Auf dieser Seite
Beispiel: Routing-Richtlinie in einem ISP-Netzwerk verwenden
Dieses Beispiel ist eine Fallstudie zur Verwendung von Routing-Richtlinien in einem typischen ISP-Netzwerk (Internet Service Provider).
Anforderungen
Vor der Konfiguration dieses Beispiels ist keine spezielle Konfiguration erforderlich, die über die Geräteinitialisierung hinausgeht.
Überblick
In diesem Netzwerkbeispiel lautet die AS-Nummer des ISP 64510. Der ISP verfügt über zwei Transit-Peers (AS 64514 und AS 64515), mit denen er an einem Exchange-Punkt eine Verbindung herstellt. Der ISP ist außerdem mit zwei privaten Peers (AS 64513 und AS 64516) verbunden, mit denen er spezifische Kundenrouten austauscht. Der ISP hat zwei Kunden (AS 64511 und AS 64512).
Die ISP-Richtlinien werden für ausgehende Richtung konfiguriert. Das heißt, das Beispiel konzentriert sich auf die Routen, die der ISP seinen Kollegen und Kunden ankündigt, und umfasst Folgendes:
Dem ISP wurde AS 64510 und der Routing-Speicherplatz 172.16.32.0/21 zugewiesen. Mit Ausnahme der beiden Kundennetze werden alle anderen Kundenrouten mit statischen Routen simuliert.
Die Exchange-Peers werden für den Transitdienst zu anderen Teilen des Internets verwendet. Dies bedeutet, dass der ISP alle Routen (die vollständige Internet-Routing-Tabelle) von diesen BGP-Peers akzeptiert. Um eine optimierte Internet-Routingtabelle zu verwalten, ist der ISP so konfiguriert, dass den Transitpeers nur zwei aggregierte Routen angekündigt werden.
Die ISP-Administratoren möchten, dass alle Daten zu den privaten Peers die direkten Links verwenden. Infolgedessen werden alle Kundenrouten vom ISP diesen privaten Peers angekündigt. Diese Peers kündigen dann alle ihre Kundenrouten an den ISP an.
Schließlich hat jeder Kunde andere Anforderungen. Kunde-1 erfordert eine einzelne Standardroute. Kunde-2 erfordert bestimmte Routen.
Festlegen von Befehlen für alle Geräte in der Topologie
CLI-Schnellkonfiguration
Um dieses Beispiel schnell zu konfigurieren, kopieren Sie die folgenden Befehle, fügen Sie sie in eine Textdatei ein, entfernen Sie alle Zeilenumbrüche, ändern Sie alle Details, die für Ihre Netzwerkkonfiguration erforderlich sind, und kopieren Sie dann die Befehle und fügen Sie sie in die CLI auf Hierarchieebene ein.[edit]
Gerät Kunde-1
set interfaces fe-1/2/3 unit 0 description to_ISP-3 set interfaces fe-1/2/3 unit 0 family inet address 10.1.0.6/30 set interfaces lo0 unit 0 family inet address 192.168.0.8/32 set protocols bgp group ext type external set protocols bgp group ext export send-statics set protocols bgp group ext peer-as 64510 set protocols bgp group ext neighbor 10.1.0.5 set policy-options policy-statement send-statics term static-routes from protocol static set policy-options policy-statement send-statics term static-routes then accept set routing-options static route 172.16.40.0/25 reject set routing-options static route 172.16.40.128/25 reject set routing-options static route 172.16.41.0/25 reject set routing-options static route 172.16.41.128/25 reject set routing-options autonomous-system 64511
Gerät Kunde-2
set interfaces fe-1/2/1 unit 0 description to_ISP-3 set interfaces fe-1/2/1 unit 0 family inet address 10.0.0.10/30 set interfaces fe-1/2/0 unit 0 description to-Private-Peer-2 set interfaces fe-1/2/0 unit 0 family inet address 10.0.0.21/30 set interfaces lo0 unit 0 family inet address 192.168.0.9/32 set protocols bgp group ext type external set protocols bgp group ext import inbound-routes set protocols bgp group ext export outbound-routes set protocols bgp group ext neighbor 10.0.0.9 peer-as 64510 set protocols bgp group ext neighbor 10.0.0.22 peer-as 64516 set policy-options policy-statement inbound-routes term AS64510-primary from protocol bgp set policy-options policy-statement inbound-routes term AS64510-primary from as-path AS64510-routes set policy-options policy-statement inbound-routes term AS64510-primary then local-preference 200 set policy-options policy-statement inbound-routes term AS64510-primary then accept set policy-options policy-statement inbound-routes term AS64516-backup from protocol bgp set policy-options policy-statement inbound-routes term AS64516-backup from as-path AS64516-routes set policy-options policy-statement inbound-routes term AS64516-backup then local-preference 50 set policy-options policy-statement inbound-routes term AS64516-backup then accept set policy-options policy-statement outbound-routes term statics from protocol static set policy-options policy-statement outbound-routes term statics then accept set policy-options policy-statement outbound-routes term internal-bgp-routes from protocol bgp set policy-options policy-statement outbound-routes term internal-bgp-routes from as-path my-own-routes set policy-options policy-statement outbound-routes term internal-bgp-routes then accept set policy-options policy-statement outbound-routes term no-transit then reject set policy-options as-path my-own-routes "()" set policy-options as-path AS64510-routes "64510 .*" set policy-options as-path AS64516-routes "64516 .*" set routing-options static route 172.16.44.0/26 reject set routing-options static route 172.16.44.64/26 reject set routing-options static route 172.16.44.128/26 reject set routing-options static route 172.16.44.192/26 reject set routing-options autonomous-system 64512
Gerät ISP-1
set interfaces fe-1/2/0 unit 0 description to_ISP-3 set interfaces fe-1/2/0 unit 0 family inet address 10.0.0.2/30 set interfaces fe-1/2/1 unit 0 description to_ISP-2 set interfaces fe-1/2/1 unit 0 family inet address 10.1.0.2/30 set interfaces fe-1/2/2 unit 0 description to_Private-Peer-1 set interfaces fe-1/2/2 unit 0 family inet address 10.2.0.2/30 set interfaces fe-1/2/3 unit 0 description to_Exchange-1 set interfaces fe-1/2/3 unit 0 family inet address 10.2.0.6/30 set interfaces lo0 unit 0 family inet address 192.168.0.1/32 set protocols bgp group int type internal set protocols bgp group int local-address 192.168.0.1 set protocols bgp group int export internal-peers set protocols bgp group int neighbor 192.168.0.2 set protocols bgp group int neighbor 192.168.0.3 set protocols bgp group to_64513 type external set protocols bgp group to_64513 export private-peer set protocols bgp group to_64513 peer-as 64513 set protocols bgp group to_64513 neighbor 10.2.0.1 set protocols bgp group to_64514 type external set protocols bgp group to_64514 export exchange-peer set protocols bgp group to_64514 peer-as 64514 set protocols bgp group to_64514 neighbor 10.2.0.5 set protocols ospf area 0.0.0.0 interface fe-1/2/0.0 set protocols ospf area 0.0.0.0 interface fe-1/2/1.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set policy-options policy-statement exchange-peer term AS64510-Aggregate from protocol aggregate set policy-options policy-statement exchange-peer term AS64510-Aggregate from route-filter 172.16.32.0/21 exact set policy-options policy-statement exchange-peer term AS64510-Aggregate then accept set policy-options policy-statement exchange-peer term Customer-2-Aggregate from protocol aggregate set policy-options policy-statement exchange-peer term Customer-2-Aggregate from route-filter 172.16.40.0/22 exact set policy-options policy-statement exchange-peer term Customer-2-Aggregate then accept set policy-options policy-statement exchange-peer term reject-all-other-routes then reject set policy-options policy-statement internal-peers term statics from protocol static set policy-options policy-statement internal-peers term statics then accept set policy-options policy-statement internal-peers term next-hop-self then next-hop self set policy-options policy-statement private-peer term statics from protocol static set policy-options policy-statement private-peer term statics then accept set policy-options policy-statement private-peer term isp-and-customer-routes from protocol bgp set policy-options policy-statement private-peer term isp-and-customer-routes from route-filter 172.16.32.0/21 orlonger set policy-options policy-statement private-peer term isp-and-customer-routes then accept set policy-options policy-statement private-peer term reject-all then reject set routing-options static route 172.16.32.0/24 reject set routing-options static route 172.16.33.0/24 reject set routing-options aggregate route 172.16.32.0/21 set routing-options aggregate route 172.16.40.0/22 set routing-options router-id 192.168.0.1 set routing-options autonomous-system 64510
Gerät ISP-2
set interfaces fe-1/2/1 unit 0 description to_ISP-1 set interfaces fe-1/2/1 unit 0 family inet address 10.1.0.1/30 set interfaces fe-1/2/2 unit 0 description to_ISP-3 set interfaces fe-1/2/2 unit 0 family inet address 10.0.0.6/30 set interfaces fe-1/2/3 unit 0 description to_Private-Peer-2 set interfaces fe-1/2/3 unit 0 family inet address 10.3.0.6/30 set interfaces fe-1/2/0 unit 0 description to_Exchange-2 set interfaces fe-1/2/0 unit 0 family inet address 10.3.0.2/30 set interfaces lo0 unit 0 family inet address 192.168.0.2/32 set protocols bgp group int type internal set protocols bgp group int local-address 192.168.0.2 set protocols bgp group int export internal-peers set protocols bgp group int neighbor 192.168.0.1 set protocols bgp group int neighbor 192.168.0.3 set protocols bgp group AS-64516 type external set protocols bgp group AS-64516 export private-peer set protocols bgp group AS-64516 peer-as 64516 set protocols bgp group AS-64516 neighbor 10.3.0.5 set protocols bgp group AS-64515 type external set protocols bgp group AS-64515 export exchange-peer set protocols bgp group AS-64515 peer-as 64515 set protocols bgp group AS-64515 neighbor 10.3.0.1 set protocols ospf area 0.0.0.0 interface fe-1/2/2.0 set protocols ospf area 0.0.0.0 interface fe-1/2/1.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set policy-options policy-statement exchange-peer term AS64510-Aggregate from protocol aggregate set policy-options policy-statement exchange-peer term AS64510-Aggregate from route-filter 172.16.32.0/21 exact set policy-options policy-statement exchange-peer term AS64510-Aggregate then accept set policy-options policy-statement exchange-peer term Customer-2-Aggregate from protocol aggregate set policy-options policy-statement exchange-peer term Customer-2-Aggregate from route-filter 172.16.44.0/23 exact set policy-options policy-statement exchange-peer term Customer-2-Aggregate then accept set policy-options policy-statement exchange-peer term reject-all-other-routes then reject set policy-options policy-statement internal-peers term statics from protocol static set policy-options policy-statement internal-peers term statics then accept set policy-options policy-statement internal-peers term next-hop-self then next-hop self set policy-options policy-statement private-peer term statics from protocol static set policy-options policy-statement private-peer term statics then accept set policy-options policy-statement private-peer term isp-and-customer-routes from protocol bgp set policy-options policy-statement private-peer term isp-and-customer-routes from route-filter 172.16.32.0/21 orlonger set policy-options policy-statement private-peer term isp-and-customer-routes then accept set policy-options policy-statement private-peer term reject-all then reject set routing-options static route 172.16.34.0/24 reject set routing-options static route 172.16.35.0/24 reject set routing-options aggregate route 172.16.44.0/23 set routing-options aggregate route 172.16.32.0/21 set routing-options router-id 192.168.0.2 set routing-options autonomous-system 64510
Gerät ISP-3
set interfaces fe-1/2/0 unit 0 description to_ISP-1 set interfaces fe-1/2/0 unit 0 family inet address 10.0.0.1/30 set interfaces fe-1/2/2 unit 0 description to_ISP-2 set interfaces fe-1/2/2 unit 0 family inet address 10.0.0.5/30 set interfaces fe-1/2/3 unit 0 description to_Customer-1 set interfaces fe-1/2/3 unit 0 family inet address 10.1.0.5/30 set interfaces fe-1/2/1 unit 0 description to_Customer-2 set interfaces fe-1/2/1 unit 0 family inet address 10.0.0.9/30 set interfaces lo0 unit 0 family inet address 192.168.0.3/32 set protocols bgp group int type internal set protocols bgp group int local-address 192.168.0.3 set protocols bgp group int export internal-peers set protocols bgp group int neighbor 192.168.0.1 set protocols bgp group int neighbor 192.168.0.2 set protocols bgp group to_64511 type external set protocols bgp group to_64511 export customer-1-peer set protocols bgp group to_64511 neighbor 10.1.0.6 peer-as 64511 set protocols bgp group to_64512 type external set protocols bgp group to_64512 export customer-2-peer set protocols bgp group to_64512 neighbor 10.0.0.10 peer-as 64512 set protocols ospf area 0.0.0.0 interface fe-1/2/0.0 set protocols ospf area 0.0.0.0 interface fe-1/2/2.0 set protocols ospf area 0.0.0.0 interface lo0.0 passive set policy-options policy-statement customer-1-peer term defaut-route from route-filter 0.0.0.0/0 exact set policy-options policy-statement customer-1-peer term defaut-route then accept set policy-options policy-statement customer-1-peer term reject-all-other-routes then reject set policy-options policy-statement customer-2-peer term statics from protocol static set policy-options policy-statement customer-2-peer term statics then accept set policy-options policy-statement customer-2-peer term isp-and-customer-routes from protocol bgp set policy-options policy-statement customer-2-peer term isp-and-customer-routes from route-filter 172.16.32.0/21 orlonger set policy-options policy-statement customer-2-peer term isp-and-customer-routes then accept set policy-options policy-statement customer-2-peer term default-route from route-filter 0.0.0.0/0 exact set policy-options policy-statement customer-2-peer term default-route then accept set policy-options policy-statement customer-2-peer term reject-all-other-routes then reject set policy-options policy-statement if-upstream-routes-exist term only-certain-contributing-routes from route-filter 172.16.8.0/21 exact set policy-options policy-statement if-upstream-routes-exist term only-certain-contributing-routes then accept set policy-options policy-statement if-upstream-routes-exist term reject-all-other-routes then reject set policy-options policy-statement internal-peers term statics from protocol static set policy-options policy-statement internal-peers term statics then accept set policy-options policy-statement internal-peers term next then next-hop self set routing-options static route 172.16.36.0/24 reject set routing-options static route 172.16.37.0/24 reject set routing-options static route 172.16.38.0/24 reject set routing-options static route 172.16.39.0/24 reject set routing-options generate route 0.0.0.0/0 policy if-upstream-routes-exist set routing-options router-id 192.168.0.3 set routing-options autonomous-system 64510
Geräteaustausch-1
set interfaces fe-1/2/3 unit 0 description to_ISP-1 set interfaces fe-1/2/3 unit 0 family inet address 10.2.0.5/30 set interfaces fe-1/2/2 unit 0 description to_Exchange-2 set interfaces fe-1/2/2 unit 0 family inet address 10.3.0.42/30 set interfaces fe-1/2/1 unit 0 description to_Private-Peer-1 set interfaces fe-1/2/1 unit 0 family inet address 10.3.0.45/30 set interfaces lo0 unit 0 family inet address 192.168.0.6/32 set protocols bgp group ext type external set protocols bgp group ext export send-static set protocols bgp group ext peer-as 64510 set protocols bgp group ext neighbor 10.2.0.6 set protocols bgp group ext neighbor 10.3.0.41 peer-as 64515 set policy-options policy-statement send-static from protocol static set policy-options policy-statement send-static then accept set routing-options static route 172.16.8.0/21 reject set routing-options autonomous-system 64514
Geräteaustausch-2
set interfaces fe-1/2/0 unit 0 description to_ISP-2 set interfaces fe-1/2/0 unit 0 family inet address 10.3.0.1/30 set interfaces fe-1/2/2 unit 0 description to_Exchange-1 set interfaces fe-1/2/2 unit 0 family inet address 10.3.0.41/30 set interfaces fe-1/2/1 unit 0 description to_Private-Peer-2 set interfaces fe-1/2/1 unit 0 family inet address 10.3.0.49/30 set interfaces lo0 unit 0 family inet address 192.168.0.7/32 set protocols bgp group ext type external set protocols bgp group ext export outbound-routes set protocols bgp group ext neighbor 10.3.0.2 peer-as 64510 set protocols bgp group ext neighbor 10.3.0.50 peer-as 64516 set protocols bgp group ext neighbor 10.3.0.42 peer-as 64514 set policy-options policy-statement outbound-routes term statics from protocol static set policy-options policy-statement outbound-routes term statics then accept set routing-options autonomous-system 64515 set routing-options static route 172.16.16.0/21 reject
Gerät Private-Peer-1
set interfaces fe-1/2/2 unit 0 description to_ISP-1 set interfaces fe-1/2/2 unit 0 family inet address 10.2.0.1/30 set interfaces fe-1/2/1 unit 0 description to_Exchange-1 set interfaces fe-1/2/1 unit 0 family inet address 10.3.0.46/30 set interfaces lo0 unit 0 family inet address 192.168.0.4/32 set protocols bgp group ext type external set protocols bgp group ext peer-as 64510 set protocols bgp group ext neighbor 10.2.0.2 set routing-options autonomous-system 64513
Gerät Private-Peer-2
set interfaces fe-1/2/3 unit 0 description to_ISP-2 set interfaces fe-1/2/3 unit 0 family inet address 10.3.0.5/30 set interfaces fe-1/2/0 unit 0 description to_Customer-1 set interfaces fe-1/2/0 unit 0 family inet address 10.0.0.22/30 set interfaces fe-1/2/1 unit 0 description to_Exchange-2 set interfaces fe-1/2/1 unit 0 family inet address 10.3.0.50/30 set interfaces lo0 unit 0 family inet address 192.168.0.5/32 set protocols bgp group ext type external set protocols bgp group ext export outbound-routes set protocols bgp group ext peer-as 64510 set protocols bgp group ext neighbor 10.3.0.6 set protocols bgp group to-64512 type external set protocols bgp group to-64512 peer-as 64512 set protocols bgp group to-64512 neighbor 10.0.0.21 set protocols bgp group to-64512 export internal-routes set protocols bgp group to-64515 type external set protocols bgp group to-64515 export outbound-routes set protocols bgp group to-64515 peer-as 64515 set protocols bgp group to-64515 neighbor 10.3.0.49 set policy-options policy-statement if-upstream-routes-exist term as-64515-routes from route-filter 172.16.16.0/21 exact set policy-options policy-statement if-upstream-routes-exist term as-64515-routes then accept set policy-options policy-statement if-upstream-routes-exist term reject-all-other-routes then reject set policy-options policy-statement internal-routes term statics from protocol static set policy-options policy-statement internal-routes term statics then accept set policy-options policy-statement internal-routes term default-route from route-filter 0.0.0.0/0 exact set policy-options policy-statement internal-routes term default-route then accept set policy-options policy-statement internal-routes term reject-all-other-routes then reject set policy-options policy-statement outbound-routes term statics from protocol static set policy-options policy-statement outbound-routes term statics then accept set policy-options policy-statement outbound-routes term allowed-bgp-routes from as-path my-own-routes set policy-options policy-statement outbound-routes term allowed-bgp-routes from as-path AS64512-routes set policy-options policy-statement outbound-routes term allowed-bgp-routes then accept set policy-options policy-statement outbound-routes term no-transit then reject set policy-options as-path my-own-routes "()" set policy-options as-path AS64512-routes 64512 set routing-options static route 172.16.24.0/25 reject set routing-options static route 172.16.24.128/25 reject set routing-options static route 172.16.25.0/26 reject set routing-options static route 172.16.25.64/26 reject set routing-options generate route 0.0.0.0/0 policy if-upstream-routes-exist set routing-options autonomous-system 64516
Konfigurieren des Geräts Kunde-1
Verfahren
Schritt-für-Schritt-Anleitung
Im folgenden Beispiel müssen Sie durch verschiedene Ebenen in der Konfigurationshierarchie navigieren. Informationen zum Navigieren in der CLI finden Sie im Junos OS CLI-Benutzerhandbuch.Verwenden des CLI-Editors im Konfigurationsmodushttps://www.juniper.net/documentation/en_US/junos/information-products/pathway-pages/junos-cli/junos-cli.html
Gerät Kunde-1 verfügt über mehrere statische Routen, die konfiguriert sind, um Kundenrouten zu simulieren. Diese Routen werden an den ISP gesendet.
So konfigurieren Sie Gerät Kunde-1:
Konfigurieren Sie die Geräteschnittstellen.
[edit interfaces] user@Customer-1# set fe-1/2/3 unit 0 description to_ISP-3 user@Customer-1# set fe-1/2/3 unit 0 family inet address 10.1.0.6/30 user@Customer-1# set lo0 unit 0 family inet address 192.168.0.8/32
Konfigurieren Sie die statischen Routen.
[edit routing-options static] user@Customer-1# set route 172.16.40.0/25 reject user@Customer-1# set route 172.16.40.128/25 reject user@Customer-1# set route 172.16.41.0/25 reject user@Customer-1# set route 172.16.41.128/25 reject
Konfigurieren Sie die Richtlinie so, dass statische Routen gesendet werden.
[edit policy-options policy-statement send-statics term static-routes] user@Customer-1# set from protocol static user@Customer-1# set then accept
Konfigurieren Sie die externe BGP-Verbindung (EBGP) zum ISP.
[edit protocols bgp group ext] user@Customer-1# set type external user@Customer-1# set export send-statics user@Customer-1# set peer-as 64510 user@Customer-1# set neighbor 10.1.0.5
Konfigurieren Sie die AS-Nummer (Autonomous System).
[edit routing-options] user@Customer-1# set autonomous-system 64511
Ergebnisse
Bestätigen Sie im Konfigurationsmodus Ihre Konfiguration, indem Sie die Befehle , , und eingeben.show interfaces
show protocols
show policy-options
show routing-options
Wenn die Ausgabe nicht die gewünschte Konfiguration anzeigt, wiederholen Sie die Anweisungen in diesem Beispiel, um die Konfiguration zu korrigieren.
user@Customer-1# show interfaces fe-1/2/1 { unit 0 { description to_ISP-3; family inet { address 10.1.0.6/30; } } } lo0 { unit 0 { family inet { address 192.168.0.8/32; } } }
user@Customer-1# show protocols bgp { group ext { type external; export send-statics; peer-as 64510; neighbor 10.1.0.5; } }
user@Customer-1# show policy-options policy-statement send-statics { term static-routes { from protocol static; then accept; } }
user@Customer-1# show routing-options static { route 172.16.40.0/25 reject; route 172.16.40.128/25 reject; route 172.16.41.0/25 reject; route 172.16.41.128/25 reject; } autonomous-system 64511;
Wenn Sie mit der Konfiguration des Geräts fertig sind, rufen Sie den Konfigurationsmodus auf .commit
Konfigurieren des Geräts Kunde-2
Verfahren
Schritt-für-Schritt-Anleitung
Im folgenden Beispiel müssen Sie durch verschiedene Ebenen in der Konfigurationshierarchie navigieren. Informationen zum Navigieren in der CLI finden Sie im Junos OS CLI-Benutzerhandbuch.Verwenden des CLI-Editors im Konfigurationsmodushttps://www.juniper.net/documentation/en_US/junos/information-products/pathway-pages/junos-cli/junos-cli.html
Gerät Kunde-2 verfügt über zwei statische Routen, die konfiguriert sind, um Kundenrouten zu simulieren. Diese Routen werden an den ISP gesendet. Kunde-2 hat eine Verbindung zum ISP sowie eine Verbindung zu AS 8000. Dieser Kunde hat spezifische Kundenrouten vom ISP sowie von AS 64516 angefordert. Kunde-2 möchte den ISP für den Transitdienst zum Internet verwenden und hat vom ISP eine Standardroute angefordert.
So konfigurieren Sie das Gerät Kunde-2:
Konfigurieren Sie die Geräteschnittstellen.
[edit interfaces] user@Customer-2# set fe-1/2/1 unit 0 description to_ISP-3 user@Customer-2# set fe-1/2/1 unit 0 family inet address 10.0.0.10/30 user@Customer-2# set fe-1/2/0 unit 0 description to-Private-Peer-2 user@Customer-2# set fe-1/2/0 unit 0 family inet address 10.0.0.21/30 user@Customer-2# set lo0 unit 0 family inet address 192.168.0.9/32
Konfigurieren Sie die statischen Routen.
[edit routing-options static] user@Customer-2# set route 172.16.44.0/26 reject user@Customer-2# set route 172.16.44.64/26 reject user@Customer-2# set route 172.16.44.128/26 reject user@Customer-2# set route 172.16.44.192/26 reject
Konfigurieren Sie die Import-Routing-Richtlinie.
Die Route mit dem höchsten lokalen Präferenzwert wird bevorzugt. Routen vom ISP werden gegenüber den gleichen Routen von Device Private-Peer-2 bevorzugt
[edit policy-options policy-statement inbound-routes] user@Customer-2# set term AS64510-primary from protocol bgp user@Customer-2# set term AS64510-primary from as-path AS64510-routes user@Customer-2# set term AS64510-primary then local-preference 200 user@Customer-2# set term AS64510-primary then accept [edit policy-options policy-statement inbound-routes] user@Customer-2# set term AS64516-backup from protocol bgp user@Customer-2# set term AS64516-backup from as-path AS64516-routes user@Customer-2# set term AS64516-backup then local-preference 50 user@Customer-2# set term AS64516-backup then accept [edit policy-options] user@Customer-2# set as-path AS64510-routes "64510 .*" user@Customer-2# set as-path AS64516-routes "64516 .*"
Konfigurieren Sie die Export-Routing-Richtlinie.
[edit policy-options policy-statement outbound-routes] user@Customer-2# set term statics from protocol static user@Customer-2# set term statics then accept user@Customer-2# set term internal-bgp-routes from protocol bgp user@Customer-2# set term internal-bgp-routes from as-path my-own-routes user@Customer-2# set term internal-bgp-routes then accept user@Customer-2# set term no-transit then reject [edit policy-options] user@Customer-2# set as-path my-own-routes "()"
Konfigurieren Sie die externe BGP-Verbindung (EBGP) zum ISP und zum Gerät Private-Peer-2.
[edit protocols bgp group ext] user@Customer-2# set type external user@Customer-2# set import inbound-routes user@Customer-2# set export outbound-routes user@Customer-2# set neighbor 10.0.0.9 peer-as 64510 user@Customer-2# set neighbor 10.0.0.22 peer-as 64516
Konfigurieren Sie die AS-Nummer (Autonomous System).
[edit routing-options] user@Customer-2# set autonomous-system 64512
Ergebnisse
Bestätigen Sie im Konfigurationsmodus Ihre Konfiguration, indem Sie die Befehle , , und eingeben.show interfaces
show protocols
show policy-options
show routing-options
Wenn die Ausgabe nicht die gewünschte Konfiguration anzeigt, wiederholen Sie die Anweisungen in diesem Beispiel, um die Konfiguration zu korrigieren.
user@Customer-2# show interfaces fe-1/2/1 { unit 0 { description to_ISP-3; family inet { address 10.0.0.10/30; } } } fe-1/2/0 { unit 0 { description to-Private-Peer-2; family inet { address 10.0.0.21/30; } } } lo0 { unit 0 { family inet { address 192.168.0.9/32; } } }
user@Customer-2# show protocols bgp { group ext { type external; import inbound-routes; export outbound-routes; neighbor 10.0.0.9 { peer-as 64510; } neighbor 10.0.0.22 { peer-as 64516; } } }
user@Customer-2# show policy-options policy-statement inbound-routes { term AS64510-primary { from { protocol bgp; as-path AS64510-routes; } then { local-preference 200; accept; } } term AS64516-backup { from { protocol bgp; as-path AS64516-routes; } then { local-preference 50; accept; } } } policy-statement outbound-routes { term statics { from protocol static; then accept; } term internal-bgp-routes { from { protocol bgp; as-path my-own-routes; } then accept; } term no-transit { then reject; } } as-path my-own-routes "()"; as-path AS64510-routes "64510 .*"; as-path AS64516-routes "64516 .*";
user@Customer-2# show routing-options static { route 172.16.44.0/26 reject; route 172.16.44.64/26 reject; route 172.16.44.128/26 reject; route 172.16.44.192/26 reject; } autonomous-system 64512;
Wenn Sie mit der Konfiguration des Geräts fertig sind, rufen Sie den Konfigurationsmodus auf .commit
Konfigurieren der Geräte ISP-1 und ISP-2
Verfahren
Schritt-für-Schritt-Anleitung
Im folgenden Beispiel müssen Sie durch verschiedene Ebenen in der Konfigurationshierarchie navigieren. Informationen zum Navigieren in der CLI finden Sie im Junos OS CLI-Benutzerhandbuch.Verwenden des CLI-Editors im Konfigurationsmodushttps://www.juniper.net/documentation/en_US/junos/information-products/pathway-pages/junos-cli/junos-cli.html
Für das Gerät ISP-1 und das Gerät ISP-2 sind jeweils zwei Richtlinien konfiguriert: Die Richtlinie und die Richtlinie.private-peer
exchange-peer
Aufgrund der ähnlichen Konfigurationen wird in diesem Beispiel die Schritt-für-Schritt-Konfiguration nur für das Gerät ISP-2 gezeigt.
Auf dem Gerät ISP-2 sendet die Richtlinie für private Peers die Kundenrouten des ISP an das Gerät Private-Peer-2. Die Richtlinie akzeptiert alle lokalen statischen Routen (lokale ISP-2-Gerätekunden) und alle BGP-Routen im Bereich 172.16.32.0/21 (angekündigt von anderen ISP-Routern). Diese beiden Richtlinienbegriffe stellen die ISP-Kundenrouten dar. Die letzte Richtlinienlaufzeit lehnt alle anderen Routen ab, einschließlich der gesamten Internetroutingtabelle, die von den Exchange-Peers gesendet wird. Diese Routen müssen aus zwei Gründen nicht an Device Private-Peer-2 gesendet werden:
Der Peer unterhält in unserem Beispiel bereits eine Verbindung zu Device Exchange-2, sodass die Routen redundant sind.
Der private Peer möchte nur Kundenrouten. Mit der Richtlinie wird dieses Ziel erreicht.
private-peer
Die Richtlinie sendet Routen an Device Exchange-2.exchange-peer
Im Beispiel müssen nur zwei Routen an Device Exchange-2 gesendet werden:
Die aggregierte Route, die den AS 64510-Routingbereich 172.16.32.0/21 darstellt. Diese Route wird lokal als aggregierte Route konfiguriert und von der Richtlinie angekündigt.
exchange-peer
Der Adressraum, der Customer-2 zugewiesen ist, 172.16.44.0/23. Diese kleinere Aggregatroute muss an Device Exchange-2 gesendet werden, da der Kunde auch mit dem AS 64516-Peer (Device Private-Peer-2) verbunden ist.
Durch das Senden dieser beiden Routen an Device Exchange-2 können andere Netzwerke im Internet den Kunden entweder über den ISP oder den privaten Peer erreichen. Wenn nur der private Peer das /23-Netzwerk ankündigt, während der ISP nur sein /21-Aggregat verwaltet, wird der gesamte für den Kunden bestimmte Datenverkehr nur über AS 64516 geleitet. Da der Kunde auch Routen vom ISP wünscht, wird die Route 172.16.44.0/23 vom Gerät ISP-2 angekündigt. Wie die größere aggregierte Route wird auch die Route 172.16.44.0/23 lokal konfiguriert und von der Exchange-Peer-Richtlinie angekündigt. Die letzte Bedingung in dieser Richtlinie lehnt alle Routen ab, einschließlich der spezifischen Kundennetzwerke des ISP, der Kundenrouten von Device Private-Peer-1, der Kundenrouten von Device Private-Peer-2 und der Routingtabelle von Device Exchange-1. Im Wesentlichen hindert diese letzte Bedingung den ISP daran, Transitdienste für das Internet im Allgemeinen zu erbringen.
So konfigurieren Sie das Gerät ISP-2:
Konfigurieren Sie die Geräteschnittstellen.
[edit interfaces] user@ISP-2# set fe-1/2/1 unit 0 description to_ISP-1 user@ISP-2# set fe-1/2/1 unit 0 family inet address 10.1.0.1/30 user@ISP-2# set fe-1/2/2 unit 0 description to_ISP-3 user@ISP-2# set fe-1/2/2 unit 0 family inet address 10.0.0.6/30 user@ISP-2# set fe-1/2/3 unit 0 description to_Private-Peer-2 user@ISP-2# set fe-1/2/3 unit 0 family inet address 10.3.0.6/30 user@ISP-2# set fe-1/2/0 unit 0 description to_Exchange-2 user@ISP-2# set fe-1/2/0 unit 0 family inet address 10.3.0.2/30 user@ISP-2# set lo0 unit 0 family inet address 192.168.0.2/32
Konfigurieren Sie das Interior Gateway Protocol (IGP).
[edit protocols ospf area 0.0.0.0] user@ISP-2# set interface fe-1/2/2.0 user@ISP-2# set interface fe-1/2/1.0 user@ISP-2# set interface lo0.0 passive
Konfigurieren Sie die statischen und aggregierten Routen.
[edit routing-options static] user@ISP-2# set route 172.16.34.0/24 reject user@ISP-2# set route 172.16.35.0/24 reject [edit routing-options aggregate] user@ISP-2# set route 172.16.44.0/23 user@ISP-2# set route 172.16.32.0/21
Konfigurieren Sie die Routingrichtlinien für die Exchange-Peers.
[edit policy-options policy-statement exchange-peer] user@ISP-2# set term AS64510-Aggregate from protocol aggregate user@ISP-2# set term AS64510-Aggregate from route-filter 172.16.32.0/21 exact user@ISP-2# set term AS64510-Aggregate then accept user@ISP-2# set term Customer-2-Aggregate from protocol aggregate user@ISP-2# set term Customer-2-Aggregate from route-filter 172.16.44.0/23 exact user@ISP-2# set term Customer-2-Aggregate then accept user@ISP-2# set term reject-all-other-routes then reject
Konfigurieren Sie die Routing-Richtlinien für die internen Peers.
[edit policy-options policy-statement internal-peers] user@ISP-2# set term statics from protocol static user@ISP-2# set term statics then accept user@ISP-2# set term next-hop-self then next-hop self
Konfigurieren Sie die Routingrichtlinien für den privaten Peer.
[edit policy-options policy-statement private-peer] user@ISP-2# set term statics from protocol static user@ISP-2# set term statics then accept user@ISP-2# set term isp-and-customer-routes from protocol bgp user@ISP-2# set term isp-and-customer-routes from route-filter 172.16.32.0/21 orlonger user@ISP-2# set term isp-and-customer-routes then accept user@ISP-2# set term reject-all then reject
Konfigurieren Sie die internen BGP-Verbindungen (IBGP) zu den anderen ISP-Geräten.
[edit protocols bgp group int] user@ISP-2# set type internal user@ISP-2# set local-address 192.168.0.2 user@ISP-2# set export internal-peers user@ISP-2# set neighbor 192.168.0.1 user@ISP-2# set neighbor 192.168.0.3
Konfigurieren Sie die EBGP-Verbindungen mit dem Exchange-Peer und dem privaten Peer.
[edit protocols bgp group AS-64516] user@ISP-2# set type external user@ISP-2# set export private-peer user@ISP-2# set peer-as 64516 user@ISP-2# set neighbor 10.3.0.5 [edit protocols bgp group AS-64515] user@ISP-2# set type external user@ISP-2# set export exchange-peer user@ISP-2# set peer-as 64515 user@ISP-2# set neighbor 10.3.0.1
Konfigurieren Sie die AS-Nummer (Autonomous System) und die Router-ID.
[edit routing-options] user@ISP-2# set router-id 192.168.0.2 user@ISP-2# set autonomous-system 64510
Ergebnisse
Bestätigen Sie im Konfigurationsmodus Ihre Konfiguration, indem Sie die Befehle , , und eingeben.show interfaces
show protocols
show policy-options
show routing-options
Wenn die Ausgabe nicht die gewünschte Konfiguration anzeigt, wiederholen Sie die Anweisungen in diesem Beispiel, um die Konfiguration zu korrigieren.
user@ISP-2# show interfaces fe-1/2/0 { unit 0{ description to_Exchange-2; family inet { address 10.3.0.2/30; } } } fe-1/2/1 { unit 0{ description to_ISP-1; family inet { address 10.1.0.1/30; } } } fe-1/2/2 { unit 0 { description to_ISP-3; family inet { address 10.0.0.6/30; } } } fe-1/2/3 { unit 0 { description to_Private-Peer-2; family inet { address 10.3.0.6/30; } } } lo0 { unit 0 { family inet { address 192.168.0.2/32; } } }
user@ISP-2# show protocols bgp { group int { type internal; local-address 192.168.0.2; export internal-peers; neighbor 192.168.0.1; neighbor 192.168.0.3; } group AS-64516 { type external; export private-peer; peer-as 64516; neighbor 10.3.0.5; } group AS-64515 { type external; export exchange-peer; peer-as 64515; neighbor 10.3.0.1; } } ospf { area 0.0.0.0 { interface fe-1/2/2.0; interface fe-1/2/1.0; interface lo0.0 { passive; } } }
user@ISP-2# show policy-options policy-statement exchange-peer { term AS64510-Aggregate { from { protocol aggregate; route-filter 172.16.32.0/21 exact; } then accept; } term Customer-2-Aggregate { from { protocol aggregate; route-filter 172.16.44.0/23 exact; } then accept; } term reject-all-other-routes { then reject; } } policy-statement internal-peers { term statics { from protocol static; then accept; } term next-hop-self { then { next-hop self; } } } policy-statement private-peer { term statics { from protocol static; then accept; } term isp-and-customer-routes { from { protocol bgp; route-filter 172.16.32.0/21 orlonger; } then accept; } term reject-all { then reject; } }
user@ISP-2# show routing-options static { route 172.16.34.0/24 reject; route 172.16.35.0/24 reject; } aggregate { route 172.16.44.0/23; route 172.16.32.0/21; } router-id 192.168.0.2; autonomous-system 64510;
Wenn Sie mit der Konfiguration des Geräts fertig sind, rufen Sie den Konfigurationsmodus auf .commit
Konfigurieren des Geräts ISP-3
Verfahren
Schritt-für-Schritt-Anleitung
Im folgenden Beispiel müssen Sie durch verschiedene Ebenen in der Konfigurationshierarchie navigieren. Informationen zum Navigieren in der CLI finden Sie im Junos OS CLI-Benutzerhandbuch.Verwenden des CLI-Editors im Konfigurationsmodushttps://www.juniper.net/documentation/en_US/junos/information-products/pathway-pages/junos-cli/junos-cli.html
Auf dem Gerät ISP-3 gilt für jeden Kunden eine separate Richtlinie. Die Standardroute für Kunde-1 wird von der Richtlinie gesendet.customer-1-peer
Diese Richtlinie findet die Standardroute 0.0.0.0/0 in inet.0 und akzeptiert sie. Die Richtlinie lehnt auch alle anderen Routen ab, wodurch nicht alle BGP-Routen auf dem ISP-Router gesendet werden. Die Richtlinie gilt für Kunde-2 und enthält dieselben Richtlinienbedingungen, die auch die Standardroute und keine anderen Transit-BGP-Routen senden.customer-2-peer
Die zusätzlichen Bedingungen in der Richtlinie senden die ISP-Kundenrouten an Kunde-2.customer-2-peer
Da es auf dem Gerät ISP-3 lokale statische Routen gibt, die lokale Kunden repräsentieren, werden diese Routen ebenso gesendet wie alle anderen internen Routen, die von den anderen ISP-Routern an den lokalen Router gemeldet werden.
Wenn die Upstreamroute von Device Exchange-1 (172.16.8.0/21) vorhanden ist, generiert Device ISP-3 eine Standardroute.
So konfigurieren Sie das Gerät ISP-3:
Konfigurieren Sie die Geräteschnittstellen.
[edit interfaces] user@ISP-3# set fe-1/2/0 unit 0 description to_ISP-1 user@ISP-3# set fe-1/2/0 unit 0 family inet address 10.0.0.1/30 user@ISP-3# set fe-1/2/2 unit 0 description to_ISP-2 user@ISP-3# set fe-1/2/2 unit 0 family inet address 10.0.0.5/30 user@ISP-3# set fe-1/2/3 unit 0 description to_Customer-1 user@ISP-3# set fe-1/2/3 unit 0 family inet address 10.1.0.5/30 user@ISP-3# set fe-1/2/1 unit 0 description to_Customer-2 user@ISP-3# set fe-1/2/1 unit 0 family inet address 10.0.0.9/30 user@ISP-3# set lo0 unit 0 family inet address 192.168.0.3/32
Konfigurieren Sie das Interior Gateway Protocol (IGP).
[edit protocols ospf area 0.0.0.0] user@ISP-3# set interface fe-1/2/0.0 user@ISP-3# set interface fe-1/2/2.0 user@ISP-3# set interface lo0.0 passive
Konfigurieren Sie die statischen Routen.
[edit routing-options static] user@ISP-3# set route 172.16.36.0/24 reject user@ISP-3# set route 172.16.37.0/24 reject user@ISP-3# set route 172.16.38.0/24 reject user@ISP-3# set route 172.16.39.0/24 reject
Konfigurieren Sie eine Routingrichtlinie, die nur dann eine statische Standardroute generiert, wenn eine bestimmte Upstream-Route vorhanden ist.
[edit policy-options policy-statement if-upstream-routes-exist term only-certain-contributing-routes] user@ISP-3# set from route-filter 172.16.8.0/21 exact user@ISP-3# set then accept [edit policy-options policy-statement if-upstream-routes-exist] user@ISP-3# set term reject-all-other-routes then reject [edit routing-options generate route 0.0.0.0/0] user@ISP-3# set policy if-upstream-routes-exist
Konfigurieren Sie die Routingrichtlinie für Kunde-1.
[edit policy-options policy-statement customer-1-peer] user@ISP-3# set term defaut-route from route-filter 0.0.0.0/0 exact user@ISP-3# set term defaut-route then accept user@ISP-3# set term reject-all-other-routes then reject
Konfigurieren Sie die Routingrichtlinie für Kunde-2.
[edit policy-options policy-statement customer-2-peer] user@ISP-3# set term statics from protocol static user@ISP-3# set term statics then accept user@ISP-3# set term isp-and-customer-routes from protocol bgp user@ISP-3# set term isp-and-customer-routes from route-filter 172.16.32.0/21 orlonger user@ISP-3# set term isp-and-customer-routes then accept user@ISP-3# set term default-route from route-filter 0.0.0.0/0 exact user@ISP-3# set term default-route then accept user@ISP-3# set term reject-all-other-routes then reject
Konfigurieren Sie die Routing-Richtlinien für die internen Peers.
[edit policy-options policy-statement internal-peers] user@ISP-3# set term statics from protocol static user@ISP-3# set term statics then accept user@ISP-3# set term next then next-hop self
Konfigurieren Sie die internen BGP-Verbindungen (IBGP) zu den anderen ISP-Geräten.
[edit protocols bgp group int] user@ISP-3# set type internal user@ISP-3# set local-address 192.168.0.3 user@ISP-3# set export internal-peers user@ISP-3# set neighbor 192.168.0.1 user@ISP-3# set neighbor 192.168.0.2
Konfigurieren Sie die EBGP-Verbindungen zu den Kunden-Peers.
[edit protocols bgp group to_64511] user@ISP-3# set type external user@ISP-3# set export customer-1-peer user@ISP-3# set neighbor 10.1.0.6 peer-as 64511 [edit protocols bgp group to_64512] user@ISP-3# set type external user@ISP-3# set export customer-2-peer user@ISP-3# set neighbor 10.0.0.10 peer-as 64512
Konfigurieren Sie die AS-Nummer (Autonomous System) und die Router-ID.
[edit routing-options] user@ISP-3# set router-id 192.168.0.3 user@ISP-3# set autonomous-system 64510
Ergebnisse
Bestätigen Sie im Konfigurationsmodus Ihre Konfiguration, indem Sie die Befehle , , und eingeben.show interfaces
show protocols
show policy-options
show routing-options
Wenn die Ausgabe nicht die gewünschte Konfiguration anzeigt, wiederholen Sie die Anweisungen in diesem Beispiel, um die Konfiguration zu korrigieren.
user@ISP-3# show interfaces fe-1/2/0 { unit 0 { description to_ISP-1; family inet { address 10.0.0.1/30; } } } fe-1/2/1 { unit 0 { description to_Customer-2; family inet { address 10.0.0.9/30; } } } fe-1/2/2 { unit 0 { description to_ISP-2; family inet { address 10.0.0.5/30; } } } fe-1/2/3 { unit 0 { description to_Customer-1; family inet { address 10.1.0.5/30; } } } lo0 { unit 0 { family inet { address 192.168.0.3/32; } } }
user@ISP-3# show protocols bgp { group int { type internal; local-address 192.168.0.3; export internal-peers; neighbor 192.168.0.1; neighbor 192.168.0.2; } group to_64511 { type external; export customer-1-peer; neighbor 10.1.0.6 { peer-as 64511; } } group to_64512 { type external; export customer-2-peer; neighbor 10.0.0.10 { peer-as 64512; } } } ospf { area 0.0.0.0 { interface fe-1/2/0.0; interface fe-1/2/2.0; interface lo0.0 { passive; } } }
user@ISP-3# show policy-options policy-statement customer-1-peer { term defaut-route { from { route-filter 0.0.0.0/0 exact; } then accept; } term reject-all-other-routes { then reject; } } policy-statement customer-2-peer { term statics { from protocol static; then accept; } term isp-and-customer-routes { from { protocol bgp; route-filter 172.16.32.0/21 orlonger; } then accept; } term default-route { from { route-filter 0.0.0.0/0 exact; } then accept; } term reject-all-other-routes { then reject; } } policy-statement if-upstream-routes-exist { term only-certain-contributing-routes { from { route-filter 172.16.8.0/21 exact; } then accept; } term reject-all-other-routes { then reject; } } policy-statement internal-peers { term statics { from protocol static; then accept; } term next { then { next-hop self; } } }
user@ISP-3# show routing-options static { route 172.16.36.0/24 reject; route 172.16.37.0/24 reject; route 172.16.38.0/24 reject; route 172.16.39.0/24 reject; } generate { route 0.0.0.0/0 policy if-upstream-routes-exist; } router-id 192.168.0.3; autonomous-system 64510;
Wenn Sie mit der Konfiguration des Geräts fertig sind, rufen Sie den Konfigurationsmodus auf .commit
Konfigurieren von Device Exchange-2
Verfahren
Schritt-für-Schritt-Anleitung
Im folgenden Beispiel müssen Sie durch verschiedene Ebenen in der Konfigurationshierarchie navigieren. Informationen zum Navigieren in der CLI finden Sie im Junos OS CLI-Benutzerhandbuch.Verwenden des CLI-Editors im Konfigurationsmodushttps://www.juniper.net/documentation/en_US/junos/information-products/pathway-pages/junos-cli/junos-cli.html
Device Exchange-2 tauscht alle BGP-Routen mit allen BGP-Peers aus. Die Richtlinie für ausgehende Routen für Device Exchange-2 kündigt lokal definierte statische Routen mithilfe von BGP an. Durch den Ausschluss einer endgültigen Laufzeit wird die standardmäßige BGP-Exportrichtlinie wirksam, die darin besteht, dass alle BGP-Routen an alle externen BGP-Peers gesendet werden.then reject
So konfigurieren Sie Device Exchange-2:
Konfigurieren Sie die Geräteschnittstellen.
[edit interfaces] user@Exchange-2# set fe-1/2/0 unit 0 description to_ISP-2 user@Exchange-2# set fe-1/2/0 unit 0 family inet address 10.3.0.1/30 user@Exchange-2# set fe-1/2/2 unit 0 description to_Exchange-1 user@Exchange-2# set fe-1/2/2 unit 0 family inet address 10.3.0.41/30 user@Exchange-2# set fe-1/2/1 unit 0 description to_Private-Peer-2 user@Exchange-2# set fe-1/2/1 unit 0 family inet address 10.3.0.49/30 user@Exchange-2# set lo0 unit 0 family inet address 192.168.0.7/32
Konfigurieren Sie die statischen Routen.
[edit routing-options static] set route 172.16.16.0/21 reject
Konfigurieren Sie eine Routingrichtlinie, die nur dann eine statische Standardroute generiert, wenn bestimmte interne Routen vorhanden sind.
[edit policy-options policy-statement outbound-routes term statics] user@Exchange-2# set from protocol static user@Exchange-2# set then accept
Konfigurieren Sie die EBGP-Verbindungen zu den Kunden-Peers.
[edit protocols bgp group ext] user@Exchange-2# set type external user@Exchange-2# set export outbound-routes user@Exchange-2# set neighbor 10.3.0.2 peer-as 64510 user@Exchange-2# set neighbor 10.3.0.50 peer-as 64516 user@Exchange-2# set neighbor 10.3.0.42 peer-as 64514
Konfigurieren Sie die AS-Nummer (Autonomous System).
[edit routing-options] user@Exchange-2# set autonomous-system 64515
Ergebnisse
Bestätigen Sie im Konfigurationsmodus Ihre Konfiguration, indem Sie die Befehle , , und eingeben.show interfaces
show protocols
show policy-options
show routing-options
Wenn die Ausgabe nicht die gewünschte Konfiguration anzeigt, wiederholen Sie die Anweisungen in diesem Beispiel, um die Konfiguration zu korrigieren.
user@Exchange-2 show interfaces fe-1/2/0 { unit 0 { description to_ISP-2; family inet { address 10.3.0.1/30; } } } fe-1/2/1 { unit 0 { description to_Private-Peer-2; family inet { address 10.3.0.49/30; } } } fe-1/2/2 { unit 0 { description to_Exchange-1; family inet { address 10.3.0.41/30; } } } lo0 { unit 0 { family inet { address 192.168.0.7/32; } } }
user@Exchange-2# show protocols bgp { group ext { type external; export outbound-routes; neighbor 10.3.0.2 { peer-as 64510; } neighbor 10.3.0.50 { peer-as 64516; } neighbor 10.3.0.42 { peer-as 64514; } } }
user@Exchange-2# show policy-options policy-statement outbound-routes { term statics { from protocol static; then accept; } }
user@Exchange-2# show routing-options static { route 172.16.16.0/21 reject; } autonomous-system 64515;
Wenn Sie mit der Konfiguration des Geräts fertig sind, rufen Sie den Konfigurationsmodus auf .commit
Konfigurieren von Gerät Private-Peer-2
Verfahren
Schritt-für-Schritt-Anleitung
Im folgenden Beispiel müssen Sie durch verschiedene Ebenen in der Konfigurationshierarchie navigieren. Informationen zum Navigieren in der CLI finden Sie im Junos OS CLI-Benutzerhandbuch.Verwenden des CLI-Editors im Konfigurationsmodushttps://www.juniper.net/documentation/en_US/junos/information-products/pathway-pages/junos-cli/junos-cli.html
Das Gerät Private-Peer-2 erfüllt zwei Hauptfunktionen:
Kündigt lokale Routen zu AS 64516 sowohl den Exchange-Peers als auch den ISP-Routern an. Die Richtlinie kündigt die lokalen statischen Routen (d. h. Kunden) auf dem Router an und kündigt auch alle von BGP gelernten Routen an, die entweder aus AS 64516 oder AS 64512 stammen.
outbound-routes
Diese Routen beinhalten neben dem AS 64512-Kunden weitere AS 64516-Kundenrouten. Die AS-Routen werden durch einen AS-Pfad identifiziert, der den Kriterien für reguläre Ausdrücke in der Richtlinie entspricht.Kündigt die Standardroute 0.0.0.0/0 für den Kundenrouter AS 64512 an. Um dies zu erreichen, erstellt der private Peer lokal auf dem Router eine generierte Route für 0.0.0.0/0. Dieser generierten Route wird außerdem eine Richtlinie namens zugewiesen, die zulässt, dass nur bestimmte Routen zur generierten Route beitragen, wodurch sie zu einer aktiven Route in der Routing-Tabelle wird.
if-upstream-routes-exist
Sobald die Route aktiv ist, kann sie über BGP und die konfigurierten Richtlinien an den AS 64512-Router gesendet werden. Die Richtlinie akzeptiert nur die Route 172.16.32.0/21 von Device Exchange-2 und lehnt alle anderen Routen ab.if-upstream-routes-exist
Wenn die Route 172.16.32.0/21 vom Exchange-Peer zurückgezogen wird, verliert der private Peer die Standardroute 0.0.0.0/0 und zieht die Standardroute vom Kundenrouter AS 64512 zurück.
So konfigurieren Sie Gerät Private-Peer-2:
Konfigurieren Sie die Geräteschnittstellen.
[edit interfaces] user@Private-Peer-2# set fe-1/2/3 unit 0 description to_ISP-2 user@Private-Peer-2# set fe-1/2/3 unit 0 family inet address 10.3.0.5/30 user@Private-Peer-2# set fe-1/2/0 unit 0 description to_Customer-1 user@Private-Peer-2# set fe-1/2/0 unit 0 family inet address 10.0.0.22/30 user@Private-Peer-2# set fe-1/2/1 unit 0 description to_Exchange-2 user@Private-Peer-2# set fe-1/2/1 unit 0 family inet address 10.3.0.50/30 user@Private-Peer-2# set lo0 unit 0 family inet address 192.168.0.5/32
Konfigurieren Sie die statischen Routen.
[edit routing-options static] user@Private-Peer-2# set route 172.16.24.0/25 reject user@Private-Peer-2# set route 172.16.24.128/25 reject user@Private-Peer-2# set route 172.16.25.0/26 reject user@Private-Peer-2# set route 172.16.25.64/26 reject
Konfigurieren Sie eine Routingrichtlinie, die nur dann eine statische Standardroute generiert, wenn bestimmte interne Routen vorhanden sind.
[edit policy-options policy-statement if-upstream-routes-exist] user@Private-Peer-2# set term as-64515-routes from route-filter 172.16.16.0/21 exact user@Private-Peer-2# set term as-64515-routes then accept user@Private-Peer-2# set term reject-all-other-routes then reject [edit routing-options generate route 0.0.0.0/0] user@Private-Peer-2# set policy if-upstream-routes-exist
Konfigurieren Sie die Routingrichtlinie, die lokale statische Routen ankündigt, und die Standardroute.
[edit policy-options policy-statement internal-routes] user@Private-Peer-2# set term statics from protocol static user@Private-Peer-2# set term statics then accept user@Private-Peer-2# set term default-route from route-filter 0.0.0.0/0 exact user@Private-Peer-2# set term default-route then accept user@Private-Peer-2# set term reject-all-other-routes then reject
Konfigurieren Sie die Routingrichtlinie, die lokale Kundenrouten ankündigt.
[edit policy-options policy-statement outbound-routes] user@Private-Peer-2# set term statics from protocol static user@Private-Peer-2# set term statics then accept user@Private-Peer-2# set term allowed-bgp-routes from as-path my-own-routes user@Private-Peer-2# set term allowed-bgp-routes from as-path AS64512-routes user@Private-Peer-2# set term allowed-bgp-routes then accept user@Private-Peer-2# set term no-transit then reject [edit policy-options] user@Private-Peer-2# set as-path my-own-routes "()" user@Private-Peer-2# set as-path AS64512-routes 64512
Konfigurieren Sie die EBGP-Verbindung mit Customer-2.
[edit protocols bgp group to-64512] user@Private-Peer-2# set type external user@Private-Peer-2# set export internal-routes user@Private-Peer-2# set peer-as 64512 user@Private-Peer-2# set neighbor 10.0.0.21
Konfigurieren Sie die EBGP-Verbindung zu Device Exchange-2.
[edit protocols bgp group to-64515] user@Private-Peer-2# set type external user@Private-Peer-2# set export outbound-routes user@Private-Peer-2# set peer-as 64515 user@Private-Peer-2# set neighbor 10.3.0.49
Konfigurieren Sie die EBGP-Verbindungen zum ISP.
[edit protocols bgp group ext] user@Private-Peer-2# set type external user@Private-Peer-2# set export outbound-routes user@Private-Peer-2# set peer-as 64510 user@Private-Peer-2# set neighbor 10.3.0.6
Konfigurieren Sie die AS-Nummer (Autonomous System).
[edit routing-options] user@Private-Peer-2# set autonomous-system 64516
Ergebnisse
Bestätigen Sie im Konfigurationsmodus Ihre Konfiguration, indem Sie die Befehle , , und eingeben.show interfaces
show protocols
show policy-options
show routing-options
Wenn die Ausgabe nicht die gewünschte Konfiguration anzeigt, wiederholen Sie die Anweisungen in diesem Beispiel, um die Konfiguration zu korrigieren.
user@Private-Peer-2# show interfaces fe-1/2/0 { unit 0 { description to_Customer-1; family inet { address 10.0.0.22/30; } } } fe-1/2/1 { unit 0 { description to_Exchange-2; family inet { address 10.3.0.50/30; } } } fe-1/2/3 { unit 0 { description to_ISP-2; family inet { address 10.3.0.5/30; } } } lo0 { unit 0 { family inet { address 192.168.0.5/32; } } }
user@Private-Peer-2# show protocols bgp { group ext { type external; export outbound-routes; peer-as 64510; neighbor 10.3.0.6; } group to-64512 { type external; export internal-routes; peer-as 64512; neighbor 10.0.0.21; } group to-64515 { type external; export outbound-routes; peer-as 64515; neighbor 10.3.0.49; } }
user@Private-Peer-2# show policy-options policy-statement if-upstream-routes-exist { term as-64515-routes { from { route-filter 172.16.16.0/21 exact; } then accept; } term reject-all-other-routes { then reject; } } policy-statement internal-routes { term statics { from protocol static; then accept; } term default-route { from { route-filter 0.0.0.0/0 exact; } then accept; } term reject-all-other-routes { then reject; } } policy-statement outbound-routes { term statics { from protocol static; then accept; } term allowed-bgp-routes { from as-path [ my-own-routes AS64512-routes ]; then accept; } term no-transit { then reject; } } as-path my-own-routes "()"; as-path AS64512-routes 64512;
user@Private-Peer-2# show routing-options static { route 172.16.24.0/25 reject; route 172.16.24.128/25 reject; route 172.16.25.0/26 reject; route 172.16.25.64/26 reject; } generate { route 0.0.0.0/0 policy if-upstream-routes-exist; } autonomous-system 64516;
Wenn Sie mit der Konfiguration des Geräts fertig sind, rufen Sie den Konfigurationsmodus auf .commit
Überprüfung
Vergewissern Sie sich, dass die Konfiguration ordnungsgemäß funktioniert.
- Überprüfen der Routen auf dem Gerät Kunde-1
- Überprüfen der Routen auf dem Gerät Kunde-2
- Überprüfen der Routen auf dem Gerät ISP-1
- Überprüfen der Routen auf dem Gerät ISP-2
- Überprüfen der Routen auf dem Gerät ISP-3
- Überprüfen der Routen auf Device Exchange-1
- Überprüfen der Routen auf Device Exchange-2
- Überprüfen der Routen auf dem Gerät private-peer-1
- Überprüfen der Routen auf dem Gerät Private-Peer-2
Überprüfen der Routen auf dem Gerät Kunde-1
Zweck
Überprüfen Sie auf Gerät Kunde-1 die Routen in der Routing-Tabelle.
Was
user@Customer-1> show route inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[BGP/170] 00:09:25, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.1.0.5 via fe-1/2/3.0 10.1.0.4/30 *[Direct/0] 23:50:20 > via fe-1/2/3.0 10.1.0.6/32 *[Local/0] 5d 21:56:47 Local via fe-1/2/3.0 172.16.40.0/25 *[Static/5] 22:59:04 Reject 172.16.40.128/25 *[Static/5] 22:59:04 Reject 172.16.41.0/25 *[Static/5] 22:59:04 Reject 172.16.41.128/25 *[Static/5] 22:59:04 Reject 192.168.0.8/32 *[Direct/0] 5d 21:25:45 > via lo0.0
Bedeutung
Gerät Kunde-1 verfügt über seine vier statischen Routen und hat die Standardroute über BGP gelernt.
Überprüfen der Routen auf dem Gerät Kunde-2
Zweck
Überprüfen Sie auf Gerät Kunde-2 die Routen in der Routing-Tabelle.
Was
user@Customer-2> show route inet.0: 22 destinations, 23 routes (22 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[BGP/170] 00:10:35, localpref 200 AS path: 64510 I, validation-state: unverified > to 10.0.0.9 via fe-1/2/0.10 [BGP/170] 04:58:09, localpref 50 AS path: 64516 I, validation-state: unverified > to 10.0.0.22 via fe-1/2/0.0 10.0.0.8/30 *[Direct/0] 23:51:29 > via fe-1/2/0.10 10.0.0.10/32 *[Local/0] 23:52:49 Local via fe-1/2/0.10 10.0.0.20/30 *[Direct/0] 23:52:49 > via fe-1/2/0.0 10.0.0.21/32 *[Local/0] 23:52:49 Local via fe-1/2/0.0 172.16.24.0/25 *[BGP/170] 04:58:09, localpref 50 AS path: 64516 I, validation-state: unverified > to 10.0.0.22 via fe-1/2/0.0 172.16.24.128/25 *[BGP/170] 04:58:09, localpref 50 AS path: 64516 I, validation-state: unverified > to 10.0.0.22 via fe-1/2/0.0 172.16.25.0/26 *[BGP/170] 04:58:09, localpref 50 AS path: 64516 I, validation-state: unverified > to 10.0.0.22 via fe-1/2/0.0 172.16.25.64/26 *[BGP/170] 04:58:09, localpref 50 AS path: 64516 I, validation-state: unverified > to 10.0.0.22 via fe-1/2/0.0 172.16.32.0/24 *[BGP/170] 22:38:47, localpref 200 AS path: 64510 I, validation-state: unverified > to 10.0.0.9 via fe-1/2/0.10 172.16.33.0/24 *[BGP/170] 22:38:47, localpref 200 AS path: 64510 I, validation-state: unverified > to 10.0.0.9 via fe-1/2/0.10 172.16.34.0/24 *[BGP/170] 22:38:47, localpref 200 AS path: 64510 I, validation-state: unverified > to 10.0.0.9 via fe-1/2/0.10 172.16.35.0/24 *[BGP/170] 22:38:47, localpref 200 AS path: 64510 I, validation-state: unverified > to 10.0.0.9 via fe-1/2/0.10 172.16.36.0/24 *[BGP/170] 22:38:47, localpref 200 AS path: 64510 I, validation-state: unverified > to 10.0.0.9 via fe-1/2/0.10 172.16.37.0/24 *[BGP/170] 22:38:47, localpref 200 AS path: 64510 I, validation-state: unverified > to 10.0.0.9 via fe-1/2/0.10 172.16.38.0/24 *[BGP/170] 22:38:47, localpref 200 AS path: 64510 I, validation-state: unverified > to 10.0.0.9 via fe-1/2/0.10 172.16.39.0/24 *[BGP/170] 22:38:47, localpref 200 AS path: 64510 I, validation-state: unverified > to 10.0.0.9 via fe-1/2/0.10 172.16.44.0/26 *[Static/5] 22:57:28 Reject 172.16.44.64/26 *[Static/5] 22:57:28 Reject 172.16.44.128/26 *[Static/5] 22:57:28 Reject 172.16.44.192/26 *[Static/5] 22:57:28 Reject 192.168.0.9/32 *[Direct/0] 23:52:49 > via lo0.0
Bedeutung
Gerät Kunde-2 hat die Standardroute durch seine Sitzung mit dem ISP und auch durch seine Sitzung mit dem privaten Peer gelernt. Die vom ISP gelernte Route wird bevorzugt, da sie eine höhere lokale Präferenz aufweist.
Überprüfen der Routen auf dem Gerät ISP-1
Zweck
Überprüfen Sie auf dem Gerät ISP-1 die Routen in der Routing-Tabelle.
Was
user@ISP-1> show route inet.0: 42 destinations, 53 routes (42 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[BGP/170] 22:44:26, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.1.0.1 via fe-1/2/1.0 10.0.0.0/30 *[Direct/0] 23:52:01 > via fe-1/2/0.0 10.0.0.2/32 *[Local/0] 23:52:01 Local via fe-1/2/0.0 10.0.0.4/30 *[OSPF/10] 23:51:06, metric 2 to 10.1.0.1 via fe-1/2/1.0 > to 10.0.0.1 via fe-1/2/0.0 10.0.0.20/30 *[BGP/170] 23:50:55, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.1.0.1 via fe-1/2/1.0 [BGP/170] 23:51:28, localpref 100 AS path: 64514 64515 64516 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 10.1.0.0/30 *[Direct/0] 23:52:01 > via fe-1/2/1.0 10.1.0.2/32 *[Local/0] 23:52:01 Local via fe-1/2/1.0 10.2.0.0/30 *[Direct/0] 23:52:01 > via fe-1/2/2.0 10.2.0.2/32 *[Local/0] 23:52:01 Local via fe-1/2/2.0 10.2.0.4/30 *[Direct/0] 23:52:00 > via fe-1/2/3.0 10.2.0.6/32 *[Local/0] 23:52:00 Local via fe-1/2/3.0 10.3.0.4/30 *[BGP/170] 23:51:28, localpref 100 AS path: 64514 64515 64516 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 10.3.0.48/30 *[BGP/170] 23:50:55, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.1.0.1 via fe-1/2/1.0 172.16.8.0/21 *[BGP/170] 00:11:08, localpref 100 AS path: 64514 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 172.16.16.0/21 *[BGP/170] 02:02:10, localpref 100, from 192.168.0.2 AS path: 64515 I, validation-state: unverified > to 10.1.0.1 via fe-1/2/1.0 [BGP/170] 02:02:10, localpref 100 AS path: 64514 64515 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 172.16.24.0/25 *[BGP/170] 23:06:33, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.1.0.1 via fe-1/2/1.0 [BGP/170] 23:06:33, localpref 100 AS path: 64514 64515 64516 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 172.16.24.128/25 *[BGP/170] 23:06:33, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.1.0.1 via fe-1/2/1.0 [BGP/170] 23:06:33, localpref 100 AS path: 64514 64515 64516 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 172.16.25.0/26 *[BGP/170] 23:06:33, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.1.0.1 via fe-1/2/1.0 [BGP/170] 23:06:33, localpref 100 AS path: 64514 64515 64516 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 172.16.25.64/26 *[BGP/170] 23:06:33, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.1.0.1 via fe-1/2/1.0 [BGP/170] 23:06:33, localpref 100 AS path: 64514 64515 64516 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 172.16.32.0/21 *[Aggregate/130] 22:44:27 Reject 172.16.32.0/24 *[Static/5] 22:44:27 Reject 172.16.33.0/24 *[Static/5] 22:44:27 Reject 172.16.34.0/24 *[BGP/170] 22:39:20, localpref 100, from 192.168.0.2 AS path: I, validation-state: unverified > to 10.1.0.1 via fe-1/2/1.0 172.16.35.0/24 *[BGP/170] 22:39:20, localpref 100, from 192.168.0.2 AS path: I, validation-state: unverified > to 10.1.0.1 via fe-1/2/1.0 172.16.36.0/24 *[BGP/170] 22:39:20, localpref 100, from 192.168.0.3 AS path: I, validation-state: unverified > to 10.0.0.1 via fe-1/2/0.0 172.16.37.0/24 *[BGP/170] 22:39:20, localpref 100, from 192.168.0.3 AS path: I, validation-state: unverified > to 10.0.0.1 via fe-1/2/0.0 172.16.38.0/24 *[BGP/170] 22:39:20, localpref 100, from 192.168.0.3 AS path: I, validation-state: unverified > to 10.0.0.1 via fe-1/2/0.0 172.16.39.0/24 *[BGP/170] 22:39:20, localpref 100, from 192.168.0.3 AS path: I, validation-state: unverified > to 10.0.0.1 via fe-1/2/0.0 172.16.40.0/22 *[Aggregate/130] 22:44:27 Reject 172.16.40.0/25 *[BGP/170] 23:00:47, localpref 100, from 192.168.0.3 AS path: 64511 I, validation-state: unverified > to 10.0.0.1 via fe-1/2/0.0 172.16.40.128/25 *[BGP/170] 23:00:47, localpref 100, from 192.168.0.3 AS path: 64511 I, validation-state: unverified > to 10.0.0.1 via fe-1/2/0.0 172.16.41.0/25 *[BGP/170] 23:00:47, localpref 100, from 192.168.0.3 AS path: 64511 I, validation-state: unverified > to 10.0.0.1 via fe-1/2/0.0 172.16.41.128/25 *[BGP/170] 23:00:47, localpref 100, from 192.168.0.3 AS path: 64511 I, validation-state: unverified > to 10.0.0.1 via fe-1/2/0.0 172.16.44.0/26 *[BGP/170] 22:58:01, localpref 100, from 192.168.0.3 AS path: 64512 I, validation-state: unverified > to 10.0.0.1 via fe-1/2/0.0 [BGP/170] 22:58:01, localpref 100 AS path: 64514 64515 64516 64512 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 172.16.44.64/26 *[BGP/170] 22:58:01, localpref 100, from 192.168.0.3 AS path: 64512 I, validation-state: unverified > to 10.0.0.1 via fe-1/2/0.0 [BGP/170] 22:58:01, localpref 100 AS path: 64514 64515 64516 64512 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 172.16.44.128/26 *[BGP/170] 22:58:01, localpref 100, from 192.168.0.3 AS path: 64512 I, validation-state: unverified > to 10.0.0.1 via fe-1/2/0.0 [BGP/170] 22:58:01, localpref 100 AS path: 64514 64515 64516 64512 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 172.16.44.192/26 *[BGP/170] 22:58:01, localpref 100, from 192.168.0.3 AS path: 64512 I, validation-state: unverified > to 10.0.0.1 via fe-1/2/0.0 [BGP/170] 22:58:01, localpref 100 AS path: 64514 64515 64516 64512 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 192.168.0.1/32 *[Direct/0] 23:52:01 > via lo0.0 192.168.0.2/32 *[OSPF/10] 23:51:06, metric 1 > to 10.1.0.1 via fe-1/2/1.0 192.168.0.3/32 *[OSPF/10] 23:51:06, metric 1 > to 10.0.0.1 via fe-1/2/0.0 192.168.0.5/32 *[BGP/170] 23:50:55, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.1.0.1 via fe-1/2/1.0 [BGP/170] 23:51:28, localpref 100 AS path: 64514 64515 64516 I, validation-state: unverified > to 10.2.0.5 via fe-1/2/3.0 172.16.233.5/32 *[OSPF/10] 23:52:07, metric 1 MultiRecv
Überprüfen der Routen auf dem Gerät ISP-2
Zweck
Überprüfen Sie auf dem Gerät ISP-2 die Routen in der Routing-Tabelle.
Was
user@ISP-2> show route inet.0: 41 destinations, 59 routes (41 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[BGP/170] 22:45:44, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 10.0.0.0/30 *[OSPF/10] 23:52:25, metric 2 to 10.0.0.5 via fe-1/2/2.0 > to 10.1.0.2 via fe-1/2/1.0 10.0.0.4/30 *[Direct/0] 23:53:21 > via fe-1/2/2.0 10.0.0.6/32 *[Local/0] 23:53:23 Local via fe-1/2/2.0 10.0.0.20/30 *[BGP/170] 23:53:11, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 [BGP/170] 23:53:09, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 10.1.0.0/30 *[Direct/0] 23:53:19 > via fe-1/2/1.0 10.1.0.1/32 *[Local/0] 23:53:23 Local via fe-1/2/1.0 10.3.0.0/30 *[Direct/0] 23:53:22 > via fe-1/2/0.0 10.3.0.2/32 *[Local/0] 23:53:23 Local via fe-1/2/0.0 10.3.0.4/30 *[Direct/0] 23:53:23 > via fe-1/2/3.0 [BGP/170] 23:53:11, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 [BGP/170] 23:53:09, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 [BGP/170] 23:52:13, localpref 100, from 192.168.0.1 AS path: 64514 64515 64516 I, validation-state: unverified > to 10.1.0.2 via fe-1/2/1.0 10.3.0.6/32 *[Local/0] 23:53:23 Local via fe-1/2/3.0 10.3.0.48/30 *[BGP/170] 23:53:11, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 172.16.8.0/21 *[BGP/170] 00:12:26, localpref 100, from 192.168.0.1 AS path: 64514 I, validation-state: unverified > to 10.1.0.2 via fe-1/2/1.0 [BGP/170] 00:12:26, localpref 100 AS path: 64515 64514 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 172.16.16.0/21 *[BGP/170] 02:03:28, localpref 100 AS path: 64515 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 172.16.24.0/25 *[BGP/170] 23:07:51, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 [BGP/170] 23:07:51, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 172.16.24.128/25 *[BGP/170] 23:07:51, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 [BGP/170] 23:07:51, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 172.16.25.0/26 *[BGP/170] 23:07:51, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 [BGP/170] 23:07:51, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 172.16.25.64/26 *[BGP/170] 23:07:51, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 [BGP/170] 23:07:51, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 172.16.32.0/21 *[Aggregate/130] 22:40:38 Reject 172.16.32.0/24 *[BGP/170] 22:45:44, localpref 100, from 192.168.0.1 AS path: I, validation-state: unverified > to 10.1.0.2 via fe-1/2/1.0 172.16.33.0/24 *[BGP/170] 22:45:44, localpref 100, from 192.168.0.1 AS path: I, validation-state: unverified > to 10.1.0.2 via fe-1/2/1.0 172.16.34.0/24 *[Static/5] 22:40:38 Reject 172.16.35.0/24 *[Static/5] 22:40:38 Reject 172.16.36.0/24 *[BGP/170] 22:40:38, localpref 100, from 192.168.0.3 AS path: I, validation-state: unverified > to 10.0.0.5 via fe-1/2/2.0 172.16.37.0/24 *[BGP/170] 22:40:38, localpref 100, from 192.168.0.3 AS path: I, validation-state: unverified > to 10.0.0.5 via fe-1/2/2.0 172.16.38.0/24 *[BGP/170] 22:40:38, localpref 100, from 192.168.0.3 AS path: I, validation-state: unverified > to 10.0.0.5 via fe-1/2/2.0 172.16.39.0/24 *[BGP/170] 22:40:38, localpref 100, from 192.168.0.3 AS path: I, validation-state: unverified > to 10.0.0.5 via fe-1/2/2.0 172.16.40.0/25 *[BGP/170] 23:02:05, localpref 100, from 192.168.0.3 AS path: 64511 I, validation-state: unverified > to 10.0.0.5 via fe-1/2/2.0 172.16.40.128/25 *[BGP/170] 23:02:05, localpref 100, from 192.168.0.3 AS path: 64511 I, validation-state: unverified > to 10.0.0.5 via fe-1/2/2.0 172.16.41.0/25 *[BGP/170] 23:02:05, localpref 100, from 192.168.0.3 AS path: 64511 I, validation-state: unverified > to 10.0.0.5 via fe-1/2/2.0 172.16.41.128/25 *[BGP/170] 23:02:05, localpref 100, from 192.168.0.3 AS path: 64511 I, validation-state: unverified > to 10.0.0.5 via fe-1/2/2.0 172.16.44.0/23 *[Aggregate/130] 22:40:38 Reject 172.16.44.0/26 *[BGP/170] 22:59:19, localpref 100, from 192.168.0.3 AS path: 64512 I, validation-state: unverified > to 10.0.0.5 via fe-1/2/2.0 [BGP/170] 22:59:19, localpref 100 AS path: 64516 64512 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 [BGP/170] 22:59:19, localpref 100 AS path: 64515 64516 64512 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 172.16.44.64/26 *[BGP/170] 22:59:19, localpref 100, from 192.168.0.3 AS path: 64512 I, validation-state: unverified > to 10.0.0.5 via fe-1/2/2.0 [BGP/170] 22:59:19, localpref 100 AS path: 64516 64512 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 [BGP/170] 22:59:19, localpref 100 AS path: 64515 64516 64512 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 172.16.44.128/26 *[BGP/170] 22:59:19, localpref 100, from 192.168.0.3 AS path: 64512 I, validation-state: unverified > to 10.0.0.5 via fe-1/2/2.0 [BGP/170] 22:59:19, localpref 100 AS path: 64516 64512 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 [BGP/170] 22:59:19, localpref 100 AS path: 64515 64516 64512 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 172.16.44.192/26 *[BGP/170] 22:59:19, localpref 100, from 192.168.0.3 AS path: 64512 I, validation-state: unverified > to 10.0.0.5 via fe-1/2/2.0 [BGP/170] 22:59:19, localpref 100 AS path: 64516 64512 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 [BGP/170] 22:59:19, localpref 100 AS path: 64515 64516 64512 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 192.168.0.1/32 *[OSPF/10] 23:52:25, metric 1 > to 10.1.0.2 via fe-1/2/1.0 192.168.0.2/32 *[Direct/0] 23:53:23 > via lo0.0 192.168.0.3/32 *[OSPF/10] 23:52:30, metric 1 > to 10.0.0.5 via fe-1/2/2.0 192.168.0.5/32 *[BGP/170] 23:53:11, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.5 via fe-1/2/3.0 [BGP/170] 23:53:09, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.1 via fe-1/2/0.0 172.16.233.5/32 *[OSPF/10] 23:53:25, metric 1 MultiRecv
Überprüfen der Routen auf dem Gerät ISP-3
Zweck
Überprüfen Sie auf dem Gerät ISP-3 die Routen in der Routing-Tabelle.
Was
user@ISP-3> show route inet.0: 40 destinations, 41 routes (40 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Aggregate/130] 23:53:57, metric2 1 > to 10.0.0.2 via fe-1/2/0.0 [BGP/170] 22:46:17, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.0.0.6 via fe-1/2/2.0 10.0.0.0/30 *[Direct/0] 23:53:52 > via fe-1/2/0.0 10.0.0.1/32 *[Local/0] 23:53:53 Local via fe-1/2/0.0 10.0.0.4/30 *[Direct/0] 23:53:54 > via fe-1/2/2.0 10.0.0.5/32 *[Local/0] 23:53:54 Local via fe-1/2/2.0 10.0.0.8/30 *[Direct/0] 23:53:53 > via fe-1/2/1.0 10.0.0.9/32 *[Local/0] 23:53:53 Local via fe-1/2/1.0 10.0.0.20/30 *[BGP/170] 23:53:02, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.0.0.6 via fe-1/2/2.0 10.1.0.0/30 *[OSPF/10] 23:53:03, metric 2 > to 10.0.0.6 via fe-1/2/2.0 to 10.0.0.2 via fe-1/2/0.0 10.1.0.4/30 *[Direct/0] 23:53:54 > via fe-1/2/3.0 10.1.0.5/32 *[Local/0] 23:53:54 Local via fe-1/2/3.0 10.3.0.4/30 *[BGP/170] 23:52:46, localpref 100, from 192.168.0.1 AS path: 64514 64515 64516 I, validation-state: unverified > to 10.0.0.2 via fe-1/2/0.0 10.3.0.48/30 *[BGP/170] 23:53:02, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.0.0.6 via fe-1/2/2.0 172.16.8.0/21 *[BGP/170] 00:12:59, localpref 100, from 192.168.0.1 AS path: 64514 I, validation-state: unverified > to 10.0.0.2 via fe-1/2/0.0 172.16.16.0/21 *[BGP/170] 02:04:01, localpref 100, from 192.168.0.2 AS path: 64515 I, validation-state: unverified > to 10.0.0.6 via fe-1/2/2.0 172.16.24.0/25 *[BGP/170] 23:08:24, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.0.0.6 via fe-1/2/2.0 172.16.24.128/25 *[BGP/170] 23:08:24, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.0.0.6 via fe-1/2/2.0 172.16.25.0/26 *[BGP/170] 23:08:24, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.0.0.6 via fe-1/2/2.0 172.16.25.64/26 *[BGP/170] 23:08:24, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.0.0.6 via fe-1/2/2.0 172.16.32.0/24 *[BGP/170] 22:46:17, localpref 100, from 192.168.0.1 AS path: I, validation-state: unverified > to 10.0.0.2 via fe-1/2/0.0 172.16.33.0/24 *[BGP/170] 22:46:17, localpref 100, from 192.168.0.1 AS path: I, validation-state: unverified > to 10.0.0.2 via fe-1/2/0.0 172.16.34.0/24 *[BGP/170] 22:41:11, localpref 100, from 192.168.0.2 AS path: I, validation-state: unverified > to 10.0.0.6 via fe-1/2/2.0 172.16.35.0/24 *[BGP/170] 22:41:11, localpref 100, from 192.168.0.2 AS path: I, validation-state: unverified > to 10.0.0.6 via fe-1/2/2.0 172.16.36.0/24 *[Static/5] 22:41:11 Reject 172.16.37.0/24 *[Static/5] 22:41:11 Reject 172.16.38.0/24 *[Static/5] 22:41:11 Reject 172.16.39.0/24 *[Static/5] 22:41:11 Reject 172.16.40.0/25 *[BGP/170] 23:02:38, localpref 100 AS path: 64511 I, validation-state: unverified > to 10.1.0.6 via fe-1/2/3.0 172.16.40.128/25 *[BGP/170] 23:02:38, localpref 100 AS path: 64511 I, validation-state: unverified > to 10.1.0.6 via fe-1/2/3.0 172.16.41.0/25 *[BGP/170] 23:02:38, localpref 100 AS path: 64511 I, validation-state: unverified > to 10.1.0.6 via fe-1/2/3.0 172.16.41.128/25 *[BGP/170] 23:02:38, localpref 100 AS path: 64511 I, validation-state: unverified > to 10.1.0.6 via fe-1/2/3.0 172.16.44.0/26 *[BGP/170] 22:59:52, localpref 100 AS path: 64512 I, validation-state: unverified > to 10.0.0.10 via fe-1/2/1.0 172.16.44.64/26 *[BGP/170] 22:59:52, localpref 100 AS path: 64512 I, validation-state: unverified > to 10.0.0.10 via fe-1/2/1.0 172.16.44.128/26 *[BGP/170] 22:59:52, localpref 100 AS path: 64512 I, validation-state: unverified > to 10.0.0.10 via fe-1/2/1.0 172.16.44.192/26 *[BGP/170] 22:59:52, localpref 100 AS path: 64512 I, validation-state: unverified > to 10.0.0.10 via fe-1/2/1.0 192.168.0.1/32 *[OSPF/10] 23:53:03, metric 1 > to 10.0.0.2 via fe-1/2/0.0 192.168.0.2/32 *[OSPF/10] 23:53:03, metric 1 > to 10.0.0.6 via fe-1/2/2.0 192.168.0.3/32 *[Direct/0] 23:53:54 > via lo0.0 192.168.0.5/32 *[BGP/170] 23:53:02, localpref 100, from 192.168.0.2 AS path: 64516 I, validation-state: unverified > to 10.0.0.6 via fe-1/2/2.0 172.16.233.5/32 *[OSPF/10] 23:53:58, metric 1 MultiRecv
Überprüfen der Routen auf Device Exchange-1
Zweck
Überprüfen Sie auf Device Exchange-1 die Routen in der Routing-Tabelle.
Was
user@Exchange-1> show route inet.0: 23 destinations, 24 routes (23 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 10.0.0.20/30 *[BGP/170] 23:53:51, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 10.2.0.4/30 *[Direct/0] 23:54:23 > via fe-1/2/3.0 10.2.0.5/32 *[Local/0] 23:54:29 Local via fe-1/2/3.0 10.3.0.4/30 *[BGP/170] 23:53:51, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 10.3.0.40/30 *[Direct/0] 23:54:27 > via fe-1/2/2.0 10.3.0.42/32 *[Local/0] 23:54:29 Local via fe-1/2/2.0 10.3.0.44/30 *[Direct/0] 23:54:29 > via fe-1/2/1.0 10.3.0.45/32 *[Local/0] 23:54:29 Local via fe-1/2/1.0 172.16.8.0/21 *[Static/5] 00:13:31 Reject 172.16.16.0/21 *[BGP/170] 02:04:33, localpref 100 AS path: 64515 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 172.16.24.0/25 *[BGP/170] 23:08:56, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 172.16.24.128/25 *[BGP/170] 23:08:56, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 172.16.25.0/26 *[BGP/170] 23:08:56, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 172.16.25.64/26 *[BGP/170] 23:08:56, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 172.16.32.0/21 *[BGP/170] 22:46:49, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.2.0.6 via fe-1/2/3.0 [BGP/170] 22:41:43, localpref 100 AS path: 64515 64510 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 172.16.40.0/22 *[BGP/170] 22:46:49, localpref 100 AS path: 64510 64511 I, validation-state: unverified > to 10.2.0.6 via fe-1/2/3.0 172.16.44.0/23 *[BGP/170] 22:41:43, localpref 100 AS path: 64515 64510 64512 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 172.16.44.0/26 *[BGP/170] 23:00:24, localpref 100 AS path: 64515 64516 64512 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 172.16.44.64/26 *[BGP/170] 23:00:24, localpref 100 AS path: 64515 64516 64512 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 172.16.44.128/26 *[BGP/170] 23:00:24, localpref 100 AS path: 64515 64516 64512 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 172.16.44.192/26 *[BGP/170] 23:00:24, localpref 100 AS path: 64515 64516 64512 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 192.168.0.5/32 *[BGP/170] 23:53:51, localpref 100 AS path: 64515 64516 I, validation-state: unverified > to 10.3.0.41 via fe-1/2/2.0 192.168.0.6/32 *[Direct/0] 23:54:29 > via lo0.0
Überprüfen der Routen auf Device Exchange-2
Zweck
Überprüfen Sie auf Device Exchange-2 die Routen in der Routing-Tabelle.
Was
user@Exchange-2> show route inet.0: 24 destinations, 26 routes (23 active, 0 holddown, 1 hidden) + = Active Route, - = Last Active, * = Both 10.0.0.20/30 *[BGP/170] 23:54:44, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.50 via fe-1/2/1.0 10.3.0.0/30 *[Direct/0] 23:54:57 > via fe-1/2/0.0 10.3.0.1/32 *[Local/0] 23:54:57 Local via fe-1/2/0.0 10.3.0.4/30 *[BGP/170] 23:54:44, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.50 via fe-1/2/1.0 10.3.0.40/30 *[Direct/0] 23:54:57 > via fe-1/2/2.0 10.3.0.41/32 *[Local/0] 23:54:57 Local via fe-1/2/2.0 10.3.0.48/30 *[Direct/0] 23:54:57 > via fe-1/2/1.0 [BGP/170] 23:54:44, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.50 via fe-1/2/1.0 10.3.0.49/32 *[Local/0] 23:54:57 Local via fe-1/2/1.0 172.16.8.0/21 *[BGP/170] 00:14:01, localpref 100 AS path: 64514 I, validation-state: unverified > to 10.3.0.42 via fe-1/2/2.0 172.16.16.0/21 *[Static/5] 02:05:03 Reject 172.16.24.0/25 *[BGP/170] 23:09:26, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.50 via fe-1/2/1.0 172.16.24.128/25 *[BGP/170] 23:09:26, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.50 via fe-1/2/1.0 172.16.25.0/26 *[BGP/170] 23:09:26, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.50 via fe-1/2/1.0 172.16.25.64/26 *[BGP/170] 23:09:26, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.50 via fe-1/2/1.0 172.16.32.0/21 *[BGP/170] 22:42:13, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.3.0.2 via fe-1/2/0.0 [BGP/170] 22:47:19, localpref 100 AS path: 64514 64510 I, validation-state: unverified > to 10.3.0.42 via fe-1/2/2.0 172.16.40.0/22 *[BGP/170] 22:47:19, localpref 100 AS path: 64514 64510 64511 I, validation-state: unverified > to 10.3.0.42 via fe-1/2/2.0 172.16.44.0/23 *[BGP/170] 22:42:13, localpref 100 AS path: 64510 64512 I, validation-state: unverified > to 10.3.0.2 via fe-1/2/0.0 172.16.44.0/26 *[BGP/170] 23:00:54, localpref 100 AS path: 64516 64512 I, validation-state: unverified > to 10.3.0.50 via fe-1/2/1.0 172.16.44.64/26 *[BGP/170] 23:00:54, localpref 100 AS path: 64516 64512 I, validation-state: unverified > to 10.3.0.50 via fe-1/2/1.0 172.16.44.128/26 *[BGP/170] 23:00:54, localpref 100 AS path: 64516 64512 I, validation-state: unverified > to 10.3.0.50 via fe-1/2/1.0 172.16.44.192/26 *[BGP/170] 23:00:54, localpref 100 AS path: 64516 64512 I, validation-state: unverified > to 10.3.0.50 via fe-1/2/1.0 192.168.0.5/32 *[BGP/170] 23:54:44, localpref 100 AS path: 64516 I, validation-state: unverified > to 10.3.0.50 via fe-1/2/1.0 192.168.0.7/32 *[Direct/0] 23:54:57 > via lo0.0
Bedeutung
Auf Device Exchange-2 ist die Standardroute 0/0 ausgeblendet, da der nächste Hop für die Route eine eigene Schnittstelle zu Device Private-Peer-2 ist, von dem die Route empfangen wurde. Die Route ist versteckt, um eine Schleife zu vermeiden.
Überprüfen der Routen auf dem Gerät private-peer-1
Zweck
Überprüfen Sie auf Gerät Private-Peer-1 die Routen in der Routing-Tabelle.
Was
user@Private-Peer-1> show route inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 10.2.0.0/30 *[Direct/0] 23:58:57 > via fe-1/2/2.0 10.2.0.1/32 *[Local/0] 5d 21:34:22 Local via fe-1/2/2.0 10.3.0.44/30 *[Direct/0] 23:59:02 > via fe-1/2/1.0 10.3.0.46/32 *[Local/0] 1d 03:19:52 Local via fe-1/2/1.0 172.16.32.0/24 *[BGP/170] 22:51:22, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.2.0.2 via fe-1/2/2.0 172.16.33.0/24 *[BGP/170] 22:51:22, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.2.0.2 via fe-1/2/2.0 172.16.34.0/24 *[BGP/170] 22:46:16, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.2.0.2 via fe-1/2/2.0 172.16.35.0/24 *[BGP/170] 22:46:16, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.2.0.2 via fe-1/2/2.0 172.16.36.0/24 *[BGP/170] 22:46:16, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.2.0.2 via fe-1/2/2.0 172.16.37.0/24 *[BGP/170] 22:46:16, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.2.0.2 via fe-1/2/2.0 172.16.38.0/24 *[BGP/170] 22:46:16, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.2.0.2 via fe-1/2/2.0 172.16.39.0/24 *[BGP/170] 22:46:16, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.2.0.2 via fe-1/2/2.0 192.168.0.4/32 *[Direct/0] 5d 21:34:22 > via lo0.0
Überprüfen der Routen auf dem Gerät Private-Peer-2
Zweck
Überprüfen Sie auf Gerät Private-Peer-2 die Routen in der Routing-Tabelle.
Was
user@Private-Peer-2> show route inet.0: 29 destinations, 29 routes (29 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Aggregate/130] 1d 02:13:28 > to 10.3.0.49 via fe-1/2/1.0 10.0.0.20/30 *[Direct/0] 1d 00:00:53 > via fe-1/2/0.0 10.0.0.22/32 *[Local/0] 4d 23:51:14 Local via fe-1/2/0.0 10.3.0.4/30 *[Direct/0] 23:59:36 > via fe-1/2/3.0 10.3.0.5/32 *[Local/0] 5d 21:34:57 Local via fe-1/2/3.0 10.3.0.48/30 *[Direct/0] 23:59:35 > via fe-1/2/1.0 10.3.0.50/32 *[Local/0] 1d 03:20:27 Local via fe-1/2/1.0 172.16.8.0/21 *[BGP/170] 00:18:39, localpref 100 AS path: 64515 64514 I, validation-state: unverified > to 10.3.0.49 via fe-1/2/1.0 172.16.16.0/21 *[BGP/170] 02:09:41, localpref 100 AS path: 64515 I, validation-state: unverified > to 10.3.0.49 via fe-1/2/1.0 172.16.24.0/25 *[Static/5] 23:14:04 Reject 172.16.24.128/25 *[Static/5] 23:14:04 Reject 172.16.25.0/26 *[Static/5] 23:14:04 Reject 172.16.25.64/26 *[Static/5] 23:14:04 Reject 172.16.32.0/21 *[BGP/170] 22:46:51, localpref 100 AS path: 64515 64510 I, validation-state: unverified > to 10.3.0.49 via fe-1/2/1.0 172.16.32.0/24 *[BGP/170] 22:46:51, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.3.0.6 via fe-1/2/3.0 172.16.33.0/24 *[BGP/170] 22:46:51, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.3.0.6 via fe-1/2/3.0 172.16.34.0/24 *[BGP/170] 22:46:51, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.3.0.6 via fe-1/2/3.0 172.16.35.0/24 *[BGP/170] 22:46:51, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.3.0.6 via fe-1/2/3.0 172.16.36.0/24 *[BGP/170] 22:46:51, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.3.0.6 via fe-1/2/3.0 172.16.37.0/24 *[BGP/170] 22:46:51, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.3.0.6 via fe-1/2/3.0 172.16.38.0/24 *[BGP/170] 22:46:51, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.3.0.6 via fe-1/2/3.0 172.16.39.0/24 *[BGP/170] 22:46:51, localpref 100 AS path: 64510 I, validation-state: unverified > to 10.3.0.6 via fe-1/2/3.0 172.16.40.0/22 *[BGP/170] 22:51:57, localpref 100 AS path: 64515 64514 64510 64511 I, validation-state: unverified > to 10.3.0.49 via fe-1/2/1.0 172.16.44.0/23 *[BGP/170] 22:46:51, localpref 100 AS path: 64515 64510 64512 I, validation-state: unverified > to 10.3.0.49 via fe-1/2/1.0 172.16.44.0/26 *[BGP/170] 23:05:32, localpref 100 AS path: 64512 I, validation-state: unverified > to 10.0.0.21 via fe-1/2/0.0 172.16.44.64/26 *[BGP/170] 23:05:32, localpref 100 AS path: 64512 I, validation-state: unverified > to 10.0.0.21 via fe-1/2/0.0 172.16.44.128/26 *[BGP/170] 23:05:32, localpref 100 AS path: 64512 I, validation-state: unverified > to 10.0.0.21 via fe-1/2/0.0 172.16.44.192/26 *[BGP/170] 23:05:32, localpref 100 AS path: 64512 I, validation-state: unverified > to 10.0.0.21 via fe-1/2/0.0 192.168.0.5/32 *[Direct/0] 5d 21:34:57 > via lo0.0