255.255.0
!
interface Vlan29
ip address 10.173.13.254 255.255.255.0
!
interface Vlan30
ip address 10.173.14.254 255.255.255.0
!
interface Vlan31
ip address 10.173.15.254 255.255.255.0
!
interface Vlan32
ip address 10.173.16.254 255.255.255.0
!
interface Vlan33
ip address 10.178.1.254 255.255.255.0
!
interface Vlan34
ip address 10.178.2.254 255.255.255.0
!
interface Vlan35
ip address 10.178.3.254 255.255.255.0
!
interface Vlan36
ip address 10.178.4.254 255.255.255.0
!
interface Vlan37
ip address 10.178.5.254 255.255.255.0
!
interface Vlan38
ip address 10.178.6.254 255.255.255.0
!
interface Vlan39
ip address 10.178.7.254 255.255.255.0
!
interface Vlan40
ip address 10.178.8.254 255.255.255.0
!
interface Vlan41
ip address 10.178.9.254 255.255.255.0
!
interface Vlan42
ip address 10.178.10.254 255.255.255.0
!
interface Vlan43
ip address 10.178.11.254 255.255.255.0
!
interface Vlan44
ip address 10.178.12.254 255.255.255.0
!
interface Vlan45
ip address 10.178.13.254 255.255.255.0
!
interface Vlan46
ip address 10.178.14.254 255.255.255.0
!
interface Vlan47
ip address 10.178.15.254 255.255.255.0
!
interface Vlan48
ip address 10.178.16.254 255.255.255.0
!
interface Vlan100
ip address 10.10.2.6 255.255.255.252
ip router isis 100
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco level-2
!
interface Vlan200
ip address 10.10.2.10 255.255.255.252
ip router isis 100
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco level-2
!
router isis 100
net 49.0000.1025.5255.8000.00
is-type level-2-only
!
router bgp 65001
bgp router-id 10.255.255.8
bgp log-neighbor-changes
bgp graceful-restart restart-time 120
bgp graceful-restart stalepath-time 360
bgp graceful-restart
network 10.138.1.0 mask 255.255.255.0
network 10.138.2.0 mask 255.255.255.0
network 10.138.3.0 mask 255.255.255.0
network 10.138.4.0 mask 255.255.255.0
network 10.138.5.0 mask 255.255.255.0
network 10.138.6.0 mask 255.255.255.0
network 10.138.7.0 mask 255.255.255.0
network 10.138.8.0 mask 255.255.255.0
network 10.138.9.0 mask 255.255.255.0
network 10.138.10.0 mask 255.255.255.0
network 10.138.11.0 mask 255.255.255.0
network 10.138.12.0 mask 255.255.255.0
network 10.138.13.0 mask 255.255.255.0
network 10.138.14.0 mask 255.255.255.0
network 10.138.15.0 mask 255.255.255.0
network 10.138.16.0 mask 255.255.255.0
network 10.173.1.0 mask 255.255.255.0
network 10.173.2.0 mask 255.255.255.0
network 10.173.3.0 mask 255.255.255.0
network 10.173.4.0 mask 255.255.255.0
network 10.173.5.0 mask 255.255.255.0
network 10.173.6.0 mask 255.255.255.0
network 10.173.7.0 mask 255.255.255.0
network 10.173.8.0 mask 255.255.255.0
network 10.173.9.0 mask 255.255.255.0
network 10.173.10.0 mask 255.255.255.0
network 10.173.11.0 mask 255.255.255.0
network 10.173.12.0 mask 255.255.255.0
network 10.173.13.0 mask 255.255.255.0
network 10.173.14.0 mask 255.255.255.0
network 10.173.15.0 mask 255.255.255.0
network 10.173.16.0 mask 255.255.255.0
network 10.178.1.0 mask 255.255.255.0
network 10.178.2.0 mask 255.255.255.0
network 10.178.3.0 mask 255.255.255.0
network 10.178.4.0 mask 255.255.255.0
network 10.178.5.0 mask 255.255.255.0
network 10.178.6.0 mask 255.255.255.0
network 10.178.7.0 mask 255.255.255.0
network 10.178.8.0 mask 255.255.255.0
network 10.178.9.0 mask 255.255.255.0
network 10.178.10.0 mask 255.255.255.0
network 10.178.11.0 mask 255.255.255.0
network 10.178.12.0 mask 255.255.255.0
network 10.178.13.0 mask 255.255.255.0
network 10.178.14.0 mask 255.255.255.0
network 10.178.15.0 mask 255.255.255.0
network 10.178.16.0 mask 255.255.255.0
neighbor 10.255.255.3 remote-as 65001
neighbor 10.255.255.3 password cisco
neighbor 10.255.255.3 update-source Loopback0
neighbor 10.255.255.3 send-community
neighbor 10.255.255.3 route-map as65001-export out
neighbor 10.255.255.4 remote-as 65001
neighbor 10.255.255.4 password cisco
neighbor 10.255.255.4 update-source Loopback0
neighbor 10.255.255.4 send-community
neighbor 10.255.255.4 route-map as65001-export out
!
ip forward-protocol nd
!
ip bgp-community new-format
no ip http server
no ip http secure-server
!
!
!
!
ip prefix-list as65001-bangong-100 seq 5 permit 10.138.1.0/24
ip prefix-list as65001-bangong-100 seq 10 permit 10.138.2.0/24
ip prefix-list as65001-bangong-100 seq 15 permit 10.138.3.0/24
ip prefix-list as65001-bangong-100 seq 20 permit 10.138.4.0/24
ip prefix-list as65001-bangong-100 seq 25 permit 10.138.5.0/24
ip prefix-list as65001-bangong-100 seq 30 permit 10.138.6.0/24
ip prefix-list as65001-bangong-100 seq 35 permit 10.138.7.0/24
ip prefix-list as65001-bangong-100 seq 40 permit 10.138.8.0/24
ip prefix-list as65001-bangong-100 seq 45 permit 10.138.9.0/24
ip prefix-list as65001-bangong-100 seq 50 permit 10.138.10.0/24
ip prefix-list as65001-bangong-100 seq 55 permit 10.138.11.0/24
ip prefix-list as65001-bangong-100 seq 60 permit 10.138.12.0/24
ip prefix-list as65001-bangong-100 seq 65 permit 10.138.13.0/24
ip prefix-list as65001-bangong-100 seq 70 permit 10.138.14.0/24
ip prefix-list as65001-bangong-100 seq 75 permit 10.138.15.0/24
ip prefix-list as65001-bangong-100 seq 80 permit 10.138.16.0/24
!
ip prefix-list as65001-dc-300 seq 5 permit 10.178.1.0/24
ip prefix-list as65001-dc-300 seq 10 permit 10.178.2.0/24
ip prefix-list as65001-dc-300 seq 15 permit 10.178.3.0/24
ip prefix-list as65001-dc-300 seq 20 permit 10.178.4.0/24
ip prefix-list as65001-dc-300 seq 25 permit 10.178.5.0/24
ip prefix-list as65001-dc-300 seq 30 permit 10.178.6.0/24
ip prefix-list as65001-dc-300 seq 35 permit 10.178.7.0/24
ip prefix-list as65001-dc-300 seq 40 permit 10.178.8.0/24
ip prefix-list as65001-dc-300 seq 45 permit 10.178.9.0/24
ip prefix-list as65001-dc-300 seq 50 permit 10.178.10.0/24
ip prefix-list as65001-dc-300 seq 55 permit 10.178.11.0/24
ip prefix-list as65001-dc-300 seq 60 permit 10.178.12.0/24
ip prefix-list as65001-dc-300 seq 65 permit 10.178.13.0/24
ip prefix-list as65001-dc-300 seq 70 permit 10.178.14.0/24
ip prefix-list as65001-dc-300 seq 75 permit 10.178.15.0/24
ip prefix-list as65001-dc-300 seq 80 permit 10.178.16.0/24
!
ip prefix-list as65001-shengchan-200 seq 5 permit 10.173.1.0/24
ip prefix-list as65001-shengchan-200 seq 10 permit 10.173.2.0/24
ip prefix-list as65001-shengchan-200 seq 15 permit 10.173.3.0/24
ip prefix-list as65001-shengchan-200 seq 20 permit 10.173.4.0/24
ip prefix-list as65001-shengchan-200 seq 25 permit 10.173.5.0/24
ip prefix-list as65001-shengchan-200 seq 30 permit 10.173.6.0/24
ip prefix-list as65001-shengchan-200 seq 35 permit 10.173.7.0/24
ip prefix-list as65001-shengchan-200 seq 40 permit 10.173.8.0/24
ip prefix-list as65001-shengchan-200 seq 45 permit 10.173.9.0/24
ip prefix-list as65001-shengchan-200 seq 50 permit 10.173.10.0/24
ip prefix-list as65001-shengchan-200 seq 55 permit 10.173.11.0/24
ip prefix-list as65001-shengchan-200 seq 60 permit 10.173.12.0/24
ip prefix-list as65001-shengchan-200 seq 65 permit 10.173.13.0/24
ip prefix-list as65001-shengchan-200 seq 70 permit 10.173.14.0/24
ip prefix-list as65001-shengchan-200 seq 75 permit 10.173.15.0/24
ip prefix-list as65001-shengchan-200 seq 80 permit 10.173.16.0/24
!
route-map as65001-export permit 10
match ip address prefix-list as65001-bangong-100
set community 65001:100
!
route-map as65001-export permit 20
match ip address prefix-list as65001-shengchan-200
set community 65001:200
!
route-map as65001-export permit 30
match ip address prefix-list as65001-dc-300
set community 65001:300
!

XRV9

==============================================================

!
hostname XRV9
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
no ipv6 cef
!
key chain cisco
key 1
key-string cisco
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface Loopback0
ip address 10.255.255.9 255.255.255.255
ip router isis 100
!
interface GigabitEthernet0/0
switchport access vlan 100
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
switchport access vlan 200
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
media-type rj45
negotiation auto
!
interface Vlan1
ip address 10.38.1.254 255.255.255.0
!
interface Vlan2
ip address 10.38.2.254 255.255.255.0
!
interface Vlan3
ip address 10.38.3.254 255.255.255.0
!
interface Vlan4
ip address 10.38.4.254 255.255.255.0
!
interface Vlan5
ip address 10.38.5.254 255.255.255.0
!
interface Vlan6
ip address 10.38.6.254 255.255.255.0
!
interface Vlan7
ip address 10.38.7.254 255.255.255.0
!
interface Vlan8
ip address 10.38.8.254 255.255.255.0
!
interface Vlan9
ip address 10.38.9.254 255.255.255.0
!
interface Vlan10
ip address 10.38.10.254 255.255.255.0
!
interface Vlan11
ip address 10.38.11.254 255.255.255.0
!
interface Vlan12
ip address 10.38.12.254 255.255.255.0
!
interface Vlan13
ip address 10.38.13.254 255.255.255.0
!
interface Vlan14
ip address 10.38.14.254 255.255.255.0
!
interface Vlan15
ip address 10.38.15.254 255.255.255.0
!
interface Vlan16
ip address 10.38.16.254 255.255.255.0
!
interface Vlan17
ip address 10.17.1.254 255.255.255.0
!
interface Vlan18
ip address 10.17.2.254 255.255.255.0
!
interface Vlan19
ip address 10.17.3.254 255.255.255.0
!
interface Vlan20
ip address 10.17.4.254 255.255.255.0
!
interface Vlan21
ip address 10.17.5.254 255.255.255.0
!
interface Vlan22
ip address 10.17.6.254 255.255.255.0
!
interface Vlan23
ip address 10.17.7.254 255.255.255.0
!
interface Vlan24
ip address 10.17.8.254 255.255.255.0
!
interface Vlan25
ip address 10.17.9.254 255.255.255.0
!
interface Vlan26
ip address 10.17.10.254 255.255.255.0
!
interface Vlan27
ip address 10.17.11.254 255.255.255.0
!
interface Vlan28
ip address 10.17.12.254 255.255.255.0
!
interface Vlan29
ip address 10.17.13.254 255.255.255.0
!
interface Vlan30
ip address 10.17.14.254 255.255.255.0
!
interface Vlan31
ip address 10.17.15.254 255.255.255.0
!
interface Vlan32
ip address 10.17.16.254 255.255.255.0
!
interface Vlan33
ip address 10.175.1.254 255.255.255.0
!
interface Vlan34
ip address 10.175.2.254 255.255.255.0
!
interface Vlan35
ip address 10.175.3.254 255.255.255.0
!
interface Vlan36
ip address 10.175.4.254 255.255.255.0
!
interface Vlan37
ip address 10.175.5.254 255.255.255.0
!
interface Vlan38
ip address 10.175.6.254 255.255.255.0
!
interface Vlan39
ip address 10.175.7.254 255.255.255.0
!
interface Vlan40
ip address 10.175.8.254 255.255.255.0
!
interface Vlan41
ip address 10.175.9.254 255.255.255.0
!
interface Vlan42
ip address 10.175.10.254 255.255.255.0
!
interface Vlan43
ip address 10.175.11.254 255.255.255.0
!
interface Vlan44
ip address 10.175.12.254 255.255.255.0
!
interface Vlan45
ip address 10.175.13.254 255.255.255.0
!
interface Vlan46
ip address 10.175.14.254 255.255.255.0
!
interface Vlan47
ip address 10.175.15.254 255.255.255.0
!
interface Vlan48
ip address 10.175.16.254 255.255.255.0
!
interface Vlan100
ip address 10.10.3.6 255.255.255.252
ip router isis 100
isis circuit-type level-2-only
isis authentication mode text
isis authentication key-chain cisco
!
interface Vlan200
ip address 10.10.3.10 255.255.255.252
ip router isis 100
isis authentication mode text
isis authentication key-chain cisco
!
router isis 100
net 49.0000.1025.5255.9000.00
is-type level-2-only
!
router bgp 65002
bgp router-id 10.255.255.9
bgp log-neighbor-changes
network 10.17.1.0 mask 255.255.255.0
network 10.17.2.0 mask 255.255.255.0
network 10.17.3.0 mask 255.255.255.0
network 10.17.4.0 mask 255.255.255.0
network 10.17.5.0 mask 255.255.255.0
network 10.17.6.0 mask 255.255.255.0
network 10.17.7.0 mask 255.255.255.0
network 10.17.8.0 mask 255.255.255.0
network 10.17.9.0 mask 255.255.255.0
network 10.17.10.0 mask 255.255.255.0
network 10.17.11.0 mask 255.255.255.0
network 10.17.12.0 mask 255.255.255.0
network 10.17.13.0 mask 255.255.255.0
network 10.17.14.0 mask 255.255.255.0
network 10.17.15.0 mask 255.255.255.0
network 10.17.16.0 mask 255.255.255.0
network 10.38.1.0 mask 255.255.255.0
network 10.38.2.0 mask 255.255.255.0
network 10.38.3.0 mask 255.255.255.0
network 10.38.4.0 mask 255.255.255.0
network 10.38.5.0 mask 255.255.255.0
network 10.38.6.0 mask 255.255.255.0
network 10.38.7.0 mask 255.255.255.0
network 10.38.8.0 mask 255.255.255.0
network 10.38.9.0 mask 255.255.255.0
network 10.38.10.0 mask 255.255.255.0
network 10.38.11.0 mask 255.255.255.0
network 10.38.12.0 mask 255.255.255.0
network 10.38.13.0 mask 255.255.255.0
network 10.38.14.0 mask 255.255.255.0
network 10.38.15.0 mask 255.255.255.0
network 10.38.16.0 mask 255.255.255.0
network 10.175.1.0 mask 255.255.255.0
network 10.175.2.0 mask 255.255.255.0
network 10.175.3.0 mask 255.255.255.0
network 10.175.4.0 mask 255.255.255.0
network 10.175.5.0 mask 255.255.255.0
network 10.175.6.0 mask 255.255.255.0
network 10.175.7.0 mask 255.255.255.0
network 10.175.8.0 mask 255.255.255.0
network 10.175.9.0 mask 255.255.255.0
network 10.175.10.0 mask 255.255.255.0
network 10.175.11.0 mask 255.255.255.0
network 10.175.12.0 mask 255.255.255.0
network 10.175.13.0 mask 255.255.255.0
network 10.175.14.0 mask 255.255.255.0
network 10.175.15.0 mask 255.255.255.0
neighbor 10.255.255.5 remote-as 65002
neighbor 10.255.255.5 password cisco
neighbor 10.255.255.6 remote-as 65002
neighbor 10.255.255.6 password cisco
neighbor 10.255.255.6 update-source Loopback0
!

相关文章