BGP

سناریوی زیر را در نظر بگیرید . این سناریو شامل 6 AS است AS1 , AS10 , AS20 , AS30 , AS40 , AS65001 . قصد داریم این سناریو را با BGP تنظیم کنیم . فرض کنید قصد داریم نقش ها و سیاست های زیر را در روتر ها پیاده سازی کنیم :

AS10 :

در این AS روتر های n3 , n4 به عنوان Route Relfector استفاده می شوند و با IBGP با هم در ارتباط هستند و برای دیگر روتر ها به عنوان Route Server استفاده می شوند . سیاستهای این AS :

1. ترافیکی که از AS30 به مقصد AS10 دریافت می شود باید از n2 انتقال یابد . بدین منظور روتر های n1 , n2 باید پارامتر MED را تغییر دهند .

2. remote peer ها می توانند Local Preference را تغییر دهند .

AS20 :

در n13 پروتکل BGP اجرا نیست . سیاستهای این AS :

1. این AS یک transit AS نیست . بنابراین از یک filter list برای جلوگیری از توزیع Route های بدست آمده استفاده می شود . تا Route ها به روتر های دیگر ارسال نشود .

2. ترافیک خروجی از این AS به سمت AS30 باید از AS40 انتقال یابند نه از طریق AS10 . در نتیجه n11 , n12 پارامتر Local Preference را (که به عنوان یک سیاست در سمت ورودی است) تغییر می دهند .

AS30 :

روتر n9 به عنوان Default Route برای AS65001 استفاده می شود . همچنین با تجمیع کردن prefix ها و حذف AS65001 از AS_PATH قبل از توزیع به دیگر روتر ها باعث خلاصه سازی Route ها شده و Route های AS65001 را به عنوان Route های خود و شبکه ها ی خود به دیگر روتر ها تبلیغ و توزیع می کند. سیاست های این AS :

1. ترافیک ورودی به این AS باید از AS10 بیاید و نه از AS40 . بدین منظور روتر n9 چند بار AS خود را به AS-PATH اضافه می کند .

AS40 :

1. ترافیک خروجی به مقصد AS20 باید به n11 ارسال شود .

2. روتر n10 از community به عنوان یک سیاست خروجی برای تاثیر گذاری روی ترافیک ورودی که از AS10 به AS30 می رود تا پس از آن به AS40 برسد ، استفاده می کند .

AS65001 :

یک AS خصوصی است که فقط به AS30 متصل است . ویژگی no-export community را تنظیم می کند و AS30 این Route را به دیگران ارسال نمی کند . AS65001 فقط یک default route از AS30 قبول می کند .

AS1 :

این AS یک Network Area Point است و ما را به اینترنت وصل می کند . prefix های تجمیع شده و دیگر prefix ها را تبلیغ می کند .

با توجه به توضیحات بالا حال به تنظیم سناریو می پردازیم :

AS10

n1 تنظیمات

frr version 7.2-0.1
frr defaults traditional
hostname n1
log file
interface loopback 0
no ip forwarding
no ipv6 forwarding
!
ip prefix-list PLIST-AS10 seq 5 permit 172.10.0.0/22 le 32
!
interface loopback0
 ip address 10.10.0.1/32
!
interface ge0
 ip address 10.10.13.1/24
!
interface ge1
 ip address 192.168.19.1/24
!
interface ge2
 ip address 10.10.17.1/24
!
router eigrp 10
 network 10.10.0.0/16
!
router bgp 10
 bgp log-neighbor-changes
 neighbor 10.10.0.3 remote-as 10
 neighbor 10.10.0.3 update-source loopback0
 neighbor 10.10.0.4 remote-as 10
 neighbor 10.10.0.4 update-source loopback0
 neighbor 192.168.19.9 remote-as 30
 neighbor 192.168.19.9 password as3010
 neighbor 192.168.19.9 ttl-security hops 1
 !
 address-family ipv4 unicast
  neighbor 10.10.0.3 next-hop-self
  neighbor 10.10.0.4 next-hop-self
  neighbor 192.168.19.9 route-map RMAP-SET_LOC_PREF in
  neighbor 192.168.19.9 route-map RMAP-SET_MED out
 exit-address-family
!
bgp community-list standard CLIST-10:110 permit 10:110
bgp community-list standard CLIST-10:90 permit 10:90
!
route-map RMAP-SET_LOC_PREF permit 10
 match community CLIST-10:110
 set local-preference 110
!
route-map RMAP-SET_LOC_PREF permit 20
 match community CLIST-10:90
 set local-preference 90
!
route-map RMAP-SET_LOC_PREF permit 30
!
route-map RMAP-SET_MED permit 10
 match ip address prefix-list PLIST-AS10
 set metric 1000
!
route-map RMAP-SET_MED permit 20
!
line vty
!

n2 تنظیمات

frr version 7.2-0.1
frr defaults traditional
hostname n2
log file
debug zebra event
debug if event
debug ospf event
debug vxlan event 
debug vlan event
debug isis events
debug mpls ldp event
debug ipsec event
debug vrf event
debug rip events
debug qos event
debug nat44 event
interface loopback 0
no ip forwarding
no ipv6 forwarding
!
ip prefix-list PLIST-AS10 seq 5 permit 172.10.0.0/22 le 32
!
interface loopback0
 ip address 10.10.0.2/32
!
interface ge0
 ip address 10.10.24.2/24
!
interface ge1
 ip address 192.168.29.2/24
!
interface ge2
 ip address 192.168.210.2/24
!
interface ge3
 ip address 10.10.27.2/24
!
router eigrp 10
 network 10.10.0.0/16
!
router bgp 10
 bgp log-neighbor-changes
 neighbor 10.10.0.3 remote-as 10
 neighbor 10.10.0.3 update-source loopback0
 neighbor 10.10.0.4 remote-as 10
 neighbor 10.10.0.4 update-source loopback0
 neighbor 192.168.29.9 remote-as 30
 neighbor 192.168.29.9 password as1030
 neighbor 192.168.29.9 ttl-security hops 1
 neighbor 192.168.210.10 remote-as 40
 neighbor 192.168.210.10 password as1040
 neighbor 192.168.210.10 ttl-security hops 1
 !
 address-family ipv4 unicast
  neighbor 10.10.0.3 next-hop-self
  neighbor 10.10.0.4 next-hop-self
  neighbor 192.168.29.9 route-map RMAP-SET_LOC_PREF in
  neighbor 192.168.29.9 route-map RMAP-SET_MED out
  neighbor 192.168.210.10 route-map RMAP-SET_LOC_PREF in
 exit-address-family
!
bgp community-list standard CLIST-10:110 permit 10:110
bgp community-list standard CLIST-10:90 permit 10:90
!
route-map RMAP-SET_LOC_PREF permit 10
 match community CLIST-10:110
 set local-preference 110
!
route-map RMAP-SET_LOC_PREF permit 20
 match community CLIST-10:90
 set local-preference 90
!
route-map RMAP-SET_LOC_PREF permit 30
!
route-map RMAP-SET_MED permit 10
 match ip address prefix-list PLIST-AS10
 set metric 500
!
route-map RMAP-SET_MED permit 20
!
line vty
!

n3 تنظیمات

frr version 7.2-0.1
frr defaults traditional
hostname n3
interface loopback 0
no ip forwarding
no ipv6 forwarding
!
interface loopback0
 ip address 10.10.0.3/32
!
interface ge0
 ip address 10.10.13.3/24
!
interface ge1
 ip address 10.10.35.3/24
!
interface ge2
 ip address 10.10.34.3/24
!
interface ge3
 ip address 172.10.0.1/24
!
interface ge4
 ip address 172.10.1.1/24
!
router eigrp 10
 network 10.10.0.0/16
 network 172.10.0.0/16
!
router bgp 10
 bgp log-neighbor-changes
 bgp cluster-id 10.10.0.0
 network 172.10.0.0/24
 network 172.10.1.0/24
 neighbor PGROUP-INTERNAL peer-group
 neighbor PGROUP-INTERNAL remote-as 10
 neighbor PGROUP-INTERNAL update-source loopback0
 neighbor 10.10.0.1 peer-group PGROUP-INTERNAL
 neighbor 10.10.0.2 peer-group PGROUP-INTERNAL
 neighbor 10.10.0.5 peer-group PGROUP-INTERNAL
 neighbor 10.10.0.6 peer-group PGROUP-INTERNAL
 neighbor 10.10.0.7 peer-group PGROUP-INTERNAL
 neighbor 10.10.0.4 remote-as 10
 neighbor 10.10.0.4 update-source loopback0
 !
 address-family ipv4 unicast
  neighbor PGROUP-INTERNAL route-reflector-client
 exit-address-family
!
line vty
!

n4 تنظیمات

frr version 7.2-0.1
frr defaults traditional
hostname n4
interface loopback 0
no ip forwarding
no ipv6 forwarding
!
interface loopback0
 ip address 10.10.0.4/32
!
interface ge3
 ip address 172.10.2.1/24
!
interface ge4
 ip address 172.10.3.1/24
!
interface ge0
 ip address 10.10.24.4/24
!
interface ge1
 ip address 10.10.46.4/24
!
interface ge2
 ip address 10.10.34.4/24
!
router eigrp 10
 network 10.10.0.0/16
 network 172.10.0.0/16
!
router bgp 10
 bgp log-neighbor-changes
 bgp cluster-id 10.10.0.0
 network 172.10.2.0/24
 network 172.10.3.0/24
 neighbor PGROUP-INTERNAL peer-group
 neighbor PGROUP-INTERNAL remote-as 10
 neighbor PGROUP-INTERNAL update-source loopback0
 neighbor 10.10.0.1 peer-group PGROUP-INTERNAL
 neighbor 10.10.0.2 peer-group PGROUP-INTERNAL
 neighbor 10.10.0.5 peer-group PGROUP-INTERNAL
 neighbor 10.10.0.6 peer-group PGROUP-INTERNAL
 neighbor 10.10.0.7 peer-group PGROUP-INTERNAL
 neighbor 10.10.0.3 remote-as 10
 neighbor 10.10.0.3 update-source loopback0
 !
 address-family ipv4 unicast
  neighbor PGROUP-INTERNAL route-reflector-client
 exit-address-family
!
line vty

n5 تنظیمات

frr version 7.2-0.1
frr defaults traditional
hostname n5
interface loopback 0
no ip forwarding
no ipv6 forwarding
!
interface loopback0
 ip address 10.10.0.5/32
!
interface ge0
 ip address 10.10.35.5/24
!
interface ge1
 ip address 192.168.115.5/24
!
interface ge2
 ip address 10.10.57.5/24
!
router eigrp 10
 network 10.10.0.0/16
!
router bgp 10
 bgp log-neighbor-changes
 neighbor 10.10.0.3 remote-as 10
 neighbor 10.10.0.3 update-source loopback0
 neighbor 10.10.0.4 remote-as 10
 neighbor 10.10.0.4 update-source loopback0
 neighbor 192.168.115.11 remote-as 20
 neighbor 192.168.115.11 password as1030
 neighbor 192.168.115.11 ttl-security hops 1
 !
 address-family ipv4 unicast
  neighbor 10.10.0.3 next-hop-self
  neighbor 10.10.0.4 next-hop-self
  neighbor 192.168.115.11 route-map RMAP-SET_LOC_PREF in
 exit-address-family
!
bgp community-list standard CLIST-10:110 permit 10:110
bgp community-list standard CLIST-10:90 permit 10:90
!
route-map RMAP-SET_LOC_PREF permit 10
 match community CLIST-10:90
 set local-preference 90
!
route-map RMAP-SET_LOC_PREF permit 20
 match community CLIST-10:110
 set local-preference 110
!
route-map RMAP-SET_LOC_PREF permit 30
!
line vty
!

n6 تنظیمات

frr version 7.2-0.1
frr defaults traditional
hostname n6
interface loopback 0
no ip forwarding
no ipv6 forwarding
!
interface loopback0
 ip address 10.10.0.6/32
!
interface ge0
 ip address 10.10.46.6/24
!
interface ge1
 ip address 192.168.126.6/24
!
interface ge2
 ip address 10.10.67.6/24
!
router eigrp 10
 network 10.10.0.0/16
!
router bgp 10
 bgp log-neighbor-changes
 neighbor 10.10.0.3 remote-as 10
 neighbor 10.10.0.3 update-source loopback0
 neighbor 10.10.0.4 remote-as 10
 neighbor 10.10.0.4 update-source loopback0
 neighbor 192.168.126.12 remote-as 20
 neighbor 192.168.126.12 password as1020
 neighbor 192.168.126.12 ttl-security hops 1
 !
 address-family ipv4 unicast
  neighbor 10.10.0.3 next-hop-self
  neighbor 10.10.0.4 next-hop-self
  neighbor 192.168.126.12 route-map RMAP-SET_LOC_PREF in
 exit-address-family
!
bgp community-list standard CLIST-10:110 permit 10:110
bgp community-list standard CLIST-10:90 permit 10:90
!
route-map RMAP-SET_LOC_PREF permit 10
 match community CLIST-10:90
 set local-preference 90
!
route-map RMAP-SET_LOC_PREF permit 20
 match community CLIST-10:110
 set local-preference 110
!
route-map RMAP-SET_LOC_PREF permit 30
!
line vty
!

n7 تنظیمات

frr version 7.2-0.1
frr defaults traditional
interface loopback 0
no ip forwarding
no ipv6 forwarding
hostname n7
!
interface loopback0
 ip address 10.10.0.7/32
!
interface ge0
 ip address 192.168.78.7/24
!
interface ge1
 ip address 10.10.17.7/24
!
interface ge2
 ip address 10.10.27.7/24
!
interface ge3
 ip address 10.10.57.7/24
!
interface ge4
 ip address 10.10.67.7/24
!
router eigrp 10
 network 10.10.0.0/16
!
router bgp 10
 neighbor 10.10.0.3 remote-as 10
 neighbor 10.10.0.3 update-source loopback0
 neighbor 10.10.0.4 remote-as 10
 neighbor 10.10.0.4 update-source loopback0
 neighbor 192.168.78.8 remote-as 1
 neighbor 192.168.78.8 ttl-security hops 1
 !
 address-family ipv4 unicast
  neighbor 10.10.0.3 next-hop-self
  neighbor 10.10.0.4 next-hop-self
 exit-address-family
!
line vty
!

AS20

n11 تنظیمات

Building configuration...

Current configuration:
!
hostname n11
system update server-url https://update.soodar.ir
system update update-poll-interval 10
system update inventory-poll-interval 15
no ip forwarding
no ipv6 forwarding
enable password s
!
ip prefix-list PLIST-AS30 seq 5 permit 172.30.0.0/22 le 32





interface loopback0
 no shutdown
 ip address 10.20.0.11/32
!
interface ge0
 no shutdown
 ip address 10.20.112.11/24
!
interface ge1
 no shutdown
 ip address 192.168.115.11/24
!
interface ge2
 no shutdown
 ip address 192.168.111.11/24
!
interface ge3
 no shutdown
 ip address 10.20.113.11/24
!
router eigrp 20
 network 10.20.0.0/16
!
router bgp 20
 bgp log-neighbor-changes
 neighbor 10.20.0.12 remote-as 20
 neighbor 10.20.0.12 update-source loopback0
 neighbor 192.168.111.10 remote-as 40
 neighbor 192.168.115.5 remote-as 10
 neighbor 192.168.115.5 password as1020
 neighbor 192.168.115.5 ttl-security hops 1
 !
 address-family ipv4 unicast
  network 172.20.0.0/24
  network 172.20.1.0/24
  network 172.20.2.0/24
  network 172.20.3.0/24
  neighbor 10.20.0.12 next-hop-self
  neighbor 192.168.111.10 route-map RMAP-SET_LOC_PREF_HIGH in
  neighbor 192.168.111.10 filter-list 1 out
  neighbor 192.168.115.5 route-map RMAP-SET_LOC_PREF_LOW in
  neighbor 192.168.115.5 filter-list 1 out
 exit-address-family
!
bgp as-path access-list 1 permit ^$
!
route-map RMAP-SET_LOC_PREF_HIGH permit 10
 match ip address prefix-list PLIST-AS30
 set local-preference 150
!
route-map RMAP-SET_LOC_PREF_HIGH permit 20
!
route-map RMAP-SET_LOC_PREF_LOW permit 10
 match ip address prefix-list PLIST-AS30
 set local-preference 50
!
route-map RMAP-SET_LOC_PREF_LOW permit 20
!
end

n12 تنظیمات

Building configuration...

Current configuration:
!
hostname n12
system update server-url https://update.soodar.ir
system update update-poll-interval 10
system update inventory-poll-interval 15
no ip forwarding
no ipv6 forwarding
enable password s
!
ip prefix-list PLIST-AS30 seq 5 permit 172.30.0.0/22 le 32





interface loopback0
 no shutdown
 ip address 10.20.0.12/32
!
interface ge0
 no shutdown
 ip address 10.20.112.12/24
!
interface ge1
 no shutdown
 ip address 192.168.126.12/24
!
interface ge2
 no shutdown
 ip address 192.168.112.12/24
!
interface ge3
 no shutdown
 ip address 10.20.123.12/24
!
router eigrp 20
 network 10.20.0.0/16
!
router bgp 20
 bgp log-neighbor-changes
 neighbor 10.20.0.11 remote-as 20
 neighbor 10.20.0.11 update-source loopback0
 neighbor 192.168.112.10 remote-as 40
 neighbor 192.168.126.6 remote-as 10
 neighbor 192.168.126.6 password as1020
 neighbor 192.168.126.6 ttl-security hops 1
 !
 address-family ipv4 unicast
  network 172.20.0.0/24
  network 172.20.1.0/24
  network 172.20.2.0/24
  network 172.20.3.0/24
  neighbor 10.20.0.11 next-hop-self
  neighbor 192.168.112.10 route-map RMAP-SET_LOC_PREF_HIGH in
  neighbor 192.168.112.10 filter-list 1 out
  neighbor 192.168.126.6 route-map RMAP-SET_LOC_PREF_LOW in
  neighbor 192.168.126.6 filter-list 1 out
 exit-address-family
!
bgp as-path access-list 1 permit ^$
!
route-map RMAP-SET_LOC_PREF_HIGH permit 10
 match ip address prefix-list PLIST-AS30
 set local-preference 150
!
route-map RMAP-SET_LOC_PREF_HIGH permit 20
!
route-map RMAP-SET_LOC_PREF_LOW permit 10
 match ip address prefix-list PLIST-AS30
 set local-preference 50
!
route-map RMAP-SET_LOC_PREF_LOW permit 20
!
end

n13 تنظیمات

system update server-url https://update.soodar.ir
system update update-poll-interval 10
system update inventory-poll-interval 15
no ip forwarding
no ipv6 forwarding
enable password s
!
ip route 0.0.0.0/0 10.20.113.11
ip route 0.0.0.0/0 10.20.123.12
!
interface loopback0
 no shutdown
 ip address 10.20.0.13/32
!
interface loopback1
!
interface loopback2
!
interface loopback3
!
interface loopback4
!
interface ge0
 no shutdown
 ip address 10.20.113.13/24
!
interface ge1
 no shutdown
 ip address 10.20.123.13/24
!
interface ge2
 no shutdown
 ip address 172.20.0.1/24
!
interface ge3
 no shutdown
 ip address 172.20.1.1/24
!
interface ge4
 no shutdown
 ip address 172.20.2.1/24
!
interface ge5
 no shutdown
 ip address 172.20.3.1/24
!
router eigrp 20
 network 10.20.0.0/16
 network 172.20.0.0/16
!
end

AS30

n9 تنظیمات

Building configuration...

Current configuration:
!
hostname n9
system update server-url https://update.soodar.ir
system update update-poll-interval 10
system update inventory-poll-interval 15
no ip forwarding
no ipv6 forwarding
enable password s
!
ip prefix-list PLIST-AS30 seq 5 permit 172.30.0.0/22 le 32
!
interface loopback0
 no shutdown
 ip address 10.30.0.9/32
!
interface loopback1
!
interface loopback2
!
interface loopback3
!
interface ge0
 no shutdown
 ip address 192.168.19.9/24
!
interface ge1
 no shutdown
 ip address 192.168.29.9/24
!
interface ge2
 no shutdown
 ip address 192.168.109.9/24
!
interface ge3
 no shutdown
 ip address 192.168.149.9/24
!
interface ge4
 no shutdown
 ip address 172.30.0.1/24
!
interface ge5
 no shutdown
 ip address 172.30.1.1/24
!
interface ge6
 no shutdown
 ip address 172.30.2.1/24
!
router bgp 30
 bgp log-neighbor-changes
 neighbor 192.168.19.1 remote-as 10
 neighbor 192.168.19.1 password as3010
 neighbor 192.168.19.1 ttl-security hops 1
 neighbor 192.168.29.2 remote-as 10
 neighbor 192.168.29.2 password as1030
 neighbor 192.168.29.2 ttl-security hops 1
 neighbor 192.168.109.10 remote-as 40
 neighbor 192.168.109.10 password as4030
 neighbor 192.168.149.14 remote-as 65001
 neighbor 192.168.149.14 ttl-security hops 1
 !
 address-family ipv4 unicast
  network 172.30.0.0/24
  network 172.30.1.0/24
  network 172.30.2.0/24
  aggregate-address 172.30.0.0/22 summary-only
  neighbor 192.168.19.1 remove-private-AS
  neighbor 192.168.29.2 remove-private-AS
  neighbor 192.168.109.10 remove-private-AS
  neighbor 192.168.109.10 route-map RMAP-SET_PREPEND out
  neighbor 192.168.149.14 default-originate
 exit-address-family
!
route-map RMAP-SET_PREPEND permit 10
 match ip address prefix-list PLIST-AS30
 set as-path prepend 30 30 30 30 30
!
route-map RMAP-SET_PREPEND permit 20
!
end

AS40

n10 تنظیمات

Building configuration...

Current configuration:
!
hostname n10
system update server-url https://update.soodar.ir
system update update-poll-interval 10
system update inventory-poll-interval 15
no ip forwarding
no ipv6 forwarding
enable password s
!
ip prefix-list PLIST-AS20 seq 5 permit 172.20.0.0/22 le 32
ip prefix-list PLIST-AS40 seq 5 permit 172.40.0.0/22 le 32
!
interface loopback0
 no shutdown
 ip address 10.40.0.10/32
!
interface loopback1
!
interface loopback2
!
interface loopback3
!
interface loopback4
!
interface ge0
 no shutdown
 ip address 192.168.111.10/24
!
interface ge1
 no shutdown
 ip address 192.168.112.10/24
!
interface ge2
 no shutdown
 ip address 192.168.109.10/24
!
interface ge3
 no shutdown
 ip address 192.168.210.10/24
!
interface ge4
 no shutdown
 ip address 172.40.0.1/24
!
interface ge5
 no shutdown
 ip address 172.40.1.1/24
!
interface ge6
 no shutdown
 ip address 172.40.2.1/24
!
interface ge7
 no shutdown
 ip address 172.40.3.1/24
!
router bgp 40
 bgp log-neighbor-changes
 neighbor 192.168.109.9 remote-as 30
 neighbor 192.168.109.9 password as4030
 neighbor 192.168.111.11 remote-as 20
 neighbor 192.168.112.12 remote-as 20
 neighbor 192.168.210.2 remote-as 10
 neighbor 192.168.210.2 password as1040
 neighbor 192.168.210.2 ttl-security hops 1
 !
 address-family ipv4 unicast
  network 172.40.0.0/24
  network 172.40.1.0/24
  network 172.40.2.0/24
  network 172.40.3.0/24
  neighbor 192.168.109.9 route-map RMAP-SET_COMMUN out
  neighbor 192.168.111.11 route-map RMAP-SET_WEIGHT_HIGH in
  neighbor 192.168.112.12 route-map RMAP-SET_WEIGHT_LOW in
 exit-address-family
!
route-map RMAP-SET_COMMUN permit 10
 match ip address prefix-list PLIST-AS40
 set community 10:110 additive
!
route-map RMAP-SET_COMMUN permit 20
!
route-map RMAP-SET_WEIGHT_HIGH permit 10
 match ip address prefix-list PLIST-AS20
 set weight 2048
!
route-map RMAP-SET_WEIGHT_HIGH permit 20
!
route-map RMAP-SET_WEIGHT_LOW permit 10
 match ip address prefix-list PLIST-AS20
 set weight 1024
!
route-map RMAP-SET_WEIGHT_LOW permit 20
!
end

AS65001

n14 تنظیمات

Building configuration...

Current configuration:
!
hostname n14
system update server-url https://update.soodar.ir
system update update-poll-interval 10
system update inventory-poll-interval 15
no ip forwarding
no ipv6 forwarding
enable password s




!
interface loopback0
 no shutdown
 ip address 10.65.0.14/32
!
interface loopback1
!
interface loopback2
!
interface ge0
 no shutdown
 ip address 192.168.149.14/24
!
interface ge1
 no shutdown
 ip address 172.30.3.1/24
!
interface ge2
 no shutdown
 ip address 172.65.0.1/24
!
router bgp 65001
 bgp log-neighbor-changes
 neighbor 192.168.149.9 remote-as 30
 neighbor 192.168.149.9 ttl-security hops 1
 !
 address-family ipv4 unicast
  network 172.30.3.0/24
  network 172.65.0.0/24
  neighbor 192.168.149.9 distribute-list ACL-DEFAULT_ROUTE in
  neighbor 192.168.149.9 route-map RMAP-NO_EXPORT out
 exit-address-family
!
route-map RMAP-NO_EXPORT permit 10
 match ip address ACL-NO_EXPORT
 set community no-export
!
route-map RMAP-NO_EXPORT permit 20
!
end

AS1

n8 تنظیمات

Building configuration...

Current configuration:
!
hostname n8
system update server-url https://update.soodar.ir
system update update-poll-interval 10
system update inventory-poll-interval 15
no ip forwarding
no ipv6 forwarding
enable password s

!
interface ge0
 no shutdown
 ip address 192.168.78.8/24
!
interface ge1
 no shutdown
 ip address 172.1.0.1/24
!
interface ge2
 no shutdown
 ip address 172.1.1.1/24
!
interface ge3
 no shutdown
 ip address 172.1.2.1/24
!
interface ge4
 no shutdown
 ip address 172.1.3.1/24
!
router bgp 1
 neighbor 192.168.78.7 remote-as 10
 neighbor 192.168.78.7 ttl-security hops 1
 !
 address-family ipv4 unicast
  network 172.1.0.0/24
  network 172.1.1.0/24
  network 172.1.2.0/24
  network 172.1.3.0/24
  aggregate-address 172.1.0.0/16
 exit-address-family
!
end