Bi Vit BGP

Tc gi: L Vn Cng
I Autonomous Systems

1. Tng Quan v Autonomous System

- Autonomous system (as) : Mt AS l mt nhm
cc router cng chia s mt chnh sch v hot ng
trong cng mt min nht inh(domain)
- Mi AS c mt s nhn din v c cung cp bi
mt nh cung cp AS (internet registry) hoc nh cung
cp dch v s ny t 1 -> 65,535. Khong t 64,512
cho n 65,535 c dnh cho cc AS Private s
dng.
2. AS c mt kt ni duy nht ra AS
khc(SingleHomed AS)
- Nu mt AS c duy nht mt kt ni ra mng bn
ngoi, th n c xem l kt ni n (single).

3. AS c nhiu kt ni ra mng bn ngoi(Multihomed

AS MA)
- Mt AS l mt MA khi n c nhiu hn mt kt ni ra
mng bn ngoi. Mt MA khi n c kt ni n internet
c th n mt hay nhiu nh cung cp.
-AS ny c th l Transit hoc Non-Transit AS
> Transit : AS ny s chuyn tip thng tin t nh
cung cp ny sang nh cung cp khc H1

> Non-Transit: AS ny khng

chuyn tip thng tin gia hai nh cung cp khc nhau
H2

4. Khi no khng nn s dng BGP trong mt AS

Khi ch c duy nht mt kt ni n
internet hay n mt AS khc
Khi chnh sch v nh tuyn cc
Route khng cn thit trong mt AS
Router BGP khng RAM hay kh
nng x l qun l cc cp nht
Nh qun tr t am hiu v lc(filter)
cc tuyn(route) v qu trnh la chn ng dn

(path)
Bng thng thp gia cc AS

Hot ng c bn cua BGP

Cp nht bng nh tuyn
Chc nng ca BGP l trao i thng tin nh tuyn
gia cc AS v m bo la chn tuyn thng
sut(loop free path LFP)
BGP cp nht s dng TCP cng 179. TCP l mt kt
ni m phi c s tho thun trc khi cp nht c
chuyn i i, do BGP tha k tnh tin cy, kt ni
c nh hng ca TCP.
m bo la chn tuyn khng loop(LFP ) th , BGP
xy dng mt biu ca cc AS da trn thng tin
trao i gia cc BGP lng ging. BGP xem ton b
mng nh l mt biu hay mt cy. Kt ni gia
bt k hai AS no cng c nh ngha l ng Path.

H1

BGP lng ging

khi hai BGP router thit lp mt kt ni TCP, c gi
l lng ging (neighbor) hay ngang hng (peer), mi
router chy BGP c gi l BGP speaker. Peer router
trao i thng tin bng nhiu bn tin m v xc
nhn cc thng s kt ni, nh version ca BGP dang
c s dng, nu c bt k s khng ng no gia
cc peer th, thng tin cnh bo (notification) c gi

ra gia cc peer.
Khi quan h lng ging c thit lp, th chng s
trao i cc thng tin v BGP route. Sau khi vic trao
i thng tin c khi tao xong, th cc cp nht
thnh phn(incemental update) c gi i khi c
thng tin thay i trong mng ch khng truyn ton
b bng nh tuyn.
Peer truyn cc destinations m n c th thy c
bng cc thng tin cp nht cho cc Peer ca n.
Thng tin v kh nng n cc destination c trao
i, chng hn khi mt route tr nn khng n c
th BGP s cnh bo cho lng ging ca n v thng
tin ny bng thu hi(withdrawing) cc route sai v
thay i bng nh tuyn mi. H2

Nu khng c thng tin nh tuyn no c trao i

vi cc peer, th BGP speaker s truyn mt cch c
chu k cc bn tin keepalive cho nhau duy tr kt
ni. Gi Keepalive(19 byte) c gi i trong vng 60
giy theo mc inh v ta c the thay i n c.

Cc loi bn tin ca BGP

Cc loi bn tin khc nhau thc hin mt chc nng
trong hot ng ca BGP. Mi bn tin mang mt thng
tin tiu .Thng tin trong tiu ch gm 3 trng:
16 byte Maker, 2 byte Length, v 1 byte Type.
Trng Maker c s dng hoc xc
thc(authentication) hoc kim tra ng b gia
cc peer.
Trng Length : ch ra chiu di tng cng ca bn tin,
gm c phn tiu . bn tin nh nht ca BGP l 19
bytes = 16 + 2 + 1 , v chiu di ti a l 4096 bytes.
Trng Type c th c 4 gi tr t 1 -> 4. Mi ga tr
ny tng ng -vi mt trong 4 loi bn tin
Cc loi bn tin:
Open message : bn tin ny c s dng thit lp
kt ni vi cc peer, v gm c c trng cho version,
ch s AS, hold time, v ID ca router.
Keepalive message: bn tin ny c truyn i mt
cch c chu k gia cc peers duy tr kt ni v
kim tra tuyn. Nu khong thi gian truyn keepalive
c cu hnh vi gi tr l 0, th s khng c thng tin
keepalive c truyn di. Holdtime = 3xkeepaive. bn
tin keep alive gm 19 byte tiu v khng c thng
tin d liu c truyn i trong bn tin ny.
Notification message : bn tin ny c s dng ch
th cho router nhn bit c l c li. Bn tin ny
gm mt trng cho m li c s dng cho vic
khc phc v sa li.
Update message: thng tin cp nht ny gm tt c
cc thng tin s dung xy dng mt s LFP ca
ton mng. C cc thng tin thnh phn c b trong
Update message d l: NLRI, thuc tn ca Path, v
thu hi route(withdraw route)
Tho thun gia cc peer
Qu trnh tho thun gia cc peer c thc hin qua

nhiu trng thi: c 6 trng thi ca BGP :

Idle: idle l trng thi u tin ca mt kt ni BGP.
BGP ch s kin bt u, n thng l khi to bi
nh qun tr hoc l cc s kin (event) trong mng.
Ti s kin khi to, to cc thng tin cn thit v
reset li cc timer : holdtime Idle c th c chuyn
v t mt trng thi khc trong trng hp c li.
Connect: trong trng thi connect : BGP ch cho kt
ni TCP c hon thnh. Nu kt ni TCP thnh cng,
th trng thi ny c chuyn tip sang trng thi
OpenSent. Nu kt ni TCP li th trng thi ny
chuyn sang trng thi Acitve,v router c gng
thit lp kt ni li. Nu mt kt ni m retry timer
ht hn(expire) th trng thi c duy tr trangk
thi Connect,th timer c reset, v kt ni TCP c
khi to li. Trong trng hp s kin c khi to
bi nh qun tr th trng thi chuyn v idle.
Active: trong trng thi Active th BGP c gng yu
cu mt peer khi to kt ni TCP. Nu thnh cng, n
chuyn sang trng thi OpenSent. Nu thi gian kt
ni retry timer ht han, th BGP s chuyn v trng
thi Connect li. Trong khi active, th BGP vn lng
nghe mt kt ni khc c khi to t peer. Trng
thi c th chuyn v Idle trong trng hp c cc s
kin khc, nh kt thc s kin bi h thng hay nh
qun tr.
OpenSent : trong trng thi ny, BGP ch mt bn tin
open t peer ca n. bn tin open c kim tra tnh
ng n. Trong trng hp c xy ra li, nh: version
khng thch hp hay AS khng chp nhn, th h thng
truyn bn tin ch bo v reset keepalive timer. Ti
trng thi ny th hold time c tho thun v
khong thi gian no nh hn s c chn. Nu thi
gian hold time c tho thun l 0 th hold timer v
keepalive timer s khng c khi tao.
OpenConfirm: Trong trng thi ny, BGP ch bn tin
keepalive hay bn tin ch th cnh bo. Nu mt bn
tin keepalive c nhn, th trng thi ny chuyn
sang trng thi Established, v lng ging tho thun
hon thnh. Nu h thng nhn mt bn tin cp nht
hay keepalive, th n reset holdtime, v trng thi
chuyn v idle. H thng truyn mt cch c chu k
cc bn tin keepalive cho peer theo tc c ci t
theo keepalive timer. Trong trng hp bt k mmt
s ngng kt ni TCP hay chm dt s kin, c to
ra bi nh qun tr th trng thi s chuyn v trng

tha idl.
Established: ay l trng thi sau cng ca s tho
thun ca cc peer. BGP bt u trao i cc gi cp
nht vi cc peers ca n. Nu khng phi l 0 th hold
time s c reset li khi n nhn c thng tin cp
nht hay bn tin keepalive. Mi gi cp nht u c
kim tra li, nh trng hp li hay trng lp cc
thuc tnh. Nu c li c pht hin th mt bn tin
cnh bo (notification) c gi i cho Peer. Bt k
bn tin cnh bo no c nhn trong khi trng thi
Established lm cho BGP xo Peer dang nhn v tr
v trng thi Idle. Nu Hold time ht hn, hay mt bn
tin ch th ct kt ni nhn c t Peer, hay ngng s
kin c nhn th h thng s tr v trng thi Idle.
NLRI
Thay v truyn thng tin v mt ch c th n c
la Network v Subnet mask th BGP truyn NLRI, gm
Prefix v chiu di ca prefix. Prefix s miu t cho
dch c th n c v chiu di ca prefix l miu t
cho s lng bt ca subnet mask. Ex: NLRI<19,
192.168.1.0> miu t prefix 192.168.1.0, v chiu di
l 19 bit mask.
Withdraw Route : Bn tin ny cung cp mt danh sc
cc tuyn cp nht khng cn n c na v cn
phi thu hi hay xo ra khi bng nh tuyn ca BGP.
Mt bn tin cp nht khng bao gm thng tin NLRI
hay cc thng tin thuc tnh th n ch c dng cho
Withdraw H1

Thuc tnh ca Path

Hu ht cu hnh BGP tp trung vo thuc tnh ca
path. Mi tuyn c gi tr thuc tnh c nh ngha
c th gm : thong tin path, route preference, next
hop, v tm tt route. Nh qun tr s dng nhng

thuc tnh ny to cc chnh sch nh tuyn. Da

trn cc gi tr ca thuc tnh BGP c th c cu
hnh lc cc thng tin nh tuyn, cc path, hay cc
ng thi khc. C cc loi thuc tnh sau:
Well-know mandatory: l thuc tnh m bt buc phi
tn ti trong bn tin cp nht. N phi c nhn ra
bi tt c cc Peer. Nu mt thuc tnh Well-know b
thiu, th mt bn tin ch th li oc to ra. iu ny
m bo rng tt c cc BGP peer phi tho thun
theo mt chun nht nh.
Well-know discretionary: l thuc tnh c nhn ra
bi tt c cc BGP peer, nhng c th hoc khng gi
bn tin cp nht.
Optional transitive : l thuc tnh c th hay khng
c nhn ra bi tt c cc BGP peer. V th thuc tinh
transitive c th chp nhn v truyn i thm ch no
khng c nhn ra.
Optional nontransitive: l thuc tnh m c th hoc
khng nhn ra bi tt c BGP peer. Cho d nhn ra
hay khng th n cng khng c truyn di cho Peer
khc. H1

Cu Hnh BGP
1. C bn v cu hnh BGP

dng lnh :

- khi to qu trnh BGP ta s

AS-number

Router(config)#router bgp

- Lnh Network c s dng trong IGP nhu RIP, n

xc nh cng giao
tip no truyn v nhn cc cp
nht. Tuy nhin vi BTP th lnh network
khng
nh hng n cng giao tip no m n qung b. V
th network s khng thit lp quan h gia cc BGP
router

Router(config)#network networknumber [mask network-mask]

Lnh network cho bit route no hc c

ni b qung b i.
Route ny c
th l route tnh, kt ni trc tip, hoc route hc c
t IGP nh(RIP, OSPF,)
- router BGP thit lp quan h lng ging vi mt
router khc th ta s dng lnh:
Router(config-router)#neighbor ip-address
remote-as AS-number
Lnh ny cho router bit ID ca peer thit
lp lng ging.
2.EBGP v IBGP
Khi cu hnh BGP, Th BGP h tr hai
loi phin thng tin gia cc peer
-Phin thng tin gia cc EBGP: xy
ra gia cc router khc AS.
-Phin thng tin gia cc IBGP: xy ra
gia cc rouer c cng AS

Nu ga tr ca AS trong cu hnh vi lnh

router bgp ging vi ga tr ca AS trong lnh
neighbor th quan h gia cc BGP l IBGP, cn nu
khc th quan h l EBGP
V d :

Trong v d ny th RTB thit lp phin thng tin EBGP

vi RTA, v IBGP vi RTC.
Trc ht ta s thit lp phin thng tin RTB vi RTC
RTB(config)#router bgp 200
RTB(config-router)#neighbor 172.16.1.2 remote-as
200
RTB(config-router)#neighbor 172.16.1.2 updatesource loopback 0
i vi RTA th cng tng t nh RTC vi
remote-as c gi tr l 100

Trong v d ny ta thy c lnh updatesource loopback 0 Nu c nhiu ng n router

lng ging, router c th s dng bt k a ch IP ca
cng giao tip no thit lp quan h lng ging.
Trong trng hp ny th router s s dng cng
loopback thit lp kt ni TCP vi router lng ging.
RTB hc c cc route t IGB l OSPF, RTB
c th qung b nhng mng ny bng cch
redistribuate OSPF vo trong BGP hoc ta s dng
lnh network
RTB(config-router)#network 172.16.1.0 mask
255.255.255.252
RTB(config-router)#network 10.1.1.0 mask
255.255.255.252
RTB(config-router)#network 192.168.1.0

Cc thuc tnh ca BGP

- Well-known mandatory l thuc tnh m phi tn ti
trong cp nht ca BG v phi c nhn ra bi tt c
cc nh cung cp, v cc khuyn ngh.
- Well-known discretionary: L thuc tnh cng phi
c nhn ra bi tt c cc khuyn ngh v BGP,
nhng n c th khng c truyn i trong bng cp
nht.
- Optional Trasnitive : l mt thuc tnh m n khng
yu cu phi c h tr bi tt c cc khuyn ngh v
BGP. Tuy nhin nu n khng c nhn ra bi BGP
th n s s dng c. Nu c c thit lp th BGP s
chp nhn v chuyn tip n cc peer khc.
- Optional nontranstivive : l mt thuc tnh cng
khng yu cu phi c h tr bi cc khuyn ngh
v BGP. Tuy nhin nu thuc tnh khng c nhn ra
bi BGP, th n s s dng c, nu c khng c
thit lp th thuc tnh s c loi b v khng c
truyn vi cc peer khc.

1. Thuc tnh next hop: l mt thuc tnh well-known

mandatory : n tng t nh trong IGP, n
c network, th next hop l a ch IP ca router

qung b route.
> i vi EBGP: th next hop l a ch
ip ca lng ging qung b route.
> i vi IBGP : Ni m route c qung t trong
cng AS th next hop l a ch ip ca lng ging qung
b route. Cn i vi route c qung b vo AS t
EBGP, th next hop t EBGP khng c thay i vo
trong IBGP, next hop l a ch ip ca EBGP lng ging
m n hc c.
> Khi mt route c qung b trong mt mi
trng da truy nhp(multi-access) nh Ethernet,
frame relay, th next hop l a ch IP ca cc cng
giao tip ca router.

- Trong v d ny t RTC chy mt phin thng tin

EBGP vi RTZ v IBGP vi RTA.

- RTC hc c route 128.213.1.0 t RTZ vi next hop

l 1.1.1.1 do RTC nhn c route 128.213.1.0 n t
lng ging RTZ bi next hop 1.1.1.1, khi n cp nht
sang RTA th next hop ip address khng c thay i,

do d RTA c next hop l 1.1.1.1.Nh chng ta c th

thy i vi RTA th next hop l 1.1.1.1 l khng th
n c.
2. Thuc tnh Next Hop trong mi trng
Multiaccess.
Mt kt ni mng c xem l multiaccess nu c hn 2 host c th kt ni vo. Cc
router trong kt ni mng multi-access th cng chia
s chung mt a ch subnet v kt ni vt l trc tip
vi nhau. Mt s mi trng l multi-access nh:
Ethernet, Frame Relay, ATM.
V d:

- Trong v d ny th ta thy RTC s qung co route

hc c t RTB, v khi RTC qung co route th n
ch ra RTB l source ca route, Nu khng th cc
router khc s phi thc hin ng i theo s hop
khng cn thit l qua RTC cc router trong
cng mt mng(segment).
- RTA,RTB,RTC : cng chia s mt mi trng truyn
l multi-access. RTA v RTC chy EBGP, RTC v RTB
chy OSPF. RTC hc mng 11.11.11.0/24 t RTB
thng qua OSPF, v n qung co mng ny n RTA
thng qua EBGP. V RTA v RTB chy khc giao thc
nh tuyn, nn v logic th RTA xem RTC(10.10.10.2)
l nt hop n c 11.11.11.0/24. Tuy nhin iu
ny khng xy ra, trng thi ng cho RTA l xem
RTB,10.10.10.3 l next hop v RTB cng cha s mt
mi trng vi RTC.

3. Next Hop trong mng NBMA(Frame Relay)

- Trong mng NBMA, Khng c cc kt ni trc tip
gia cc router, m l ch nhng kt ni o c cu
hnh t mi router n tt c cc router khc. Mt l
do quan trng m hu ht cc t chc u th hin
m hnh hup-and-spoke bi v gi c phi chng.
Trong m hnh hub-and-spoke th nhiu site xa c
cc kt ni o n mt hay nhiu router site trung
tm.
V d:

- y ta thy RTC l hub router v RTA, RTB l

spoke router. ta thy cc kt ni o c t ra gia
RTA v RTC, gia RTC v RTB, nhng khng c kt ni
no gia RTA v RTB. RTA nhn c cp nht v
mng 11.11.11.0/24 t RTC v n s c gng s dng
RTB,10.10.10.3 lm next hop. iu ny tng t nh
trong mi trng mng multi-access.Nhng trong
trng hp ny th bng nh tuyn c vn v khng
c kt ni o no gia RTA v RTB c.
- gii quyt vn ny ta c gii php sau: s
dng thuc tnh next-hop-self buc router, trong
trng hp ny th, RTC s qung co mng
11.11.11.0/24 vi next hop l ca chnh n
10.10.10.2. RTA lc ny s gi trc tip cc gi n

mng 11.11.11.0/24 qua RTC. C php nh sau:

Router(config-router)#neighbor ip-address
next-hop-self

i vi RTC ta s dng lnh nh sau :

RTC(config-router)#neighbor 10.10.10.1
next-hop-self
4. Thuc tnh AS_path : l mt thuc tnh Wellknow mandatory.
- N l tun t ca cc s AS m route truyn
qua n ch. AS u tin truyn route s them s
AS ca n v truyn di sang EBGP peer ca n. Sau
th mi AS m nhn route ny s truyn route ny
sang EBGP peer khc v gn them s AS ca n vo
u danh sch cc s AS. Danh sch cui cng s l
tt c cc s AS m route c truyn i qua, vi
s AS ca AS m khi to route ban u nm cui
danh sch. V danh sch ny c mang tun t cc s
AS m route i qua.
- BGP s dng thuc tnh AS_path ny trong cc cp
nht ca n m bo mt m hnh khng b loop
trn internet. Mi route c truyn i gia cc peer
s mang theo mt danh sch ca cc s AS m route
c truyn qua. Nu route c qung co n
mt AS m khi to ra n, v AS s thy chnh n l
mt phn trong danh sch cc s AS v n s khng
chp nhn route ny. BGP router s chn them s AS
ca n khi qung co bng nh tuyn cp nht ca n
sang mt AS khc. Khi route c truyn qua mt BGP
router c cng AS th danh sch AS_path s gi
nguyn khng thay i.
V d:

- Trong v d ny th ta thy route 172.16.10.0/24

c khi to t AS1 v c truyn i qua AS2, AS3,
AS4 v truyn ngc tr li AS1. Nhn thy rng mi
AS truyn route ny qua external peer th n thm s
AS ca n vo u danh sch AS_path. Khi route
truyn ngc tr li AS1, th BGB border router s
nhn ra rng route ny tng qua n v khng chp
nhn route ny.
- Thng tin v AS_path l mt thuc tnh BGP xc
inh ng i tt nht n ch. Khi so snh 2 hay
nhiu route, gi s tt c cc thuc tnh khc u
ging nhau, th route no c path ngn hn s c u
tin chn hn.
5. AS_path v s private AS
- Thng thng bo tn cc s AS, th cc khch
hng m cc chnh sch nh tuyn ca h l s m
rng ca cc chnh sch nh tuyn ca cc nh cung
cp cho h c n nh cho cc AS khng hp l. V
th nu khch hang l mt single-homed hay
multihomed ca cng mt nh cung cp, th nh cung
cp yu cu khch hang phi s dng s AS ly t
private pool 64512 n 65535.. Nh vy th tt c cc
cp nht m nh cung cp nhn c t khch hng
ch gm cc s private AS.
- Cc s private AS khng th qung co ra internet,
v n l khng duy nht. V l do ny m cc s private
AS s c ct b khi danh sch AS_path trc khi
route c qung co ra ngoi internet.

V d:

- Trong v d ny th AS1 cung cp kt ni internet

cho khch hng AS 65001. V khch hng ch kt ni
n nh cung cp ny m khng c k hoach kt ni
thm n mt nh cung cp khc trong tng lai gn ,
nn khc hng c n nh mt s private AS. Khch
hng nn s dng mt s AS hp l khi cn c kt ni
n mt nh cung cp khc na.
- Prefix (172.16.220.0/24) c khi to t AS
65001 c AS_path 65001. Khi AS 1 qung b prefix
ny ra internet, th n s c loi b s private AS.
Khi prefix n internet th, n s c xem nh l
c khi to t AS1 ca nh cung cp c AS_path l
1. BGP ch loi b s private AS ch khi n c quang
b sang EBGP peer. iu ny ngha l vic loi b s
private AS s c cu hnh trn RTB kt ni n
RTC
Cu hnh:
RTB(config)#router bgp 1
RTB(config-router)#neighbor 172.16.20.2 remoteas 65001
RTB(config-router)#neighbor 192.168.6.3 remoteas 7
RTB(config-router)#neighbor 192.168.6.3 removeprivate-as
Thuc tnh Atomic Aggregate : l mt thuc tnh wellknown discretionary. Thuc tnh Atomic Aggregate

c thit lp mt trong hai gi tr hoc l True hoc

l False. Nu l True, th thuc tnh ny s cnh bo
cho BGP router bit rng c nhiu ch c nhm
li trong mt cp nht duy nht. Hay ni cch khc th,
BGP router gi c nhiu route c th hn n ch
nhng khng c gi i. Bi v iu ny cho nn gy
ra mt vn , Atomic Aggregate cnh bo cho router
nhn rng thng tin m chng nhn l khng cn
thit cho tt c cc thng tin v route hin c.
BGP c th c cu hnh tm tt route bng lnh
aggregate-address.
Lnh ny khng nht thit BGP phi to mt route
aggregate trong bng nh tuyn ca n. M iu ny
ch xy ra khi m router nhn bit c l c t nht
mt route thuc v supernet ny. V th m nu router
bit c ch mt route, n c th coi l bit c
hng trm route khc. c im ny c s dng
cnh bo . Aggregate route c qung co i khi n
n t AS m thuc tnh Atomic aggregate c thit
lp l True. iu ny cho bit c thng tin c th b
mt. Mc nh th Atomic aggregate c thit lp l
True, tr khi as-set c xc nh.
Nu router ch qung b supernet, v khng qung b
cc route c th hn th s dng summary-only. Khi
cu hnh s dng key word ny th router s truyn
supernet route v s loi b(suppress) cc route c
th hn .
V d:
RTA(config)#router bgp 300
RTA(config-router)#neighbor 3.3.3.3 remote-as 200
RTA(config-router)#neighbor 2.2.2.2 remote-as 100
RTA(config-router)#network 160.10.0.0
RTA(config-router)#aggregate-address 160.0.0.0
255.0.0.0
Nu RTA loi b cc route c th hn supernet th ta
cu hnh:
RTA(config-router)#aggregate-address 160.0.0.0
255.0.0.0 summary-only
Thuc tnh Aggregator: L mt thuc tnh Well-known
discretionary. Khi cu hnh aggregation, th thuc tnh
ny cung cp nhng thng tin v ID ca router v s
AS ca ca router khi to aggregate route. Thuc tnh

ny cho php ISP admin xc nh router no thc hin

aggregation.
Thuc tnh Local Preference: L mt thuc tnh wellknown discretionary. Local Preference l mt yu t
xc nh s so snh gia cc route n cng mt ch.
Route c Local Preference cao hn s c chn lm
ng i ti u. Cng nh tn ca thuc tnh ny, n
ch chuyn i ni b gia cc IBGP peer . Local
Preference khng qung co sang EBGP peer.
Router trong mt multihomed AS c th hc rng, n
c th n cng ch bng cc neighbor theo hai hay
nhiu AS khc nhau. C th c hai hay nhiu im ri
khi AS ni b n c mt ch no . S dng
thuc tnh Local Preference p BGP router s dng
route ti u hn cc route khc n cng mt ch.
Bi v thuc tnh ny ch c thng tin gia cc BGP
trong cng mt AS, tt c cc router c cng mt
quyt nh chung n mt route bn ngoi.
V d:

Theo v d ny th cng ty ANET mua kt ni n

internet t hai nh cung cp, XNET v YNET. ANET
c kt ni n YNET bng T3 v n XNET bng
ng backup T1.
Mt iu quan trong cho ANET l quyt nh ng
n no cho ti ra ngoi internet. Tuy nhin admin
ca ANET thch s dng kt ni T3 theo ng ca
YNET. LA c th gn route n t YNET mt gi tr
Local Prefernece 300, v San Jose gn cho route n
t YNET mt gi tr thp hn l 200. Bi v c hai
router LA v San Jose u chuyn i thng tin nh
tuyn cp nht bng IBGP, chng u ng rng
im ra khi AS bng ng qua YNET. V y c gi

tr Local Preference cao hn

NET hc route n 128.213.0.0/16 bng ng
qua XNET v YNET. Router LA v San Jose s ng
s dng YNET l im n ch v ga tr Local
Preference cao hn l 300.
c. Vn dng Local Preference:

- Ta Thy AS 256 nhn cp nht mng 170.10.0.0 t

AS 100 v t AS 300. C hai cch thit lp thuc
tnh Local Preference trn cc router thuc AS 256.

preference

preference

> S dng lnh bgp default local-

> S dng route map thit lp local

-S dng lnh bgp default local-preference, thit

lp thuc tnh Local Preference trn RTC v RTD nh
sau:

RTC(config)#router bgp 256

RTC(config-router)#neighbor 1.1.1.1 remote-as 100
RTC(config-router)#neighbor 128.213.11.2 remoteas 256
RTC(config-router)#bgp default local-preference

150
RTD(config)#router bgp 256
RTD(config-router)#neighbor 3.3.3.4 remote-as 300
RTD(config-router)#neighbor 128.213.11.1 remoteas 256
RTD(config-router)#bgp default local-preference
200
Cu hnh trn RTC lm cho n s thit lp tt c cc
cp nht t AS100 mt gi tr Local Preference l 150.
V t cu hnh trn RTD s lm cho n thit lp Local
Preference cho ton b cp nht t AS 300 mt gi tr
l 200. Bi v Local Prefernc ch trao i trong ni b
AS, nn c hai RTC, v RTD u xc nh rng cp
nht v mng 170.10.0.0 c gi tr Local Preference
cao hn khi n n t AS300 so vi khi n n t
AS100. Kt qu l ton b ti trong AS 256 n mng
170.10.0.0 u c truyn qua RTD.
Ta c th cu hnh bng cch s dng route map.
Route Map cung cp mt c ch uyn chuyn hn so
vi vic s dng default nh trn. Khi ta s dng lnh
bgp default local-preference cho RTD th tt c cc cp
nht nhn c bi RTD u c thit lp gi tr l
200. iu ny gm c cp nht t AS34. By gi ta s
cu hnh cho RTD s dng route map thit lp Local
Preference trn RTD ch cho nhng cp nht t AS300.
RTD(config)#ip as-path access-list 1 permit _300$
RTD(config)#route-map LP permit 10
RTD(config-route-map)#match as-path 1
RTD(config-route-map)#set local-preference 200
RTD(config)#route-map LP permit 20
RTD(config)#router bgp 256
RTD(config-router)#neighbor 3.3.3.4 remote- as
300
RTD(config-router)#neighbor 3.3.3.4 route-map LP
in
Thuc tnh Weight:
Thuc tnh Weight tng t nh Local Preference, n
s u tin s dng route c gi tr weight cao hn. Mt
iu khc y l cc thng s weight ch c ngha
ni b trong router thi m n s khng trao i vi
cc router khc. Thuc tnh weight nh hng n cc
route n t nhiu nh cung cp khc nhau ti mt
router, mt router c nhiu kt ni ti hai hay nhiu
nh cung cp. Thng s weight c tc ng cao hn

bt k thuc tnh no khc.N l thuc tnh quan trng

nht xc nh route no u tin c chn hn.
Weight c cu hnh trn cc router theo tng
neighbor mt. thuc tnh ny s khng truyn sang
cho bt k mt router BGP no khc c. Ta c minh
ho sau :

Thuc tnh Multiple Exit Discriminator(MED)

MED l mt thuc tnh optional nontransitive. MED ch
cho lng ging external v ng i no ti u hn
vo trong mt AS c nhiu im vo. MED c gi tr
thp s tt hn.
Khng ging Local Preference MED c trao i gia
cc AS, nhng MED vo trong mt AS th s khng ri
khi AS ny. Khi c mt cp nht vo trong mt AS vi
mt gi tr MED c thit lp, th gi tr ny c s
dng quyt nh ch trong ni b AS d thi. Khi
BGP chuyn cp nht cho mt AS khc th gi tr ca
MED c thit lp v 0.
MED c th c s dng mt AS v nh hng n
quyt inh ra khi AS ca mt AS khc.
Khi mt route c khi to bi mt AS, th gi tr ca
MED thng thng l tu theo metric IGP ca route.
iu ny tr nn hu dng khi mt khch hng c
nhiu kt ni n cng mt nh cung cp. IGP metric
ch ra tiu tn n mt mng xc nh im
truyn. Mt mng gn im xut A hn im xut B
th s c gi tr IGP metric nh hn. Khi gi tr IGP
metric c dch sang MED, ti n mt AS c th vo
t mt kt ni gn ch hn. Chnh v iu ny m

MED c gi tr thp hn s c u tin hn n

ch. iu ny c th c s dng cho c nh cung
cp v c khch hng cn bng ti gia nhiu kt
ni gia hai AS khc nhau.
Ta s c mt v d minh ho nh sau

- T hnh v trn ta thy XNET nhn cp nht nh

tuyn v mng 128.213.0.0/16 t 3 ngun khc nhau.
l SJ c metric 120, LA c metric l 200, cn NY c
metric l 50. SF s so snh hai gi tr metric t ANET
v s u tin chon SJ hn v n qung co gi tr
metric nh hn. Khi Lnh bgp always-compare-med
c s dng trn router SF, n s tip tc so snh
cc gi tr metric. N s so snh metric 120 vi 50 n
t NY v s u tin chn NY hn n mng
128.213.0.0/16.
- V d v cu hnh:

- Theo v d ny th ta thy : AS 100 s nhn

cp nht v mng 180.10.0.0 t RTB, RTC, v RTD.
RTC v RTD xut pht t AS 300, v RTB xut pht t
AS 400. Ta s dng route map cu hnh MED cho
router.
RTB(config)#route-map med permit 10
RTB(config-route-map)#set metric 50
RTB(config)#router bgp 400
RTB(config-router)#neighbor 4.4.4.4 route-map
med out
Mc nh th BGP s so snh gi tr ca thuc tnh MED
ca route n t cc lng ging c cng mt external
AS. Nh AS 300 l mt v d. iu ny c ngha l RTA
s so snh gi tr ca thuc tnh MED n t RTC c
gi tr l 120 ch vi RTD vi gi tr l 200. Thm ch
d cp nht n t RTB c gi tr MED thp hn th
RTA cng s chn RTC l ng i tt nht n mng
180.10.0.0. p RTA s dng lun c cp nht v
mng 180.10.0.0 n t RTB trong bng so snh ca
n th ta s dng lnh bgp always-compare-med .
Lc ny th RTA s chn RTB l next hop tt nht i
n mng 180.10.0.0.0, trong trng hp gi d l tt
c cc thuc tnh khc u nh nhau.
.
Thuc tnh Origin
Origin l mt thuc tnh well-known mandatory. N ch
ra ngun ca nh tuyn cp nht. BGP cho php 3 loi
origin sau:
IGP c khi to ni b trong AS
EGP hc c t BGP
Incomplete hc c t mt s cch khc nh
redistribution
- BGP xem xet cc thuc tnh Origin trong quyt nh
route no ti u hn trong nhiu route. BGP chn loi
origin thp nht. IGP thp hn EGP, EGP thp hn
Incomplete

Xc inh tuyn trong BGP

BGP da trn gi tr ca cc thuc tnh quyt nh
chn tuyn. Khi gp nhiu route n cng mt ch,
th BGP s chn route tt nht truyn ti n ch.
Qu trnh chn route nh sau:
Next Hop khng n c th route s b loi b. B v
iu ny m ta bit ti sao phi c mt IGP route n
next hop.
BGP router s chn path no c weight ln nht.
Nu cc route c weight u ging nhau th BGP router
s chn route c Local Preference ln nht.
Nu Local Preference c ga tr bng nhau cho tt c
cc route th BGP s chn route m c khi to bi
ni b router
Nu Local Preference c gi tr nh nhau th BGP
router s chn route c AS_path ngn nht.
Nu AS_path c chiu di bng nhau, th router BGP
s chn route c loi origin thp nht. Tc l IGP thp
hn EGP, v EGP thp hn Incomplete.
Nu loi origin ging nhau, BGP router s chn route
c MED nh nht.
Nu MED c gi tr gng nhau th BGP s chn route
theo cch sau. External(EBGP) s c u tin hn
confederation external, n li c u tin hn so vi
IBGP.
Nu tt c nhng thuc tnh xt n u ging
nhau, th BGP s chn route m c th n c theo
ng ca IGP lng ging gn nht. Tc by gi s xt
n path n ch theo path ngn nht n next
hop.
Nu tt c cng u ging nhau th BGP s chn route
n t router c ID nh nht. Router ID thng l a
ch IP cao nht ca router hay l a ch ca cng

loopback

Lc tuyn v chnh sch nh tuyn

1. Lc tuyn

Lc tuyn cho php router chn route no s c trao

i vi BGP peer no. Lc tuyn l mt phn ca chnh
sch nh tuyn. Mt AS c th kim sot route no s
c chp nhn t lng ging EBGP
Cc chnh sch c th c nh ngha bng vic lc
cc route. BGP route truyn qua cc b phn lc c th
gm c cc thuc tnh ca n v c vn dng vo
trong vic quyt nh chn route.
C hai vic lc ti inbound v outbound u c
chp nhn gia cc peer v c giao thc nh tuyn
chy trn cng mt router. Lc inbound ch ra rng
BGP lc cp nht nh tuyn n t mt peer khc.
Cn Lc outbound th hn ch vic cp nht nh
tuyn t router ny n cc Peer khc.
cp giao thc th : lc inbound c tc dng hn
ch cp nht nh tuyn c redistribution vo trong
mt giao thc. Cn lc utbound hn ch vic cp nht
nh tuyn chn vo t giao thc ny.Vi BGP th ta
c mt v d sau : lc inbound ngha l hn ch cp
nht nh tuyn c redistribution t mt giao thc
nh tuyn khc vo trong BGP, cn lc outbound th
hn ch cp nht c redistribution t BGP vo mt
giao thc khc (IGP)
2. S dng distribute-list lc route
hn ch thng tin nh tuyn m router
hoc hay qung co. p dng lc tuyn t hay n mt
lng ging no s dng lnh distribute-list. Nh
minh ho di y:

Ta thy RTD trong AS2 khi to mng 192.68.10.0 v

truyn n RTF. RTF s truyn cp nht n RTA bi
IBGP, v t n s truyn cp nht n AS1. Nh
vy AS3 s tr thnh transit AS qung co rng n c
th n c mng 192.68.10.0/24
ngn tnh trng hp ny xy ra th ta cu hnh
trn RTA:
RTA(config)#router bgp 3
RTA(config-router)#neighbor 172.16.1.1 remote-as
3
RTA(config-router)#neighbor 172.16.20.1 remoteas 1
RTA(config-router)#neighbor 172.16.20.1
distribute-list 1 out
RTA(config)#access-list 1 permit ip 172.16.0.0
0.0.255.255
Ta thy distribute-list, c s dng l mt phn ca
lnh neighbor, n ngn RTA khng qung co mng
192.68.10.0/24 n RTC. Access list c s dng
nhn ra prefix thc hin lc v distribute-list out p
dng lc cp nht ra bn ngoi.
Nhn thy rng khi cu hnh distribute lt da trn mt
access list . Nu s dng standard access list th s c
mt s chc nng b hn ch. RTA kt ni n nhiu
subnet trong mng 172.16.0.0/16. Mc ch ca vic
qung co mt a ch mng tm tt 172.16.0.0/16,
nhng khnng qung co bt k subnet ring no ca
n c. Mt standard access list s khng lm c iu

ny bi v n s cho php (permit) nhiu hn mong

i. N s lc d trn a ch mng. y l mt v d
v mt access list m n s permit khng ch mng
172.16.0.0/16 m l tt c cc thnh phn khc thuc
tm tt route ny.
access-list 1 permit 172.16.0.0 0.0.255.255
hn ch cp nht ch 172.16.0.0/16 ta s dng
extended access list. Thng thng th mt extended
access list gm c source v destination. Trong trng
hp lc route BGP , th mt extended access list ch
gm c network, tip theo l subnet mask. C network
v mask u cha wildcard bitmask ca n, c c
php nh sau:
router(config)#access-list number permit|deny
network network-wildcard mask mask-wildcard
cho php route tm tt nh trong v d trn th ta
cu hnh mt extended access list filter network v
16 bit mask ca pref. Vi cu hnh ny th RTA s
khng truyn subnet route nh 172.16.0.0/17 hay
172.16.10/24 trong cp nht ca n n AS1.
RTA(config)#access-list 101 permit ip 172.16.0.0
0.0.255.255 255.255.0.0 0.0.0.0
- Ta c th s dng ip prefix-list thay cho
extended access list.
3. Lnh ip prefix-list: s dng lnh ip prefix-list c mt
s thun li hn so vi vic s dng access-list l
Hiu sut c ci thin khi loading v tm route
trong mt danh sch ln.
H tr cp nht tng phn increment update. Lc
route vi extended access list khng h tr cho vic
cp nht tng phn.
-

Dng lnh than thin hn

Tnh uyn chuyn cao

- C php ca lnh nh sau :

router(config)#ip prefix-list list-name [seq seqvalue] deny/permit network/len [ge ge-value] [le

le-value]
.
V d v cu hnh bng lnh ip prefix-list
RTA(config)#ip prefix-list GROVER permit
192.0.0.0/8 le 24
RTA(config)#ip prefix-list GROVER deny
192.0.0.0/8 ge 25
Theo v d ny th cu lnh u tin chp nhn tt
c cc route c cc chiu di mask ln n 24 bit vi
prefix 192.0.0.0/8, v t chi (deny) t c cc route
c th hn.
cu lnh th hai th n s kim tra prefix bt u vi
192 octet u tin. Sau quan tm n ch cc
route c th hn bng cch kim tra chiu di ca
mask. V th c 192.168.32.0/19 v 192.168.1.0/24
u c trng thi cho php(permit), nhng mng
prefix 192.168.1.32/27 th khng bi v chiu di mask
ca n ln hn 25.
c ge v le c th c s dng chung theo lnh sau:
RTA(config)#ip prefix-list OSCAR permit 10.0.0.0/8
ge 16 le 24
Lnh ny permit tt c prefix trong mng 10.0.0.0/8
vi chiu di mask t 16 cho n 24 bits.
Mi prefix list c gn cho mt s th t, s ny c
gn mc nh hoc c gn bng tay. Bng cch
nh s, mt entry c th c chn vo ti bt k
im no ca list. iu ny quan trng v router kim
tra prefix list t tun t t nh n ln. Khi c mt
match xy ra th router s khng tip tc tt n cc
entry ca cc tun t sau na. Ta c th s dng lnh
show ip prefix-list kim tra.
S tun t ny s t ng c to ra v tng dn
tng bc +5. gi tr u tin c to ra trong prefix
list l 5 tip theo l 10, 15.. Nu cu hnh bng tay
mt gi tr v tip theo khng xc nh cc gi tr th
s th t cho entry s t ng tng ln theo bc +5.
V d gi tr u tin c xc nh l 3. v sau th
khng c tun t c ch nh cho cc entry khc th
s tun t s c tao ra l 8, 13, 18.v du:

RTA(config)#ip prefix-list ELMO seq 12 deny

192.168.1.0/24
Cui cng khi s dng prefix list th ta phi theo mt
s lut sau
Mt prefix list trng s mc inh l permit tt c prefix
C mt ngm nh deny c a ra nu prefix khng
match bt k entry no ca prefix.
Khi c nhiu entry ca prefix list match, th tun t
ca entry no nh nht s c match tht s

Redistribute trong BGP

1. Tng quan v redistribute
- Khi s dng giao thc BGP, vn m bo route
chnh xc l rt quan trng. C mt mi quan h gn
gia cc route ng trn internet v cch thc chn
route vo BGP. Thng tin c th chn v BGP theo
cch ng hoc tnh. Bng cch chn route bng cch
ng th route n hay truyn i t bng nh tuyn
BGP, ph thuc vo trng thi ca tng mng mt.
Bng cch chn route theo cch tnh th n c bo
ton trong bng nh tuyn ca BGP, v n khng
quan tm n trng thi ca cc mng m n nhn ra
trong cu hnh. V th trong khi qung co ng s kt
thc nu mng c qung co khng cn tn ti na.
Cn i vi qung tnh th s khng b nh vy m n
s lun khng thay i.
- Bng cch chn tuyn ng th tt c cc tuyn trong
IGP c phn phi li vo trong BGP s dng lnh
redistribution. Ta c th s dng lnh network
phn phi na ng(semi-dynamic)
- Thng tin c chn ng v BGP bng cch cho
php IGP route nh RIP, OSPF, EIGRP c th phn
phi li vo trong BGP. bng cch phn phi li ng
th d cu hnh. Ton b IGP route u c chn vo
BGP, m khng quan tm n giao thc ng c s
dng.
- i vi semi-dynamic th thng tin c s dng

chn vo BGP c xc nh l tp con ca IGP route

thi. Bng cch ny qung co tng route ring vo
trong BGP vi lnh network. Tuy nhin khi s dng
lnh network th phi cn thit cho mi prefix. Do
khi s lng mng qu ln th vic s dng semidynamic s khng thc t.
- Bng cch s dng lnh network qung co
mng trong IGP domain. Vi cch ny th nu IGP
khng hc c route ni b th BGP s khng qung
co mng ny cho cc BGP router khc. Tuy nhin ta
c th s dng lnh no synchronization disable s
kim tra ny. Lc ny th BGP c th qung co
network m n khng th n c.

2. Vic chn nhng thng tin li hay khng

mong mun.
- Vic chn route vo BGP bng lnh network khng
phi lun lun thc t, hoc kh thi. Cn i vi vic
chn route bng cch phn phi li th c th mang li
kt qu l gy ra bt li cho AS khc nh nhng thng
tin khng c chp nhn, sai, hay khng mng i.
Phn phi li ton b IGP c th dn n l ton b a
ch private, hay a ch khng hp le (illegal ) c
qung co ra bn ngoi AS.
- Vic phn phi li thng tin qua li gia IGP v BGP
c th gy nn kt qua l qung co nhng thng tin
nh tuyn b tn hi. Trong trng hp ny th cc
route m BGP c chn vo t bn ngoi c th
truyn ngc tr li vo BGP bng IGP. iu ny xy
ra lm cho route ny c khi to chnh ti trong AS
ch khng cn t AS khc a ti na. v d :

- Trong trng hp ny th ta thy AS100 qung co

mng NetA sang AS200 theo BGP v RTC chn thng
tin ny vo IGP, v n hc c thng tin ny. RTC
c cu hnh redistribute thng tin IGP vo trong
BGP. Lc ny th NetA s kt thc qung co bi
AS100 v n c xem nh c khi to v c
qung co i ti AS200. Lc ny th NetA c hai ngun
mt t AS100, v mt t AS200.
- gii quyt vn ny th ta c th s dng lc
cc route, xc nh c l ch nhng route no mi
c chn vo BGP t IGP thi.

3.v d v cu hinh phn phi li(redistribution)

Ta s cu hnh trn RTB redistribute t OSPF vo

BGP bng cch ng
RTB(config)#router bgp 200
RTB(config-router)#neighbor 10.1.1.2 remote-as
100
RTB(config-router)#neighbor 10.1.1.2 route-map
BLOCK-BAD-ADDRESSES out
RTB(config-router)#redistribute ospf 1 match
internal metric 50
RTB(config-router)#redistribute static
Ta c th cu hnh cho RTB ch chn mt s mng vo
BGP thi. Cn tt c cc route khc s khng c
chn vo BGP nn khng oc qung co ra ben ngoi
khi AS.

RTB(config)#router bgp 200

RTB(config-router)#neighbor 10.1.1.2 remote-as
100
RTB(config-router)#network 192.168.1.0
RTB(config-router)#network 192.168.2.0
- Trong trng hp ny ch c mng 192.168.1.0 v
192.168.2.0 l c chn vo BGP thi.

Cu hnh Thc t

1. Cu hnh cho s 1

Theo s ny th ta thy R2, R3, R4 quan h

IBGP vi nhau thuc AS100, cn R1 thuc AS300, R6
thuc AS400, R5 thuc AS200
cu hnh cho tng router mt:

R1#show run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime

service timestamps log uptime

no service password-encryption
!
hostname R1
!
!
memory-size iomem 10
ip subnet-zero
no ip domain-lookup
!
!
!
!
!
interface Loopback0
ip address 192.168.250.1 255.255.255.0
no ip directed-broadcast
!
interface Loopback1
ip address 192.168.1.213 255.255.255.252
no ip directed-broadcast
!
interface Loopback12
no ip address

no ip directed-broadcast
!
interface Ethernet0/0
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0/0
ip address 192.168.1.210 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
clockrate 64000
!
router bgp 300
network 192.168.1.212
network 192.168.250.0
neighbor 192.168.1.209 remote-as 100
no auto-summary
!
ip classless
!
!
!

line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
!
no scheduler allocate
end

R2#show runn
Building configuration...

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R2
!
!
!
!

!
!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Ethernet0
ip address 192.168.1.226 255.255.255.252
interface Serial0
ip address 192.168.1.221 255.255.255.252
no fair-queue
clockrate 64000
!
interface Serial1
ip address 192.168.1.209 255.255.255.252
!
router bgp 100
no synchronization
network 192.168.1.224 mask 255.255.255.252
neighbor 192.168.1.197 remote-as 100
neighbor 192.168.1.210 remote-as 300
neighbor 192.168.1.222 remote-as 100

neighbor 192.168.1.225 remote-as 200

!
ip classless
no ip http server
!
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
!
no scheduler allocate
end

R3#show runn
Building configuration...

Current configuration : 891 bytes

!
version 12.2
no parser cache
no service single-slot-reload-enable
service timestamps debug uptime

service timestamps log uptime

no service password-encryption
!
hostname R3
!
logging rate-limit console 10 except errors
!
!
!
memory-size iomem 10
ip subnet-zero
!
!
no ip domain-lookup
!
no ip dhcp-client network-discovery
call rsvp-sync
!
!
!
!
!
!
!

!
interface Ethernet0/0
no ip address
shutdown
half-duplex
!
interface Serial0/0
ip address 192.168.1.222 255.255.255.252
no fair-queue
!
interface Serial0/1
ip address 192.168.1.198 255.255.255.252
!
router bgp 100
no synchronization
bgp log-neighbor-changes
network 192.168.1.196 mask 255.255.255.252
network 192.168.1.220 mask 255.255.255.252
neighbor 192.168.1.197 remote-as 100
neighbor 192.168.1.221 remote-as 100
!
ip classless
ip http server
!

!
!
!
voice-port 1/1/0
!
voice-port 1/1/1
!
dial-peer cor custom
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 5 15
!
end

R4#show runn
Current configuration : 904 bytes
!
version 12.2

service timestamps debug datetime msec

service timestamps log datetime msec
no service password-encryption
!
hostname R4
!
logging queue-limit 100
!
ip subnet-zero
!
!
no ip domain lookup
!
mpls ldp logging neighbor-changes
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!

!
mta receive maximum-recipients 0
!
!
!
!
interface Ethernet0/0
ip address 192.168.1.106 255.255.255.252
half-duplex
!
interface Serial0/0
ip address 192.168.1.197 255.255.255.252
clockrate 64000
!
interface Serial0/1
no ip address
!
router bgp 100
no synchronization
bgp log-neighbor-changes
network 192.168.1.204 mask 255.255.255.252
neighbor 192.168.1.198 remote-as 100
neighbor 192.168.1.205 remote-as 400
no auto-summary

!
no ip http server
ip classless
!
!
!
!
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
!
!
end
R5#show runn

Building configuration...

Current configuration : 1080 bytes

!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R5
!
logging queue-limit 100
!
memory-size iomem 10
ip subnet-zero
!
!
no ip domain lookup
!
mpls ldp logging neighbor-changes
!
!
!
!

!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
ip address 192.168.100.1 255.255.255.0
!
interface Loopback1
ip address 192.168.200.1 255.255.255.0
!
interface Loopback2
ip address 192.168.1.217 255.255.255.252
!
interface Ethernet0/0
ip address 192.168.1.225 255.255.255.252
half-duplex

!
interface Serial0/0
no ip address
shutdown
clockrate 64000
!
router bgp 200
no synchronization
bgp log-neighbor-changes
network 192.168.1.216
network 192.168.100.0
network 192.168.200.0
neighbor 192.168.1.226 remote-as 100
no auto-summary
!
no ip http server
ip classless
!
!
!
line con 0
logging synchronous
transport input none
line aux 0

line vty 0 4
!
no scheduler allocate
end
R6#show runn
Building configuration...

Current configuration : 1056 bytes

!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R6
!
logging queue-limit 100
!
memory-size iomem 10
ip subnet-zero
!
!
no ip domain lookup
!

mpls ldp logging neighbor-changes

!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
ip address 192.168.50.1 255.255.255.0
!
interface Loopback1
ip address 192.168.75.1 255.255.255.0
!

interface Loopback2
ip address 192.168.1.201 255.255.255.252
!
interface Ethernet0/0
ip address 192.168.1.205 255.255.255.252
half-duplex
!
interface Serial0/0
no ip address
shutdown
!
router bgp 400
no synchronization
bgp log-neighbor-changes
network 192.168.1.200
network 192.168.50.0
network 192.168.75.0
neighbor 192.168.1.206 remote-as 100
no auto-summary
!
ip http server
ip classless
!
!

!
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
!
!
end

By gi ta show ip bgp ca R4 :
R4#show ip bgp

BGP table version is 1, local router ID is

192.168.1.206
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

Metric LocPrf

* i192.168.1.196/30 192.168.1.198
100
0i
* 192.168.1.204/30 0.0.0.0
i

32768

* i192.168.1.220/30 192.168.1.198
100
0i

* 192.168.50.0
400 i

192.168.1.205

* 192.168.75.0
400 i

192.168.1.205

Ta thy ch c mng 50.0 v 75.0 ch khng

c cc mng khc t cc AS300,200
Tng t ta s xem trn R2 ta
R2#show ip bgp
BGP table version is 23, local router ID is
192.168.1.226
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

Metric LocPrf

*>i192.168.1.196/30 192.168.1.222
100
0i

*> 192.168.1.208/30 0.0.0.0

32768 i

*> 192.168.1.220/30 0.0.0.0

32768 i

*i

192.168.1.222

*> 192.168.1.224/30 0.0.0.0

32768 i

100

0i

*> 192.168.100.0
0 200 i

192.168.1.225

*> 192.168.200.0
0 200 i

192.168.1.225

*> 192.168.250.0
0 300 i

192.168.1.210

Ta thy trn bng nh tuyn BGP ca R2 cng

ch c cc mng ca AS300,200 thi ch khng c cc
mng ca AS400 qung co qua AS100
Do R3 kh ng c p nh t b ng nh tuy n c
a n cho c c IBGP kh c
Ta s xem b ng nh tuy n BGP c a R3
R3#show ip bgp
BGP table version is 4, local router ID is
192.168.1.222
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

Metric LocPrf

*> 192.168.1.196/30 0.0.0.0

32768 i

*>i192.168.1.204/30 192.168.1.197
100
0i

*> 192.168.1.220/30 0.0.0.0

32768 i

* i192.168.50.0
0 400 i

192.168.1.205

100

* i192.168.75.0
0 400 i

192.168.1.205

100

* i192.168.100.0
0 200 i

192.168.1.225

100

* i192.168.200.0
0 200 i

192.168.1.225

100

* i192.168.250.0
0 300 i

192.168.1.210

100

R3 cha tt c cc mng vy
By gi ta xem th bng thit lp lng ging ca R4 v
R2 th xem

R4#show ip bgp summ

BGP router identifier 192.168.1.206, local AS number
100
BGP table version is 12, main routing table version 12
5 network entries using 505 bytes of memory

5 path entries using 240 bytes of memory

3 BGP path attribute entries using 180 bytes of
memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of
memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 949 total bytes of memory
BGP activity 15/10 prefixes, 19/14 paths, scan interval
60 secs

Neighbor
V AS MsgRcvd MsgSent
InQ OutQ Up/Down State/PfxRcd
192.168.1.198
12
0

4 100
48
00:14:58

192.168.1.205
12
0

400
50
00:09:35

192.168.1.221
0
0

4
0

100
0
never

TblVer

57

58

active

Ta s s dng IGP d gp R2 v R4 thit lp neighbor

vi nhau

R2(config)#router ospf 1
R2(config-router)#net 192.168.1.220 0.0.0.3 area 0
R2(config-router)#net 192.168.1.196 0.0.0.3 area 0

R3(config)#router ospf 1

R3(config-router)#net 192.168.1.196 0.0.0.3 area 0

R3(config-router)#net 192.168.1.220 0.0.0.3 area 0

R4(config)#router ospf 1
R4(config-router)#net 192.168.1.196 0.0.0.3 area 0

R4#show ip bgp summ

BGP router identifier 192.168.1.206, local AS number
100
BGP table version is 15, main routing table version 15
10 network entries using 1010 bytes of memory
10 path entries using 480 bytes of memory
5 BGP path attribute entries using 300 bytes of
memory
3 BGP AS-PATH entries using 72 bytes of memory
0 BGP route-map cache entries using 0 bytes of
memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1862 total bytes of memory
BGP activity 20/10 prefixes, 29/19 paths, scan interval
60 secs

Neighbor
V AS MsgRcvd MsgSent
OutQ Up/Down State/PfxRcd
192.168.1.198 4
100
0
0
00:08:59
2

74

TblVer InQ

87

15

192.168.1.205 4
400
0
0
00:27:36
2

68

78

15

192.168.1.221 4
100
0
0
00:00:33
5

15

By gi th R4 v R2 thit lp c quan h lng

ging ri
R4#show ip bgp
BGP table version is 17, local router ID is
192.168.1.206
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

Metric LocPrf

r>i192.168.1.196/30 192.168.1.198
100
0i
*> 192.168.1.204/30 0.0.0.0
32768 i

* i192.168.1.208/30 192.168.1.221
100
0i

>i192.168.1.220/30 192.168.1.198
100
0i

* i192.168.1.224/30 192.168.1.221
100
0i

*> 192.168.50.0
400 i

192.168.1.205

*> 192.168.75.0
400 i

192.168.1.205

* i192.168.100.0
0 200 i

192.168.1.225

100

* i192.168.200.0
0 200 i

192.168.1.225

100

* i192.168.250.0
0 300 i

192.168.1.210

100

Bt g ta xt ti ng b gia BGP v IGP

Trc ht ta xem bng nh tuyn ca R3 trc khi
ng b

R3#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA
external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia
- IS-IS inter area
* - candidate default, U - per-user static route, o
- ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.75.0/24 [200/0] via 192.168.1.205,

00:01:27
B 192.168.200.0/24 [200/0] via 192.168.1.225,
00:03:03
B 192.168.250.0/24 [200/0] via 192.168.1.210,
00:14:01
B 192.168.50.0/24 [200/0] via 192.168.1.205,
00:01:27
192.168.1.0/30 is subnetted, 5 subnets
B
192.168.1.224 [200/0] via 192.168.1.221,
00:03:22
B
192.168.1.204 [200/0] via 192.168.1.197,
00:01:59
C

192.168.1.196 is directly connected, Serial0/1

192.168.1.220 is directly connected, Serial0/0

B
192.168.1.208 [200/0] via 192.168.1.221,
00:14:03
B 192.168.100.0/24 [200/0] via 192.168.1.225,
00:03:04

Tip theo ta s cu hnh trn R3 v R4 nh sau

R3(config)#routrer bgp 100
R3(config-router)#synchronization

R4(config)#routrer bgp 100

R4(config-router)#redistribute bgp 100 subnets

R3#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA
external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia
- IS-IS inter area
* - candidate default, U - per-user static route, o
- ODR
P - periodic downloaded static route

Gateway of last resort is not set

O E2 192.168.75.0/24 [110/1] via 192.168.1.197,

00:02:25, Serial0/1
O E2 192.168.50.0/24 [110/1] via 192.168.1.197,
00:02:25, Serial0/1
192.168.1.0/30 is subnetted, 3 subnets
O E2 192.168.1.204 [110/1] via 192.168.1.197,
00:02:25, Serial0/1
C

192.168.1.196 is directly connected, Serial0/1

192.168.1.220 is directly connected, Serial0/0

R2(config)#routrer bgp 100

R2(config-router)#redistribute bgp 100 subnets

R3#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA
external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia
- IS-IS inter area
* - candidate default, U - per-user static route, o
- ODR
P - periodic downloaded static route

Gateway of last resort is not set

O E2 192.168.75.0/24 [110/1] via 192.168.1.197,

00:00:07, Serial0/1
O E2 192.168.200.0/24 [110/1] via 192.168.1.221,
00:00:07, Serial0/0
O E2 192.168.250.0/24 [110/1] via 192.168.1.221,

00:00:07, Serial0/0
O E2 192.168.50.0/24 [110/1] via 192.168.1.197,
00:00:07, Serial0/1
192.168.1.0/30 is subnetted, 5 subnets
O E2 192.168.1.224 [110/1] via 192.168.1.221,
00:00:07, Serial0/0
O E2 192.168.1.204 [110/1] via 192.168.1.197,
00:00:07, Serial0/1
C

192.168.1.196 is directly connected, Serial0/1

192.168.1.220 is directly connected, Serial0/0

O E2 192.168.1.208 [110/1] via 192.168.1.221,

00:00:08, Serial0/0
O E2 192.168.100.0/24 [110/1] via 192.168.1.221,
00:00:08, Serial0/0

Tng t th i vi R4 th bng nh tuyn ca n

trc v sau khi s dng lnh synchronization nh sau
R4#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B
- BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA
external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia
- IS-IS inter area
* - candidate default, U - per-user static route, o
- ODR

P - periodic downloaded static route

Gateway of last resort is not set

B 192.168.75.0/24 [20/0] via 192.168.1.205,

00:34:47
B 192.168.50.0/24 [20/0] via 192.168.1.205,
00:34:47
192.168.1.0/30 is subnetted, 3 subnets
C
192.168.1.204 is directly connected,
Ethernet0/0
C

192.168.1.196 is directly connected, Serial0/1

O
192.168.1.220 [110/128] via 192.168.1.198,
00:04:31, Serial0/1

R4# show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B
- BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA
external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia
- IS-IS inter area
* - candidate default, U - per-user static route, o
- ODR

P - periodic downloaded static route

Gateway of last resort is not set

B 192.168.75.0/24 [20/0] via 192.168.1.205,

00:10:40
O E2 192.168.10.0/24 [110/1] via 192.168.1.198,
00:01:47, Serial0/1
O E2 192.168.11.0/24 [110/1] via 192.168.1.198,
00:01:47, Serial0/1
O E2 192.168.200.0/24 [110/1] via 192.168.1.198,
00:06:10, Serial0/1
O E2 192.168.250.0/24 [110/1] via 192.168.1.198,
00:06:10, Serial0/1
B 192.168.50.0/24 [20/0] via 192.168.1.205,
00:10:40
192.168.1.0/30 is subnetted, 5 subnets
O E2 192.168.1.224 [110/1] via 192.168.1.198,
00:06:10, Serial0/1
C
192.168.1.204 is directly connected,
Ethernet0/0
C

192.168.1.196 is directly connected, Serial0/1

O
192.168.1.220 [110/128] via 192.168.1.198,
00:06:11, Serial0/1
O E2 192.168.1.208 [110/1] via 192.168.1.198,
00:06:11, Serial0/1
O E2 192.168.100.0/24 [110/1] via 192.168.1.198,
00:06:11, Serial0/1

Tip theo ta s b OSPF v s dng static route d

BGP thit lp quan h lng ging gia R2, v R4,

nhng trc ht ta phi cu hnh R3 no syn gia BGP

v IGP

R3(config)#routrer bgp 100

R3(config-router)#no synchronization

Sau ta cu hnh nh tuyn tnh th cng cho kt

qu tng t nh trn

R2(config)#ip route 192.168.1.197 255.255.255.252

192.168.1.222
R4(config)#ip route 192.168.1.220 255.255.255.252
192.168.1.198

R4#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B
- BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA
external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia
- IS-IS inter area
* - candidate default, U - per-user static route, o
- ODR
P - periodic downloaded static route

Gateway of last resort is not set

B 192.168.75.0/24 [20/0] via 192.168.1.205,

00:00:07
B 192.168.10.0/24 [200/0] via 192.168.1.221,
00:00:07
B 192.168.11.0/24 [200/0] via 192.168.1.221,
00:00:07
B 192.168.200.0/24 [200/0] via 192.168.1.221,
00:00:07
B 192.168.250.0/24 [200/0] via 192.168.1.221,
00:00:07
B 192.168.50.0/24 [20/0] via 192.168.1.205,
00:00:07
192.168.1.0/30 is subnetted, 3 subnets
C
192.168.1.204 is directly connected,
Ethernet0/0
C

192.168.1.196 is directly connected, Serial0/1

192.168.1.220 [1/0] via 192.168.1.198

B 192.168.100.0/24 [200/0] via 192.168.1.221,

00:00:08

R2#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA

external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia
- IS-IS inter area
* - candidate default, U - per-user static route, o
- ODR
P - periodic downloaded static route

Gateway of last resort is not set

B 192.168.75.0/24 [200/0] via 192.168.1.197,

00:00:42
B 192.168.10.0/24 [20/0] via 192.168.1.225,
00:03:52
B 192.168.11.0/24 [20/0] via 192.168.1.225,
00:03:52
B 192.168.200.0/24 [20/0] via 192.168.1.225,
00:03:52
B 192.168.250.0/24 [20/0] via 192.168.1.210,
00:03:55
B 192.168.50.0/24 [200/0] via 192.168.1.197,
00:00:42
192.168.1.0/30 is subnetted, 4 subnets
C

192.168.1.224 is directly connected, Ethernet0

192.168.1.196 [1/0] via 192.168.1.222

192.168.1.220 is directly connected, Serial0

192.168.1.208 is directly connected, Serial1

B 192.168.100.0/24 [20/0] via 192.168.1.225,

00:03:54

Cu hnh cho s 2(cu hnh v aggregation)

u tin ta s cu hnh cho R1 v R2 u

qung b mng tm tt 192.168.192.0/21 qua AS 200
R1#show runn
Building configuration...

Current configuration : 1432 bytes

!

version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
logging queue-limit 100
!
memory-size iomem 10
ip subnet-zero
!
!
no ip domain lookup
!
mpls ldp logging neighbor-changes
!
!
!
!
!
!
!
no voice hpi capture buffer

no voice hpi capture destination

!
!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
ip address 192.168.192.1 255.255.255.0
!
interface Loopback1
ip address 192.168.193.1 255.255.255.0
!
interface Loopback2
ip address 192.168.194.1 255.255.255.0
!
interface Loopback3
ip address 192.168.195.1 255.255.255.0
!
interface Ethernet0/0
ip address 192.168.1.201 255.255.255.252
half-duplex
!

interface Serial0/0
ip address 192.168.1.254 255.255.255.252
clockrate 64000
!
router eigrp 1
passive-interface Serial0/0
network 192.168.1.0
network 192.168.192.0
network 192.168.193.0
network 192.168.194.0
network 192.168.195.0
no auto-summary
!
router bgp 100
no synchronization
bgp log-neighbor-changes
aggregate-address 192.168.192.0 255.255.248.0
redistribute eigrp 1
neighbor 192.168.1.202 remote-as 100
neighbor 192.168.1.202 next-hop-self
neighbor 192.168.1.253 remote-as 200
no auto-summary
!
no ip http server

ip classless
!
!
!
!
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
password cisco
login
!
!
end

R2#show runn
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R2
!
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
process-max-time 200

!
interface Ethernet0
ip address 192.168.1.238 255.255.255.252
no ip directed-broadcast
!
interface Serial0
ip address 192.168.1.249 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial1
ip address 192.168.1.253 255.255.255.252
no ip directed-broadcast
!
router bgp 200
neighbor 192.168.1.237 remote-as 200
neighbor 192.168.1.237 next-hop-self
neighbor 192.168.1.250 remote-as 300
neighbor 192.168.1.254 remote-as 100
!
ip classless
no ip http server
!

!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
login
!
end
R3#show runn
Building configuration...

Current configuration:
!
version 11.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R3
!
!
memory-size iomem 10
no ip domain-lookup

!
!
voice-port 1/1/0
!
voice-port 1/1/1
!
!
!
process-max-time 200
!
interface Ethernet0/0
no ip address
shutdown
!
interface Serial0/0
ip address 192.168.1.250 255.255.255.252
no ip mroute-cache
no fair-queue
clockrate 64000
!
interface Serial0/1
ip address 192.168.1.242 255.255.255.252
clockrate 64000
!

router bgp 300

no synchronization
neighbor 192.168.1.241 remote-as 200
neighbor 192.168.1.249 remote-as 200
!
ip classless
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
no scheduler allocate
end

R3#show runn
Building configuration...

Current configuration:
!
version 11.3

service timestamps debug uptime

service timestamps log uptime
no service password-encryption
!
hostname R3
!
!
memory-size iomem 10
no ip domain-lookup
!
!
voice-port 1/1/0
!
voice-port 1/1/1
!
!
!
process-max-time 200
!
interface Ethernet0/0
no ip address
shutdown
!
interface Serial0/0

ip address 192.168.1.250 255.255.255.252

no ip mroute-cache
no fair-queue
clockrate 64000
!
interface Serial0/1
ip address 192.168.1.242 255.255.255.252
clockrate 64000
!
router bgp 300
no synchronization
neighbor 192.168.1.241 remote-as 200
neighbor 192.168.1.249 remote-as 200
!
ip classless
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!

no scheduler allocate
end

R4#show runn
Building configuration...

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R4
!
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!
!

!
!
interface Ethernet0
ip address 192.168.1.237 255.255.255.252
interface Serial0
ip address 192.168.1.246 255.255.255.252
no fair-queue
!
interface Serial1
ip address 192.168.1.241 255.255.255.252
!
router bgp 200
neighbor 192.168.1.238 remote-as 200
neighbor 192.168.1.238 next-hop-self
neighbor 192.168.1.242 remote-as 300
neighbor 192.168.1.245 remote-as 100
!
ip classless
no ip http server
!
!
line con 0
logging synchronous
transport input none

line aux 0
line vty 0 4line vty 0 4
login
!
end

R5#show runn
Building configuration...

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R5

!
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 192.168.196.1 255.255.255.0
interface Loopback1
ip address 192.168.197.1 255.255.255.0
!
interface Loopback2
ip address 192.168.198.1 255.255.255.0
!
interface Loopback3
ip address 192.168.199.1 255.255.255.0
!
interface Ethernet0

ip address 192.168.1.202 255.255.255.252

!
interface Serial0
no ip address
shutdown
no fair-queue
!
interface Serial1
ip address 192.168.1.245 255.255.255.252
clockrate 64000
!
router eigrp 1
network 192.168.1.0
network 192.168.196.0
network 192.168.197.0
network 192.168.198.0
network 192.168.199.0
no auto-summary
no eigrp log-neighbor-changes
!
router bgp 100
no synchronization
redistribute eigrp 100
neighbor 192.168.1.201 remote-as 100

neighbor 192.168.1.201 next-hop-self

neighbor 192.168.1.246 remote-as 200
!
ip classless
no ip http server
!
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
login
!
end

R3#show ip bgp
BGP table version is 58, local router ID is
192.168.1.250
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Path

Next Hop

Metric LocPrf Weight

*> 192.168.1.200/30 192.168.1.241

200 100 ?
*
100 ?

192.168.1.249

0 200

*> 192.168.1.244/30 192.168.1.241

200 100 ?
*
100 ?

192.168.1.249

0 200

*> 192.168.1.252/30 192.168.1.241

200 100 ?
*
100 ?

192.168.1.249

*> 192.168.192.0
200 100 ?
*
100 ?

192.168.1.249

*
100 ?

0 200

192.168.1.241

0 200

192.168.1.241

192.168.1.249

*> 192.168.195.0
200 100 ?
*

0 200 100 i

192.168.1.249

*> 192.168.194.0
200 100 ?

0 200

192.168.1.249

*> 192.168.193.0
200 100 ?
*
100 ?

0 200

192.168.1.241

*> 192.168.192.0/21
192.168.1.241
*
100 i

0 200

192.168.1.241

192.168.1.249

0 200

100 ?
*> 192.168.196.0
200 100 ?
*
100 ?
Network
Weight Path

Metric LocPrf

192.168.1.241

192.168.1.249

0 200

192.168.1.241

192.168.1.249

*> 192.168.199.0
200 100 ?
*
100 ?

0 200

Next Hop

*> 192.168.198.0
200 100 ?
*
100 ?

192.168.1.249

*> 192.168.197.0
200 100 ?
*
100 ?

192.168.1.241

0 200

192.168.1.241

192.168.1.249

0 200

R2#show ip bgp
BGP table version is 43, local router ID is
192.168.1.253
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

Metric LocPrf

* i192.168.1.200/30 192.168.1.237
0 100 ?

100

*>
100 ?

192.168.1.254

* i192.168.1.244/30 192.168.1.237
0 100 ?
*>
100 ?

192.168.1.254

100

2195456

* i192.168.1.252/30 192.168.1.237
0 100 ?
*>
100 ?

192.168.1.254

* i192.168.192.0
0 100 ?
*>
100 ?

100

192.168.1.237

192.168.1.254

100

* i192.168.192.0/21 192.168.1.237
100
0 100 i
*>
i

192.168.1.254

* i192.168.193.0
0 100 ?
*>
100 ?

*>
100 ?

* i192.168.196.0
0 100 ?
*>

100

192.168.1.237

192.168.1.254

100

192.168.1.237

192.168.1.254

0 100

100

192.168.1.237

192.168.1.254

* i192.168.195.0
0 100 ?
*>
100 ?

192.168.1.237

192.168.1.254

* i192.168.194.0
0 100 ?

100

409600

100 ?
Network
Path

Next Hop

* i192.168.197.0
0 100 ?
*>
100 ?

100

409600

192.168.1.237

192.168.1.254

* i192.168.199.0
0 100 ?
*>
100 ?

192.168.1.237

192.168.1.254

* i192.168.198.0
0 100 ?
*>
100 ?

Metric LocPrf Weight

100

409600

192.168.1.237

192.168.1.254

100

409600

Tip theo th ta ch cho php R5 qung b route tm

tt thi cn tt c cc route thuc route tm tt ny s
khng c qung co i cho AS khc, v ta c cu
hnh :

R5(config-router)#aggregate-address 192.168.192.0
255.255.248.0 summary-only

Trn R5 ta thy cc route thuc mng tm tt

192.168.192.0/21 u b suppress tc n s khng
oc qung co i cho AS 200
R5#show ip bgp
BGP table version is 23, local router ID is
192.168.199.1
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal

Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

Metric LocPrf

*>i192.168.1.200/30 192.168.1.201
100
0?

*>i192.168.1.244/30 192.168.1.201
100
0?

2195456

*>i192.168.1.252/30 192.168.1.201
100
0?

s>i192.168.192.0
0?

192.168.1.201

100

100

0i

*> 192.168.192.0/21 0.0.0.0

32768 i
*i

192.168.1.201

s>i192.168.193.0
0?

192.168.1.201

100

s>i192.168.194.0
0?

192.168.1.201

100

s>i192.168.195.0
0?

192.168.1.201

100

s>i192.168.196.0
100
0?

192.168.1.201

409600

s>i192.168.197.0
100
0?

192.168.1.201

409600

s>i192.168.198.0
100
0?

192.168.1.201

409600

s>i192.168.199.0
100
0?

192.168.1.201

409600

V ta thy trn R3 bng route ca BGP by gi i vi

cc mng 192.168.192.0/24 cho n

192.168.199.0/24 u ch c mt ng i n AS
100.

R3#show ip bgp
BGP table version is 129, local router ID is
192.168.1.250
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Path

Next Hop

Metric LocPrf Weight

*> 192.168.1.200/30 192.168.1.241

200 100 ?
*
100 ?

192.168.1.249

0 200

*> 192.168.1.244/30 192.168.1.241

200 100 ?
*
100 ?

192.168.1.249

0 200

*> 192.168.1.252/30 192.168.1.241

200 100 ?
*
100 ?

192.168.1.249

*> 192.168.192.0
200 100 ?

0 200

192.168.1.249

*> 192.168.192.0/21 192.168.1.241

200 100 i
*
100 i

192.168.1.249

*> 192.168.193.0

192.168.1.249

0 200

200 100 ?
*> 192.168.194.0
200 100 ?

192.168.1.249

*> 192.168.195.0
200 100 ?

192.168.1.249

*> 192.168.196.0
200 100 ?

192.168.1.249

*> 192.168.197.0
200 100 ?

192.168.1.249

*> 192.168.198.0
200 100 ?

192.168.1.249

*> 192.168.199.0
200 100 ?

192.168.1.249

Tip theo ta s s dng aggregate route vi qung co

nhng route c bit thi. Ta s s dng COMMUNITY

Ta s cu hnh cho R1, v R5 qung b cho cc router

trong AS 200 bit l ch c route 192.168.192.0/21
mi c qung co ra cho AS khc cn cc route cn
lai th khng.
y ta s dng lnh
access-list 101 permit ip host 192.168.192.0 host
255.255.248.0

Lnh ny ch ra l n ch cho php duy nht mng

192.168.192.0/21 che khng cho php cc mng
thuc tm tt route ny

R5#show runn
Building configuration...

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R5
!
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0

ip address 192.168.196.1 255.255.255.0

interface Loopback1
ip address 192.168.197.1 255.255.255.0
!
interface Loopback2
ip address 192.168.198.1 255.255.255.0
!
interface Loopback3
ip address 192.168.199.1 255.255.255.0
!
interface Ethernet0
ip address 192.168.1.202 255.255.255.252
!
interface Serial0
ip address 192.168.1.245 255.255.255.252
no fair-queue
clockrate 64000
!
interface Serial1
no ip address
clockrate 64000
!
router eigrp 1
passive-interface Serial1

network 192.168.1.0
network 192.168.196.0
network 192.168.197.0
network 192.168.198.0
network 192.168.199.0
no auto-summary
no eigrp log-neighbor-changes
!
router bgp 100
no synchronization
aggregate-address 192.168.192.0 255.255.248.0
redistribute eigrp 1
neighbor 192.168.1.201 remote-as 100
neighbor 192.168.1.201 next-hop-self
neighbor 192.168.1.246 remote-as 200
neighbor 192.168.1.246 send-community
neighbor 192.168.1.246 route-map COMMUNITY out
!
ip classless
no ip http server
!
access-list 101 permit ip host 192.168.192.0 host
255.255.248.0
route-map COMMUNITY permit 1

match ip address 101

set community none
!
route-map COMMUNITY permit 10
set community no-export
!
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
login
!
end
.
R1#show runn
Building configuration...

Current configuration : 1775 bytes

!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec

no service password-encryption
!
hostname R1
!
logging queue-limit 100
!
memory-size iomem 10
ip subnet-zero
!
!
no ip domain lookup
!
mpls ldp logging neighbor-changes
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!

!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
ip address 192.168.192.1 255.255.255.0
!
interface Loopback1
ip address 192.168.193.1 255.255.255.0
!
interface Loopback2
ip address 192.168.194.1 255.255.255.0
!
interface Loopback3
ip address 192.168.195.1 255.255.255.0
!
interface Ethernet0/0
ip address 192.168.1.201 255.255.255.252
half-duplex
!
interface Serial0/0
ip address 192.168.1.254 255.255.255.252

clockrate 64000
!
router eigrp 1
passive-interface Serial0/0
network 192.168.1.0
network 192.168.192.0
network 192.168.193.0
network 192.168.194.0
network 192.168.195.0
no auto-summary
!
router bgp 100
no synchronization
bgp log-neighbor-changes
aggregate-address 192.168.192.0 255.255.248.0
redistribute eigrp 1
neighbor 192.168.1.202 remote-as 100
neighbor 192.168.1.202 next-hop-self
neighbor 192.168.1.253 remote-as 200
neighbor 192.168.1.253 send-community
neighbor 192.168.1.253 route-map COMMUNITY out
no auto-summary
!
no ip http server

ip classless
!
!
!
access-list 101 permit ip host 192.168.192.0 host
255.255.248.0
!

route-map COMMUNITY permit 1

match ip address 101
set community none
!
route-map COMMUNITY permit 10
set community no-export
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!

!
line con 0
logging synchronous
line aux 0
line vty 0 4
password cisco
login
!
!
end

Kt qu l trn cc router thuc AS 200 th tt c cc

route u nhn c bnh thng tuy nhin th khi cc
router trong AS 200 ny cp nht route cho AS 300 th
n ch qung co mng 192.168.192.0/21 thi.
Ta xem kt qu trn R2 thuc AS 200 v R3 thuc AS
300
R2#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA
external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia
- IS-IS inter area
* - candidate default, U - per-user static route, o

- ODR
P - periodic downloaded static route

Gateway of last resort is not set

B 192.168.192.0/24 [20/0] via 192.168.1.254,

00:03:36
B 192.168.193.0/24 [20/0] via 192.168.1.254,
00:03:36
B 192.168.194.0/24 [20/0] via 192.168.1.254,
00:03:36
B 192.168.195.0/24 [20/0] via 192.168.1.254,
00:03:36
B 192.168.196.0/24 [20/409600] via
192.168.1.254, 00:03:36
B 192.168.197.0/24 [20/409600] via
192.168.1.254, 00:03:36
B 192.168.198.0/24 [20/409600] via
192.168.1.254, 00:03:36
B 192.168.199.0/24 [20/409600] via
192.168.1.254, 00:03:36
192.168.1.0/24 is variably subnetted, 6 subnets, 2
masks
B
192.168.1.0/24 [20/0] via 192.168.1.254,
00:03:36
C
192.168.1.236/30 is directly connected,
Ethernet0
C

192.168.1.248/30 is directly connected, Serial0

192.168.1.252/30 is directly connected, Serial1

192.168.1.244/30 [20/2195456] via

192.168.1.254, 00:03:37
B
192.168.1.200/30 [20/0] via 192.168.1.254,
00:03:37
B 192.168.192.0/21 [20/0] via 192.168.1.254,
00:03:37
R2#show ip bgp
BGP table version is 124, local router ID is
192.168.1.253
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

*> 192.168.1.0
100 ?
*i
?

Metric LocPrf

192.168.1.254

192.168.1.237

100

* i192.168.1.200/30 192.168.1.237
0 100 ?
*>
100 ?

192.168.1.254

100

* i192.168.1.244/30 192.168.1.237
0 100 ?
*>
100 ?

192.168.1.254

100

2195456

* i192.168.1.252/30 192.168.1.237
0 100 ?
*>
100 ?

192.168.1.254

*> 192.168.192.0

0 100

192.168.1.254

100

0 100 ?
*i
100 ?

192.168.1.237

409600

100

*> 192.168.192.0/21 192.168.1.254

0 100 i
*i
i

*i
100 ?

*i
100 ?
Network
Path

409600

Next Hop

100

409600

192.168.1.254

192.168.1.237

0 100

192.168.1.254

192.168.1.237

*> 192.168.195.0
0 100 ?

100

192.168.1.254

192.168.1.237

*> 192.168.194.0
0 100 ?
*i
100 ?

192.168.1.237

*> 192.168.193.0
0 100 ?

100

409600

100

Metric LocPrf Weight

*> 192.168.196.0 192.168.1.254

409600
0 100 ?
*i
?

192.168.1.237

100

0 100

100

0 100

100

0 100

*> 192.168.197.0 192.168.1.254

409600
0 100 ?
*i
?

192.168.1.237

*> 192.168.198.0 192.168.1.254

409600
0 100 ?
*i

192.168.1.237

?
*> 192.168.199.0 192.168.1.254
409600
0 100 ?
*i
?

192.168.1.237

100

0 100

R3#show ip bgp
BGP table version is 41, local router ID is
192.168.1.250
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Path

Next Hop

Metric LocPrf Weight

*> 192.168.192.0/21 192.168.1.241

200 100 i

R3#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA
external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * candidate default

U - per-user static route, o - ODR

Gateway of last resort is not set

192.168.1.0/30 is subnetted, 2 subnets

C

192.168.1.248 is directly connected, Serial0/0

192.168.1.240 is directly connected, Serial0/1

B 192.168.192.0/21 [20/0] via 192.168.1.241,

00:04:11

By gi ta s s dng ip prefix-list thay cho accesslist kt qu s ging nh trng hp trn ta xem cu

hnh trn R1 nh sau

R1#show run
Building configuration...

Current configuration : 1846 bytes

!

version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
logging queue-limit 100
!
memory-size iomem 10
ip subnet-zero
!
!
no ip domain lookup
!
mpls ldp logging neighbor-changes
!
!
!
!
!
!
!
!

no voice hpi capture buffer

no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
ip address 192.168.192.1 255.255.255.0
!
interface Loopback1
ip address 192.168.193.1 255.255.255.0
!
interface Loopback2
ip address 192.168.194.1 255.255.255.0
!
interface Loopback3
ip address 192.168.195.1 255.255.255.0
!
interface Ethernet0/0
ip address 192.168.1.201 255.255.255.252
half-duplex

!
interface Serial0/0
ip address 192.168.1.254 255.255.255.252
clockrate 64000
!
router eigrp 1
passive-interface Serial0/0
network 192.168.1.0
network 192.168.192.0
network 192.168.193.0
network 192.168.194.0
network 192.168.195.0
no auto-summary
!
router bgp 100
no synchronization
bgp log-neighbor-changes
aggregate-address 192.168.192.0 255.255.248.0
redistribute eigrp 1
neighbor 192.168.1.202 remote-as 100
neighbor 192.168.1.202 next-hop-self
neighbor 192.168.1.253 remote-as 200
neighbor 192.168.1.253 send-community
neighbor 192.168.1.253 route-map COMMUNITY out

no auto-summary
!
no ip http server
ip classless
!
!
!
ip prefix-list summary seq 1 permit
192.168.192.0/21
!
access-list 101 permit ip host 192.168.192.0 host
255.255.248.0
!
route-map COMMUNITY permit 1
match ip address prefix-list summary
set community none
!
route-map COMMUNITY permit 10
set community no-export
!
!
call rsvp-sync
!
!
mgcp profile default

!
dial-peer cor custom
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
password cisco
login
!
!
end

Tip theo ta s s dng suppress-map trong

aggregate route
Cc route nm trong route map u b nh giu l
ch s
Tc n s khng c qung b ra AS bn ngoi
Ta s cu hnh cho R1 ch cho php qung co route
192.168.192.0 ,192.168.193.0,192.168.194.0 cn tt
c cc route cn li u b suppress khng c qung
co ra bn ngoi
Tng t i vi R5 ch c qung co mng
192.168.196.0, 192.168.197.0,192.168.198.0

Cn route 192.168.195.0 v 192.168.199.0 s khng

c qung co ra bn ngoi bi cc router trong AS
100
R1#show runn
Building configuration...

Current configuration : 1946 bytes

!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
logging queue-limit 100
!
memory-size iomem 10
ip subnet-zero
!
!
no ip domain lookup
!
mpls ldp logging neighbor-changes
!

!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
ip address 192.168.192.1 255.255.255.0
!
interface Loopback1
ip address 192.168.193.1 255.255.255.0
!
interface Loopback2
ip address 192.168.194.1 255.255.255.0

!
interface Loopback3
ip address 192.168.195.1 255.255.255.0
!
interface Ethernet0/0
ip address 192.168.1.201 255.255.255.252
half-duplex
!
interface Serial0/0
ip address 192.168.1.254 255.255.255.252
clockrate 64000
!
router eigrp 1
passive-interface Serial0/0
network 192.168.1.0
network 192.168.192.0
network 192.168.193.0
network 192.168.194.0
network 192.168.195.0
no auto-summary
!
router bgp 100
no synchronization
bgp log-neighbor-changes

aggregate-address 192.168.192.0 255.255.248.0

suppress-map suppress
redistribute eigrp 1
neighbor 192.168.1.202 remote-as 100
neighbor 192.168.1.202 next-hop-self
neighbor 192.168.1.253 remote-as 200
neighbor 192.168.1.253 send-community
neighbor 192.168.1.253 route-map COMMUNITY out
no auto-summary
!
no ip http server
ip classless
!
!
!
ip prefix-list summary seq 1 permit 192.168.192.0/21
!
access-list 1 permit 192.168.196.0 0.0.3.255
access-list 1 permit 192.168.195.0 0.0.0.255
access-list 101 permit ip host 192.168.192.0 host
255.255.248.0
!
route-map suppress permit 1
match ip address 1
!

route-map COMMUNITY permit 1

match ip address prefix-list summary
set community none
!
route-map COMMUNITY permit 10
set community no-export
!
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
password cisco
login

!
!
end

R5#show runn
Building configuration...

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R5
!
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!

!
!
!
interface Loopback0
ip address 192.168.196.1 255.255.255.0
interface Loopback1
ip address 192.168.197.1 255.255.255.0
!
interface Loopback2
ip address 192.168.198.1 255.255.255.0
!
interface Loopback3
ip address 192.168.199.1 255.255.255.0
!
interface Ethernet0
ip address 192.168.1.202 255.255.255.252
!
interface Serial0
ip address 192.168.1.245 255.255.255.252
no fair-queue
clockrate 64000
!
interface Serial1
no ip address

clockrate 64000
!
router eigrp 1
passive-interface Serial1
network 192.168.1.0
network 192.168.196.0
network 192.168.197.0
network 192.168.198.0
network 192.168.199.0
no auto-summary
no eigrp log-neighbor-changes
!
router bgp 100
no synchronization
aggregate-address 192.168.192.0 255.255.248.0
suppress-map suppress
redistribute eigrp 1
neighbor 192.168.1.201 remote-as 100
neighbor 192.168.1.201 next-hop-self
neighbor 192.168.1.246 remote-as 200
neighbor 192.168.1.246 send-community
neighbor 192.168.1.246 route-map COMMUNITY out
!
ip classless

no ip http server
!
!
ip prefix-list summary seq 1 permit 192.168.192.0/21
access-list 1 permit 192.168.192.0 0.0.3.255
access-list 1 permit 192.168.199.0 0.0.0.255
access-list 101 permit ip host 192.168.192.0 host
255.255.248.0
route-map suppress permit 1
match ip address 1
!
route-map COMMUNITY permit 1
match ip address prefix-list summary
set community none
!
route-map COMMUNITY permit 10
set community no-export
!
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4

login
!
end

Ta thy ch nhng route 192,193,194,195,199 bi

suppress trong R5 by gi ta s xem bng route ca
R5 c ch s
R5#show ip bgp
BGP table version is 25, local router ID is
192.168.199.1
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

*> 192.168.1.0
?

Metric LocPrf

0.0.0.0

32768

*>i192.168.1.200/30 192.168.1.201
100 0 ?

*>i192.168.1.244/30 192.168.1.201
100 0 ?

2195456

*>i192.168.1.252/30 192.168.1.201
100 0 ?

s> 192.168.192.0
32768
?
si

192.168.1.201

192.168.1.201

409600

100

*> 192.168.192.0/21 0.0.0.0

32768
i
*i

192.168.1.201

s> 192.168.193.0
32768 ?
si

si

192.168.1.201

192.168.1.201

s> 192.168.194.0
32768 ?

0 i

409600

192.168.1.201

192.168.1.201

100

100

0 ?

409600

100

s> 192.168.195.0
32768
?

192.168.1.201

409600

*> 192.168.196.0
32768
?

0.0.0.0

*> 192.168.197.0
32768
?

0.0.0.0

*> 192.168.198.0
32768
?

0.0.0.0

s> 192.168.199.0
?

0.0.0.0

0 ?

32768

Ta xem bng route ca R2 ta thy 192,193,194

ch c mt route i theo ng c next hop
192.168.1.254
V ta 196,197,198 ch c mt route i theo
ng c next hop l 192.168.1.237
Cn R4 cng tng t
R2#show ip bgp
BGP table version is 11, local router ID is
192.168.1.253
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal

Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

*> 192.168.1.0
100 ?
*i
?

Metric LocPrf

192.168.1.254

192.168.1.237

100

* i192.168.1.200/30 192.168.1.237
0 100 ?
*>
100 ?

192.168.1.254

100

* i192.168.1.244/30 192.168.1.237
0 100 ?
*>
100 ?

192.168.1.254

100

2195456

* i192.168.1.252/30 192.168.1.237
0 100 ?
*>
100 ?

192.168.1.254

*> 192.168.192.0
0 100 ?

100

192.168.1.254

* i192.168.192.0/21 192.168.1.237
0 100 i
*>
i

192.168.1.254

100

0 100

*> 192.168.193.0
0 100 ?

192.168.1.254

*> 192.168.194.0
0 100 ?

192.168.1.254

* i192.168.196.0
0 100 ?

0 100

192.168.1.237

100

* i192.168.197.0
0 100 ?

192.168.1.237

100

* i192.168.198.0
0 100 ?

192.168.1.237

100

R4# show ip bgp

BGP table version is 179, local router ID is
192.168.1.246
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

* i192.168.1.0
100 ?
*>
100 ?

Metric LocPrf

192.168.1.238

192.168.1.245

100

*> 192.168.1.200/30 192.168.1.245

0 100 ?
*i
?

192.168.1.238

100

0 100

*> 192.168.1.244/30 192.168.1.245

0 100 ?
*i
100 ?

192.168.1.238

2195456

100

*> 192.168.1.252/30 192.168.1.245

0 100 ?
*i
?

192.168.1.238

* i192.168.192.0

192.168.1.238

100

0 100

100

0 100 ?
*> 192.168.192.0/21 192.168.1.245
0 100 i
*i
i

192.168.1.238

100

0 100

* i192.168.193.0
0 100 ?

192.168.1.238

100

* i192.168.194.0
0 100 ?

192.168.1.238

100

*> 192.168.196.0
0 100 ?

192.168.1.245

*> 192.168.197.0
0 100 ?

192.168.1.245

*> 192.168.198.0
0 100 ?

192.168.1.245

Do ta thit lp community no-export cho cc route

c qung b i nn trn R3 s khng c cc route
ny m ch c route tm tt do lnh aggregation

R3#show ip bgp
BGP table version is 52, local router ID is
192.168.1.250
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Path

Next Hop

Metric LocPrf Weight

*> 192.168.192.0/21 192.168.1.241

200 100 i
*
100 i

192.168.1.249

0 200

3. Cu hnh cho s 3(cu hnh v Local

Preference, MED, backdoor)

Ta s cu hnh Local Preference trc

Ta cu hnh cho R5 v R6 thuc AS 30
chn cc route i n AS 50 v AS 75. i vi cc
route i n AS 50 th ta s cho i theo ng qua
R5 v cc route n AS 75 th ta s cho i theo ng
R6
Ta s dng cu hnh nh sau: i vi R5 th
cc route i n AS 50 th c thit lp Local
Preference l 200 cn cc route cn li th c gi tr
mc nh l 100 do d router s chn route c Local

Preference cao hn
Tng t th trn R6 ta s thit lp cc
route i n AS 75 c Local Prefrnc l 400, cc route
cn li l 100
R1#show run
Building configuration...

Current configuration:
!
version 11.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R1
!
!
memory-size iomem 10
no ip domain-lookup
!
!
!
!
process-max-time 200
!

interface Loopback0
ip address 10.20.0.1 255.255.0.0
!
interface Loopback1
ip address 172.17.0.1 255.255.0.0
!
interface Loopback2
no ip address
!
interface Loopback3
ip address 192.168.50.1 255.255.255.0
!
interface Ethernet0/0
ip address 10.10.10.1 255.255.255.248
!
interface Serial0/0
ip address 192.168.11.1 255.255.255.0
no ip mroute-cache
no fair-queue
!
router rip
network 10.0.0.0
network 172.17.0.0
network 172.29.0.0

network 192.168.50.0
!
router bgp 50
redistribute rip
neighbor 10.10.10.2 remote-as 75
neighbor 10.10.10.3 remote-as 100
neighbor 10.10.10.4 remote-as 100
ip classless

line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
no scheduler allocate
end

R2#show runn
Building configuration...

Current configuration : 1156 bytes

!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
logging queue-limit 100
!
memory-size iomem 10
ip subnet-zero
!
!
no ip domain lookup
!
mpls ldp logging neighbor-changes
!
!
!

!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
ip address 172.18.0.1 255.255.0.0
!
interface Loopback1
ip address 192.168.75.1 255.255.255.0
!
interface Ethernet0/0
ip address 10.10.10.2 255.255.255.248
half-duplex
interface Serial0/0

ip address 192.168.11.2 255.255.255.0

clockrate 64000
no fair-queue
!
!
router rip
network 172.18.0.0
network 192.168.75.0
!
router bgp 75
synchronization
bgp log-neighbor-changes
network 172.17.0.0
redistribute rip
neighbor 10.10.10.1 remote-as 50
neighbor 10.10.10.3 remote-as 100
neighbor 10.10.10.4 remote-as 100
no auto-summary
!
ip http server
ip classless
!
!
!

!
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
!
!
end

R4#show runn
Building configuration...

Current configuration:
!
version 11.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R4
!
!
memory-size iomem 10
no ip domain-lookup
!
!
voice-port 1/1/0
!
voice-port 1/1/1
!
!
!

process-max-time 200
!
interface Ethernet0/0
ip address 10.10.10.4 255.255.255.248
!
interface Serial0/0
ip address 192.168.1.26 255.255.255.252
no ip mroute-cache
no fair-queue
!
interface Serial0/1
ip address 192.168.1.9 255.255.255.252
!
!
router bgp 100
neighbor 10.10.10.1 remote-as 50
neighbor 10.10.10.2 remote-as 75
neighbor 192.168.1.10 remote-as 30
neighbor 192.168.1.25 remote-as 100
neighbor 192.168.1.25 next-hop-self
!
ip classless
!
!

line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
no scheduler allocate
end

R5#show runn
Building configuration...

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption

!
hostname R5
!
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 192.168.2.1 255.255.255.0
interface Loopback1
ip address 192.168.100.1 255.255.255.0
!
interface Loopback2
ip address 172.29.1.1 255.255.255.0
!
interface Ethernet0
ip address 192.168.1.17 255.255.255.252

!
interface Serial0
no ip address
no fair-queue
clockrate 64000
!
interface Serial1
ip address 192.168.1.14 255.255.255.252
clockrate 64000
!
router ospf 1
log-adjacency-changes
network 172.29.1.0 0.0.0.255 area 0
network 192.168.1.16 0.0.0.3 area 0
network 192.168.2.0 0.0.0.255 area 0
network 192.168.100.0 0.0.0.255 area 0
!
router bgp 30
no synchronization
redistribute ospf 1
neighbor 192.168.1.13 remote-as 100
neighbor 192.168.1.13 route-map PREF in
neighbor 192.168.1.13 filter-list 1 out
neighbor 192.168.1.18 remote-as 30

neighbor 192.168.1.18 next-hop-self

!
ip classless
no ip http server
ip as-path access-list 1 permit ^$
ip as-path access-list 2 permit _50$
!
route-map PREF permit 10
match as-path 2
set local-preference 200
!
route-map PREF permit 20
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
!
end
R4#show runn
Building configuration...

Current configuration:

!
version 11.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R4
!
!
memory-size iomem 10
no ip domain-lookup
!
!
voice-port 1/1/0
!
voice-port 1/1/1
!
!
!
process-max-time 200
!
interface Ethernet0/0
ip address 10.10.10.4 255.255.255.248
!

interface Serial0/0
ip address 192.168.1.26 255.255.255.252
no ip mroute-cache
no fair-queue
!
interface Serial0/1
ip address 192.168.1.9 255.255.255.252
!
router isis
!
router bgp 100
neighbor 10.10.10.1 remote-as 50
neighbor 10.10.10.2 remote-as 75
neighbor 192.168.1.10 remote-as 30
neighbor 192.168.1.25 remote-as 100
!
ip classless
!
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4

login
!
end

R5#show run
Building configuration...

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R5
!
!
!
!

!
!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 192.168.2.1 255.255.255.0
interface Loopback1
ip address 192.168.100.1 255.255.255.0
!
interface Loopback2
ip address 172.29.1.1 255.255.255.0
!
interface Ethernet0
ip address 192.168.1.17 255.255.255.252
!
interface Serial0
no ip address
no fair-queue
clockrate 64000
!

interface Serial1
ip address 192.168.1.14 255.255.255.252
clockrate 64000
!
router ospf 1
log-adjacency-changes
network 172.29.1.0 0.0.0.255 area 0
network 192.168.1.16 0.0.0.3 area 0
network 192.168.2.0 0.0.0.255 area 0
network 192.168.100.0 0.0.0.255 area 0
!
router bgp 30
no synchronization
redistribute ospf 1
neighbor 192.168.1.13 remote-as 100
neighbor 192.168.1.13 route-map PREF in
neighbor 192.168.1.13 filter-list 1 out
neighbor 192.168.1.18 remote-as 30
neighbor 192.168.1.18 next-hop-self
!
ip classless
no ip http server
ip as-path access-list 1 permit ^$
ip as-path access-list 2 permit _50$

!
route-map PREF permit 10
match as-path 2
set local-preference 200
!
route-map PREF permit 20
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
login
!
end

R6#show run
Building configuration...

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime

no service password-encryption
!
hostname R6
!
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 10.30.0.1 255.255.0.0
interface Loopback1
ip address 172.16.0.1 255.255.0.0
!
interface Loopback2
ip address 172.31.0.1 255.255.0.0
!
interface Ethernet0

ip address 192.168.1.18 255.255.255.252

!
interface Serial0
ip address 192.168.1.10 255.255.255.252
no fair-queue
clockrate 64000
!
interface Serial1
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
network 10.30.0.0 0.0.255.255 area 0
network 172.16.0.0 0.0.255.255 area 0
network 172.31.0.0 0.0.255.255 area 0
network 192.168.1.16 0.0.0.3 area 0
!
router bgp 30
no synchronization
redistribute ospf 1
neighbor 192.168.1.9 remote-as 100
neighbor 192.168.1.9 route-map PREF in
neighbor 192.168.1.9 filter-list 1 out

neighbor 192.168.1.17 remote-as 30

neighbor 192.168.1.17 next-hop-self
!
ip classless
no ip http server
ip as-path access-list 1 permit ^$
ip as-path access-list 2 permit _75$
!
route-map PREF permit 10
match as-path 2
set local-preference 400
!
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
login
!
end

Ta xem kt qu trn R5 v R6 nh sau:

Lu : g tr Local Prefrence ch c ngha ni b v

s khng qung b ra khi AS m ch trong cng mt
AS thi.

R5#show ip bgp
BGP table version is 22, local router ID is
192.168.100.1
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

*> 10.0.0.0

0.0.0.0

*
50 ?

192.168.1.13

*i

192.168.1.18

*> 172.16.0.0
*i

* 172.18.0.0
100 75 i

32768 ?

200

0 100

100
0

100

192.168.1.13

*> 172.31.0.0

0.0.0.0

400

0.0.0.0

192.168.1.18

0?
200

192.168.1.18

*> 172.29.0.0

0?
32768 ?

192.168.1.13

*>i
75 i

*i

0.0.0.0

192.168.1.18

*> 172.17.0.0
100 50 ?

Metric LocPrf

0
0

32768 ?
100

0 100

0?
32768 ?

*i

192.168.1.18

*> 192.168.1.0
*i

0.0.0.0

*>i
75 ?

0?
32768 ?

100
0

192.168.1.18

0?
32768 ?

100

192.168.1.13

* 192.168.75.0
100 75 ?

0?
200

192.168.1.13

192.168.1.18

*> 192.168.100.0
?
*i

0.0.0.0

*> 192.168.50.0
0 100 50 ?

100
0

192.168.1.18

*> 192.168.2.0
*i

400

0.0.0.0

192.168.1.18

0 100

32768

100

0?

R6#show ip bgp
BGP table version is 21, local router ID is 172.31.0.1
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

* 10.0.0.0
50 ?

192.168.1.9

*>
*i

0.0.0.0
192.168.1.17

*> 172.16.0.0

0.0.0.0

Metric LocPrf

0 100

32768 ?
0

100
0

0?
32768 ?

*i

192.168.1.17

* 172.17.0.0
100 50 ?

192.168.1.9

*> 172.29.0.0

0.0.0.0

192.168.1.17

*> 172.31.0.0

192.168.1.17

* 192.168.50.0
100 50 ?
*>i
50 ?

32768 ?
100

0
0

100

0?
32768 ?

100
0

0?
32768 ?

0
0

0?
32768 ?

100

0?

192.168.1.9

192.168.1.17

*> 192.168.75.0
100 75 ?

192.168.1.9

*> 192.168.100.0
?

0.0.0.0

*i

0.0.0.0

192.168.1.17

0 100

400

0.0.0.0

192.168.1.17

*> 192.168.2.0
*i

200

0.0.0.0

*> 192.168.1.0
*i

0?
0

192.168.1.17

*> 172.18.0.0
100 75 i

*i

100

192.168.1.9

*>i
50 ?

*i

192.168.1.17

200

0 100

400

32768

100

0?

Gi ta cu hnh back door.

Ta s s dng RIP ch truyn thng tin gia hai AS

50, v AS 70

R1(config)#router rip
R1(config-router)#net 192.168.11.0
R2(config)#router rip
R2(config-router)#net 192.168.11.0

R1# show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA
external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * candidate default
U - per-user static route, o - ODR

Gateway of last resort is not set

192.168.75.0/24 [20/0] via 10.10.10.2, 00:44:42

172.17.0.0/16 is directly connected, Loopback1

172.16.0.0/16 [20/0] via 10.10.10.3, 00:06:45

B 172.18.0.0/16 [20/0] via 10.10.10.2,

00:45:52
B

172.29.0.0/16 [20/0] via 10.10.10.3, 00:06:45

172.31.0.0/16 [20/0] via 10.10.10.3, 00:07:15

192.168.11.0/24 is directly connected, Serial0/0

10.0.0.0/8 is variably subnetted, 2 subnets, 2

masks
C

10.10.10.0/29 is directly connected, Ethernet0/0

10.20.0.0/16 is directly connected, Loopback0

192.168.50.0/24 is directly connected, Loopback3

192.168.1.0/24 [20/0] via 10.10.10.3, 00:06:45

192.168.2.0/24 [20/0] via 10.10.10.3, 00:06:45

B 192.168.100.0/24 [20/0] via 10.10.10.3,

00:06:45

R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B
- BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA
external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia
- IS-IS inter area
* - candidate default, U - per-user static route, o
- ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.75.0/24 is directly connected, Loopback1

B 172.17.0.0/16 [20/0] via 10.10.10.1,

00:00:10
B

172.16.0.0/16 [20/0] via 10.10.10.4, 00:00:10

172.18.0.0/16 is directly connected, Loopback0

172.29.0.0/16 [20/0] via 10.10.10.4, 00:00:10

172.31.0.0/16 [20/0] via 10.10.10.3, 00:00:10

192.168.11.0/24 is directly connected, Serial0/0

10.0.0.0/8 is variably subnetted, 2 subnets, 2

masks
C

10.10.10.0/29 is directly connected, Ethernet0/0

10.0.0.0/8 [20/0] via 10.10.10.1, 00:00:11

192.168.50.0/24 [20/0] via 10.10.10.1, 00:00:11

192.168.1.0/24 [20/0] via 10.10.10.4, 00:00:11

192.168.2.0/24 [20/0] via 10.10.10.4, 00:00:11

Ta thy R1 hc mng 172.18.0.0/16 qua BGP theo

ng NAP, ch khng i theo ng backdoor,
nguyn nhn l v prefix 172.18.0.0/16 c R2 qung
co qua R1 bng EBGP c AD l 20 nh hn so vi RIP
l 120, do n s chn route theo BGP vi tag l B
Tng t nh R1 th R2 cng c route ti mng
172.17.0.0/16 thng qua BGP qua NAP ch khng i
theo ng backdoor theo RIP.

gii quyt vn ny ta c mt cch sau

i vi R1 ta s s dng lnh network trong BGP
qung co mng 172.18.0.0 thuc AS75, do
172.18.0.0 trong BGP by gi l IBGP ch khng cn
l EBGP na nn c AD l 200 ln hn AD ca RIP l
120 nn R1 s chn route ca RIP lm route ti u
n ch.

R2(config)#router bgp 75
R2(config-router)#network 172.17.0.0

R1(config)#router bgp 50
R1(config-router)#net 172.18.0.0

Ta c kt qu sau Trn R1 v R2

R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA
external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * candidate default
U - per-user static route, o - ODR

Gateway of last resort is not set

R 192.168.75.0/24 [120/1] via 192.168.11.2,

00:00:20, Serial0/0
C

172.17.0.0/16 is directly connected, Loopback1

172.16.0.0/16 [20/0] via 10.10.10.3, 00:00:32

R 172.18.0.0/16 [120/1] via 192.168.11.2,

00:00:20, Serial0/0

172.29.0.0/16 [20/0] via 10.10.10.3, 00:00:32

172.31.0.0/16 [20/0] via 10.10.10.3, 00:00:32

192.168.11.0/24 is directly connected, Serial0/0

10.0.0.0/8 is variably subnetted, 2 subnets, 2

masks
C

10.10.10.0/29 is directly connected, Ethernet0/0

10.20.0.0/16 is directly connected, Loopback0

192.168.50.0/24 is directly connected, Loopback3

192.168.1.0/24 [20/0] via 10.10.10.3, 00:00:32

192.168.2.0/24 [20/0] via 10.10.10.3, 00:00:32

B 192.168.100.0/24 [20/0] via 10.10.10.3,

00:00:32

R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B
- BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA
external type 2
E1 - OSPF external type 1, E2 - OSPF external
type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia
- IS-IS inter area
* - candidate default, U - per-user static route, o
- ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.75.0/24 is directly connected, Loopback1

R 172.17.0.0/16 [120/1] via 192.168.11.1,

00:00:24, Serial0/0
B

172.16.0.0/16 [20/0] via 10.10.10.3, 00:00:26

172.18.0.0/16 is directly connected, Loopback0

172.29.0.0/16 [20/0] via 10.10.10.3, 00:00:26

172.31.0.0/16 [20/0] via 10.10.10.3, 00:00:26

192.168.11.0/24 is directly connected, Serial0/0

10.0.0.0/8 is variably subnetted, 2 subnets, 2

masks
C

10.10.10.0/29 is directly connected, Ethernet0/0

10.0.0.0/8 [20/0] via 10.10.10.1, 00:00:27

R 192.168.50.0/24 [120/1] via 192.168.11.1,

00:00:25, Serial0/0
B

192.168.1.0/24 [20/0] via 10.10.10.3, 00:00:27

192.168.2.0/24 [20/0] via 10.10.10.3, 00:00:27

Tuy nhin khi ta s dng lnh network trong

BGP th BGP s xem n nh l ngun khi to route,
do n s qung co mng cho cc lng ging khc
vi route c origin l IGP, cn i vi route nhn c
t redistribute t AS khc c origin l incomplete, do
route c qung co bi lnh network s ti
hn so vi route ngun, Lc ny th ton b ti n
mng ni trn s i ton b sang lin kt backdoor.
gii quyt vn ny th ta s dng t
kho backdoor sau lnh network th lc ny network
ny ch c ngha ni b cho router m n s khng

qung co cho cc lng ging khc.

R2(config)#router bgp 75
R2(config-router)#net 172.17.0.0 backdoor
R1(config)#router bgp 50
R1(config-router)# net 172.18.0.0 backdoor

Tip theo th ta s cu hnh MED trn R5, R6

cho php AS 100 chn route vo trong AS 30
Ta s cu hnh cc traffic t AS 100 vo AS
30 , n net 172.31.0.0 s i theo ng R5, v
172.16.0.0 s i theo ng R6
Ta cu hnh trn R5 v R6 nh sau
R5#show runn
Building configuration...

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption

!
hostname R5
!
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 192.168.2.1 255.255.255.0
interface Loopback1
ip address 192.168.100.1 255.255.255.0
!
interface Loopback2
ip address 172.29.1.1 255.255.255.0
!
interface Ethernet0
ip address 192.168.1.17 255.255.255.252

!
interface Serial0
no ip address
no fair-queue
clockrate 64000
!
interface Serial1
ip address 192.168.1.14 255.255.255.252
clockrate 64000
!
router ospf 1
log-adjacency-changes
network 172.29.1.0 0.0.0.255 area 0
network 192.168.1.16 0.0.0.3 area 0
network 192.168.2.0 0.0.0.255 area 0
network 192.168.100.0 0.0.0.255 area 0
!
router bgp 30
no synchronization
redistribute ospf 1
neighbor 192.168.1.13 remote-as 100
neighbor 192.168.1.13 route-map PREF in
neighbor 192.168.1.13 route-map MED out
neighbor 192.168.1.13 filter-list 1 out

neighbor 192.168.1.18 remote-as 30

neighbor 192.168.1.18 next-hop-self
!
ip classless
no ip http server
ip as-path access-list 1 permit ^$
ip as-path access-list 2 permit _50$
!
access-list 1 permit 172.31.0.0
access-list 2 permit any
route-map PREF permit 10
match as-path 2
set local-preference 200
route-map PREF permit 20
!
route-map MED permit 10
match ip address 1
set metric 100
!
route-map MED permit 20
match ip address 2
set metric 200
!
!

line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
!
end

R6#show runn
Building configuration...

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R6
!
!
!
!
!

!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 10.30.0.1 255.255.0.0
interface Loopback1
ip address 172.16.0.1 255.255.0.0
!
interface Loopback2
ip address 172.31.0.1 255.255.0.0
!
interface Ethernet0
ip address 192.168.1.18 255.255.255.252
!
interface Serial0
ip address 192.168.1.10 255.255.255.252
no fair-queue
clockrate 64000
!
interface Serial1

no ip address
shutdown
!
router ospf 1
log-adjacency-changes
network 10.30.0.0 0.0.255.255 area 0
network 172.16.0.0 0.0.255.255 area 0
network 172.31.0.0 0.0.255.255 area 0
network 192.168.1.16 0.0.0.3 area 0
!
router bgp 30
no synchronization
redistribute ospf 1
neighbor 192.168.1.9 remote-as 100
neighbor 192.168.1.9 route-map PREF in
neighbor 192.168.1.9 route-map MED out
neighbor 192.168.1.9 filter-list 1 out
neighbor 192.168.1.17 remote-as 30
neighbor 192.168.1.17 next-hop-self
!
ip classless
no ip http server
ip as-path access-list 1 permit ^$
ip as-path access-list 2 permit _75$

!
access-list 1 permit 172.16.0.0
access-list 2 permit any
route-map PREF permit 10
match as-path 2
set local-preference 400
route-map PREF permit 20
!
route-map MED permit 10
match ip address 1
set metric 100
!
route-map MED permit 20
match ip address 2
set metric 200
!
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
!
end

Ta xem kt qu trn R3, v R4

R3#show ip bgp
BGP table version is 38, local router ID is
192.168.1.25
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

* 10.0.0.0
30 ?

192.168.1.14

Metric LocPrf

200

10.10.10.1

0 75 50 ?

*>

10.10.10.1

*i

192.168.1.26

*> 172.16.0.0
30 ?
*i
?

192.168.1.14

192.168.1.26

* 172.17.0.0
50 ?

0 50 ?
100

0 50 ?

200

100

100

10.10.10.1

0 75

*>

10.10.10.1

*i

192.168.1.26

*> 172.18.0.0

10.10.10.2

0 30

0 50 ?
100
0

0 50 ?
0

75 i
*

10.10.10.2

*i

192.168.1.26

*> 172.29.0.0
30 ?
*i
30 ?

0 50 75 i
0

192.168.1.14

192.168.1.26

*> 172.31.0.0
30 ?
*i

200

100

0 75 i

200

100

192.168.1.14

100

192.168.1.26

200

200

30 ?
*> 192.168.1.0
30 ?
*i
30 ?

192.168.1.26

*> 192.168.2.0
30 ?
*i
30 ?

192.168.1.14

192.168.1.14

192.168.1.26

* 192.168.50.0
50 ?

200

200

*i

192.168.1.26

10.10.10.2

10.10.10.2

*i

192.168.1.26

*i

100

0 50 ?
100

0 50 ?

0 50 75 ?
0

192.168.1.14

192.168.1.26

0 75

10.10.10.1

*> 192.168.100.0
0 30 ?

10.10.10.1

200

*>

*> 192.168.75.0
75 ?

100

100

0 75 ?

200

200

100

30 ?

R4#show ip bgp
BGP table version is 69, local router ID is
192.168.1.26
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Path

Next Hop

* 10.0.0.0
30 ?

192.168.1.10

Metric LocPrf Weight

200

*i

192.168.1.25

*>

10.10.10.1

*
* i172.16.0.0
30 ?
*>
* i172.17.0.0
50 ?
*>
*
* i172.18.0.0
75 i

100

0 75 50 ?

192.168.1.25

200

0 30 ?
0

100

0 50 ?

10.10.10.1
192.168.1.25

100

100

192.168.1.25

10.10.10.1

0 50 ?
0 50 ?

10.10.10.1

192.168.1.10

0 75 50 ?
0

100

10.10.10.2

*>

10.10.10.2

* i172.29.0.0
30 ?

192.168.1.10

*>i172.31.0.0
30 ?

192.168.1.10

*>

192.168.1.10

192.168.1.10

*>

200

200

100

100

0 30 ?

200

200

100

0 30 ?
0

100

0 50 ?
0 75 50 ?

192.168.1.25

100

0 50 75 ?
0

192.168.1.25

192.168.1.10

0 30 ?

10.10.10.2

* i192.168.100.0
0 30 ?
*>

200

10.10.10.1

10.10.10.2

100

0 30 ?
100

192.168.1.25

10.10.10.1

* i192.168.75.0
75 ?
*

200

192.168.1.25

* i192.168.50.0
50 ?

200

192.168.1.25

* i192.168.2.0
30 ?

*>

0 75 i

192.168.1.25

* i192.168.1.0
30 ?

*>

192.168.1.25

*>

0 50 75 i

0 75 ?
200

200

100

0 30 ?

Ta thy trong bng route BGP ca RT3 v RT4 i vi

cc mng 172.31.0.0 v 172.16.0.0 u c hai ng
v router s chn ng c MED nh hn

4. Cu hnh cho s 4(cu hnh v route-reflector

v confederation)

Trong s ny th ta s cu hnh chia AS 100

thnh 2 AS con l 65510 v 65520.V khi mt router
nhn c route t cp nht ca mt lng ging l
IBGP th n s khng cp nht cho cc lng ging cn
li ca n do : trong AS 65510 ta tip tc cu hnh
R3 l route-reflector dm nhim chc nng qung
b cc route t R2 cho R4 v t R4 gi li cho R2.

R1#show runn
Building configuration...

Current configuration : 1141 bytes

!
version 12.2
service timestamps debug uptime
service timestamps log datetime msec

no service password-encryption
!
hostname R1
!
logging queue-limit 100
!
ip subnet-zero
!
!
no ip domain lookup
!
mpls ldp logging neighbor-changes
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!

mta receive maximum-recipients 0

!
!
!
!
interface Loopback0
ip address 172.17.0.1 255.255.0.0
!
interface Loopback1
ip address 172.18.0.1 255.255.0.0
!
interface Loopback2
ip address 172.30.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 192.168.1.14 255.255.255.252
duplex auto
speed 10
!
interface Serial0/0
no ip address
shutdown
!
router bgp 200

no synchronization
bgp log-neighbor-changes
network 172.17.0.0
network 172.18.0.0
neighbor 172.30.1.2 remote-as 100
neighbor 172.30.1.2 ebgp-multihop 2
neighbor 172.30.1.2 update-source Loopback2
no auto-summary
!
ip http server
ip classless
ip route 172.30.1.2 255.255.255.255 FastEthernet0/0
!
!
!
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!

!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end

R2#show runn
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime

no service password-encryption
!
hostname R2
!
!
memory-size iomem 10
ip subnet-zero
no ip domain-lookup
!
!
!
!
!
interface Loopback0
ip address 172.30.1.2 255.255.255.255
no ip directed-broadcast
!
interface Loopback1
ip address 10.33.5.1 255.255.255.0
no ip directed-broadcast
!
interface Ethernet0/0
ip address 192.168.1.13 255.255.255.252
no ip directed-broadcast

!
interface Serial0/0
ip address 192.168.1.1 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
clockrate 64000
!
router bgp 65510
no synchronization
bgp confederation identifier 100
network 10.33.5.0 mask 255.255.255.0
neighbor 172.30.1.1 remote-as 200
neighbor 172.30.1.1 ebgp-multihop 2
neighbor 172.30.1.1 update-source Loopback0
neighbor 172.30.1.3 remote-as 65510
neighbor 172.30.1.3 update-source Loopback0
neighbor 172.30.1.3 next-hop-self
!
ip classless
ip route 172.30.1.1 255.255.255.255 Ethernet0/0
ip route 172.30.1.3 255.255.255.255 Serial0/0
ip route 172.30.1.4 255.255.255.255 Serial0/0
!
!

!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
login
!
end

R3#show run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R3
!
!
memory-size iomem 10
ip subnet-zero
no ip domain-lookup
!
!
!
!
!
interface Loopback0
ip address 172.30.1.3 255.255.255.255
no ip directed-broadcast
!
interface Loopback1
ip address 10.33.4.1 255.255.255.0

no ip directed-broadcast
!
interface Ethernet0/0
ip address 192.168.1.5 255.255.255.252
no ip directed-broadcast
!
interface Serial0/0
ip address 192.168.1.2 255.255.255.252
no ip directed-broadcast
!
interface Serial0/1
no ip address
no ip directed-broadcast
shutdown
!
router bgp 65510
no synchronization
bgp confederation identifier 100
network 10.33.4.0 mask 255.255.255.0
neighbor 172.30.1.2 remote-as 65510
neighbor 172.30.1.2 update-source Loopback0
neighbor 172.30.1.2 route-reflector-client
neighbor 172.30.1.2 next-hop-self
neighbor 172.30.1.4 remote-as 65510

neighbor 172.30.1.4 update-source Loopback0

neighbor 172.30.1.4 route-reflector-client
neighbor 172.30.1.4 next-hop-self
!
ip classless
ip route 172.30.1.2 255.255.255.255 Serial0/0
ip route 172.30.1.4 255.255.255.255 Ethernet0/0
!
!
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
login
!
end

R4#show run
Building configuration...

Current configuration : 1440 bytes

!

version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R4
!
logging queue-limit 100
!
memory-size iomem 10
ip subnet-zero
!
!
no ip domain lookup
!
mpls ldp logging neighbor-changes
!
!
!
!
!
!
!
!

no voice hpi capture buffer

no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
ip address 172.30.1.4 255.255.255.255
!
interface Loopback1
ip address 10.31.1.1 255.255.255.0
!
interface Ethernet0/0
ip address 192.168.1.6 255.255.255.252
half-duplex
interface Serial0/0
ip address 192.168.1.9 255.255.255.252
clockrate 64000
!
router bgp 65510
no synchronization

bgp log-neighbor-changes
bgp confederation identifier 100
bgp confederation peers 65520
network 10.31.1.0 mask 255.255.255.0
neighbor 172.30.1.3 remote-as 65510
neighbor 172.30.1.3 update-source Loopback0
neighbor 172.30.1.3 next-hop-self
neighbor 172.30.1.5 remote-as 65520
neighbor 172.30.1.5 ebgp-multihop 2
neighbor 172.30.1.5 update-source Loopback0
neighbor 172.30.1.5 next-hop-self
no auto-summary
!
ip http server
ip classless
ip route 172.30.1.2 255.255.255.255 Ethernet0/0
ip route 172.30.1.3 255.255.255.255 Ethernet0/0
ip route 172.30.1.5 255.255.255.255 Serial0/0
!
!
!
!
!
call rsvp-sync

!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
end

R5#show run
Building configuration...

Current configuration:
!
version 11.1
service udp-small-servers
service tcp-small-servers
!
hostname R5
!
!
no ip domain-lookup
!
interface Loopback0
ip address 172.30.1.5 255.255.255.255
!
interface Loopback1
ip address 10.1.1.1 255.255.255.0
!
interface Ethernet0
ip address 192.168.1.17 255.255.255.252
!
interface Serial0
no ip address
shutdown
!

interface Serial1
ip address 192.168.1.10 255.255.255.252
!
router bgp 65520
no synchronization
bgp confederation identifier 100
bgp confederation peers 65510
network 10.1.1.0 mask 255.255.255.0
neighbor 172.30.1.4 remote-as 65510
neighbor 172.30.1.4 ebgp-multihop 2
neighbor 172.30.1.4 update-source Loopback0
neighbor 172.30.1.4 next-hop-self
neighbor 172.30.1.6 remote-as 300
neighbor 172.30.1.6 ebgp-multihop 2
neighbor 172.30.1.6 update-source Loopback0
!
no ip classless
ip route 172.30.1.4 255.255.255.255 Serial1
ip route 172.30.1.6 255.255.255.255 Ethernet0
!
line con 0
logging synchronous
line aux 0
line vty 0 4

login
!
end

R6#show run
Building configuration...

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R6
!
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 172.30.1.6 255.255.255.255
interface Loopback1

ip address 172.19.0.1 255.255.0.0

!
interface Loopback2
ip address 172.20.0.1 255.255.0.0
!
interface Ethernet0
ip address 192.168.1.18 255.255.255.252
!
interface Serial0
no ip address
shutdown
no fair-queue
!
interface Serial1
no ip address
shutdown
!
interface BRI0
no ip address
shutdown
!
router bgp 300
network 172.19.0.0
network 172.20.0.0

neighbor 172.30.1.5 remote-as 100

neighbor 172.30.1.5 ebgp-multihop 2
neighbor 172.30.1.5 update-source Loopback0
!
ip classless
ip route 172.30.1.5 255.255.255.255 Ethernet0
no ip http server
!
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
login
!
end

ta xem kt qu trn cc router nh sau:

R1#show ip bgp
BGP table version is 93, local router ID is 172.30.1.1
Status codes: s suppressed, d damped, h history, *

valid, > best, i - internal,

r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

Metric LocPrf

*> 10.1.1.0/24
100 i

172.30.1.2

*> 10.31.1.0/24
100 i

172.30.1.2

*> 10.33.4.0/24
100 i

172.30.1.2

*> 10.33.5.0/24
100 i

172.30.1.2

*> 172.17.0.0

0.0.0.0

32768 i

*> 172.18.0.0

0.0.0.0

32768 i

*> 172.19.0.0
100 300 i

172.30.1.2

*> 172.20.0.0
100 300 i

172.30.1.2

R2#show ip bgp
BGP table version is 89, local router ID is 172.30.1.2
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

Metric LocPrf

*>i10.1.1.0/24
(65520) i

172.30.1.4

100

*>i10.31.1.0/24
i

172.30.1.4

100

*>i10.33.4.0/24
i

172.30.1.3

100

*> 10.33.5.0/24

0.0.0.0

32768 i

*> 172.17.0.0
200 i

172.30.1.1

*> 172.18.0.0
200 i

172.30.1.1

*>i172.19.0.0
(65520) 300 i

172.30.1.4

100

*>i172.20.0.0
(65520) 300 i

172.30.1.4

100

R3#show ip bgp
BGP table version is 41, local router ID is 172.30.1.3
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

Metric LocPrf

*>i10.1.1.0/24
(65520) i

172.30.1.4

100

*>i10.31.1.0/24
i

172.30.1.4

100

*> 10.33.4.0/24

0.0.0.0

*>i10.33.5.0/24
i

172.30.1.2

32768 i
0

100

*>i172.17.0.0
200 i

172.30.1.2

100

*>i172.18.0.0
200 i

172.30.1.2

100

*>i172.19.0.0
(65520) 300 i

172.30.1.4

100

*>i172.20.0.0
(65520) 300 i

172.30.1.4

100

R4#show ip bgp
BGP table version is 57, local router ID is 172.30.1.4
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

Metric LocPrf

*> 10.1.1.0/24
(65520) i

172.30.1.5

*> 10.31.1.0/24

0.0.0.0

*>i10.33.4.0/24
i

172.30.1.3

100

*>i10.33.5.0/24
i

172.30.1.2

100

*>i172.17.0.0
200 i

172.30.1.2

100

32768 i

100

*>i172.18.0.0
200 i

172.30.1.2

100

*> 172.19.0.0
(65520) 300 i

172.30.1.5

100

*> 172.20.0.0
(65520) 300 i

172.30.1.5

100

R5#show ip bgp
BGP table version is 85, local router ID is 172.30.1.5
Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Path

Next Hop

Metric LocPrf Weight

*> 10.1.1.0/24

0.0.0.0

32768 i

*> 10.31.1.0/24
(65510) i

172.30.1.4

100

*> 10.33.4.0/24
(65510) i

172.30.1.4

100

*> 10.33.5.0/24
(65510) i

172.30.1.4

100

*> 172.17.0.0
(65510) 200 i

172.30.1.4

100

*> 172.18.0.0
(65510) 200 i

172.30.1.4

100

*> 172.19.0.0
300 i

172.30.1.6

*> 172.20.0.0
300 i

172.30.1.6

R6#show ip bgp

BGP table version is 49, local router ID is 172.30.1.6

Status codes: s suppressed, d damped, h history, *
valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network
Weight Path

Next Hop

Metric LocPrf

*> 10.1.1.0/24
100 i

172.30.1.5

*> 10.31.1.0/24
100 i

172.30.1.5

*> 10.33.4.0/24
100 i

172.30.1.5

*> 10.33.5.0/24
100 i

172.30.1.5

*> 172.17.0.0
100 200 i

172.30.1.5

*> 172.18.0.0
100 200 i

172.30.1.5

*> 172.19.0.0

0.0.0.0

32768 i

*> 172.20.0.0

0.0.0.0

32768 i