cisco路由bgp路由中的问题
cisco路由bgp路由中的问题
提问于 2019-12-31 09:19:44
我们在一个eBGP对等点上有一个出站路线图,它将一些社区添加到某些前缀中。在经典的IOS系统中,有什么方法可以证明这种情况实际上发生在发送方吗?
show ip bgp neighbor x.x.x.x advertised-routes没有向他们展示
就连debug ip bgp update out似乎也没有!
在gns3中,我可以做相同的配置,并看到它从我的假上游端工作,但我需要能够从本地的生产路由器验证。
当前配置: 15583字节
version 15.1
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec localtime show-timezone
service password-encryption
no service password-recovery
!
hostname Router1
!
boot-start-marker
boot-end-marker
!
!
no logging console
!
!
!
!
!
!
aaa session-id common
clock timezone GMT 0 0
!
no ipv6 cef
no ip source-route
no ip gratuitous-arps
ip cef
!
!
!
!
!
no ip bootp server
no ip domain lookup
ip domain name example.net
multilink bundle-name authenticated
!
!
!
!
ip ssh version 2
ip scp server enable
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
duplex full
speed 100
no mop enabled
!
interface GigabitEthernet0/0.10
encapsulation dot1Q 10
ip address 8.2.156.1 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface GigabitEthernet0/0.20
encapsulation dot1Q 20
ip address 8.2.156.98 255.255.255.192
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface GigabitEthernet0/0.70
encapsulation dot1Q 70
ip address 8.2.156.9 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface GigabitEthernet0/0.80
encapsulation dot1Q 80
ip address 8.2.156.22 255.255.255.248 secondary
ip address 8.2.156.18 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface GigabitEthernet0/0.210
encapsulation dot1Q 210
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface GigabitEthernet0/0.301
encapsulation dot1Q 301
ip address 8.2.157.129 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface GigabitEthernet0/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1400
ip tcp adjust-mss 1360
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1/0
ip address 77.5.34.106 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip tcp adjust-mss 1300
duplex full
speed 100
media-type sfp
no cdp enable
no mop enabled
!
interface GigabitEthernet0/1/0
ip address 77.5.34.106 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip tcp adjust-mss 1300
duplex full
speed 100
media-type sfp
no cdp enable
no mop enabled
!
router bgp 64729
bgp log-neighbor-changes
network 8.2.156.0 mask 255.255.252.0
neighbor 77.5.34.105 remote-as 64613
neighbor 77.5.34.105 filter-list 150 out
!
ip forward-protocol nd
!
ip as-path access-list 150 permit ^$
no ip http server
ip http access-class 80
ip http authentication aaa
ip http secure-server
ip http secure-port 8443
!
ip route 0.0.0.0 0.0.0.0 77.5.34.105
ip route 8.2.156.0 255.255.252.0 8.2.156.6
ip tacacs source-interface GigabitEthernet0/0.20
!
access-list 8 permit 8.2.157.9
access-list 8 permit 8.2.157.10
access-list 8 permit 25.146.194.24
access-list 8 permit 8.2.157.128 0.0.0.15
access-list 8 deny any log
access-list 80 permit 8.2.157.9
access-list 80 permit 8.2.157.10
access-list 80 permit 8.2.157.25
access-list 80 permit 8.2.156.130
access-list 80 permit 25.144.90.13
access-list 80 permit 25.144.90.12
access-list 80 permit 25.144.90.51
access-list 80 permit 25.144.90.50
access-list 80 permit 25.144.85.32 0.0.0.31
access-list 80 permit 25.144.101.32 0.0.0.31
access-list 80 permit 25.144.92.32 0.0.0.31
access-list 80 permit 25.149.202.128 0.0.0.127
access-list 80 permit 25.144.108.32 0.0.0.31
access-list 80 permit 25.149.181.128 0.0.0.127
access-list 80 deny any log
access-list 110 permit tcp host 8.2.157.9 any eq 22
access-list 110 permit tcp host 8.2.157.10 any eq 22
access-list 110 permit tcp host 8.2.157.25 any eq 22
access-list 110 permit tcp host 8.2.156.130 any eq 22
access-list 110 permit tcp 8.2.157.128 0.0.0.15 any eq 22
access-list 110 permit tcp host 25.146.194.24 any eq 22
access-list 110 permit tcp 25.144.85.32 0.0.0.31 any eq 22
access-list 110 permit tcp 25.144.101.32 0.0.0.31 any eq 22
access-list 110 permit tcp 25.144.92.32 0.0.0.31 any eq 22
access-list 110 permit tcp 25.149.202.128 0.0.0.127 any eq 22
access-list 110 permit tcp 25.144.108.32 0.0.0.31 any eq 22
access-list 110 permit tcp 25.149.181.128 0.0.0.127 any eq 22
access-list 110 permit tcp host 25.144.90.12 any eq 22
access-list 110 permit tcp host 25.144.90.13 any eq 22
access-list 110 permit tcp host 25.144.90.50 any eq 22
access-list 110 permit tcp host 25.144.90.51 any eq 22
access-list 110 deny ip any any log回答 1
Network Engineering用户
发布于 2020-01-24 14:29:59
您的配置没有添加任何社区,您必须使用路线图才能做到这一点。例如:
!
neighbor GRIF-iBGP-IPv4 route-map SET-iBGP-COMM out
!
route-map SET-iBGP-COMM permit 10
set community 64496:2150 additive
!这是一个对等组,但它很容易适应单个邻居。
页面原文内容由Network Engineering提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://networkengineering.stackexchange.com/questions/64282
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号