Cisco Guard BGP流量牵引配置

网络拓扑

Cisco Guard BGP流量牵引配置

Guard BGP 配置模板

router(config)# router bgp <Guard-AS-number>

router(config-router)# bgp router-id <Guard-IP-address>

router(config-router)# redistribute guard

router(config-router)# neighbor <Router-IP-address> remote-as <Router-AS-number>

router(config-router)# neighbor <Router-IP-address> description <description>

router(config-router)# neighbor <Router-IP-address> soft-reconfiguration inbound

router(config-router)# neighbor <Router-IP-address> distribute-list nothing-in in

router(config-router)# neighbor <Router-IP-address> route-map Guard-out out

router(config-router)# exit

router(config)# access-list nothing-in deny any

router(config)# route-map Guard-out permit 10

router(config-route-map)# set community no-export no-advertise

Example

router# show running-config

... ... ...

router bgp 64555

bgp router-id 192.168.8.8

redistribute guard

neighbor 192.168.8.1 remote-as 100

neighbor 192.168.8.1 description divert-from router

neighbor 192.168.8.1 soft-reconfiguration inbound

neighbor 192.168.8.1 distribute-list nothing-in in

neighbor 192.168.8.1 route-map Guard-out out

!

access-list nothing-in deny any

!

route-map Guard-out permit 10

set community 100:64555 no-export no-advertise

牵引路由器BGP配置模板

R7200(config)# router bgp <Router-AS>

R7200(config-router)# bgp log-neighbor-changes

R7200(config-router)# neighbor <Guard-IP-address> remote-as GuardAS

R7200(config-router)# neighbor <Guard-IP-address> description <description>

R7200(config-router)# neighbor <Guard-IP-address> soft-reconfiguration inbound

R7200(config-router)# neighbor <Guard-IP-address> distribute-list routesToGuard out

R7200(config-router)# neighbor <Guard-IP-address> route-map Guard-in in

R7200(config-router)# no synchronization

R7200(config-router)# exit

R7200(config)# ip bgp-community new-format

R7200(config)# ip community-list expanded <Guard-community-name> permit no-export

no-advertise

R7200(config)# route-map Guard-in permit 10

R7200(config-route-map)# match community <Guard-community-name> exact match

R7200(config-route-map)# exit

R7200(config)# ip access-list standard routestoGuard

R7200(config-std-nacl)# deny any

Example

R7200# show running-config

... ... ...

router bgp 100

bgp log-neighbor-changes

neighbor 192.168.8.8 remote-as 64555

neighbor 192.168.8.8 description Guard

neighbor 192.168.8.8 soft-reconfiguration inbound

neighbor 192.168.8.8 distribute-list routesToGuard out

neighbor 192.168.8.8 route-map Guard-in in

no synchronization

!

ip bgp-community new-format

ip community-list expanded Guard permit 100:64555 no-export no- advertise

!

route-map Guard-in permit 10

match community Guard exact match

ip access-list standard routesToGuard

deny any

相关文章:

  • 2022-01-24
  • 2021-07-10
  • 2021-07-07
  • 2021-07-23
  • 2021-09-05
  • 2022-01-01
  • 2022-01-01
猜你喜欢
  • 2022-12-23
  • 2022-12-23
  • 2022-01-10
  • 2022-01-08
  • 2022-12-23
  • 2022-12-23
相关资源
相似解决方案
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode