bgP后期教案方案.docVIP

r2(config)#access-list 1 per 192.168.1.0 0.0.0.255 r2(config)#route-map aaa per 10 r2(config-route-map)#match ip add 1 r2(config)#router bgp 100 r2(config-router)#nei 1.1.1.1 route-map aaa in 只从1.1.1.1接受192.168.1.0的路由 access-list 1 deny 192.168.1.0 0.0.0.255 access-list 1 permit any route-map aaa permit 10 match ip address 1 router bgp 200 aggregate-address 192.168.0.0 255.255.248.0 suppress-map aaa summary-only as-set 聚合过程中过滤，ACL的permit做聚合，deny不做聚合放行明细，即使加上summary-only也会放行192.168.1.0 ip prefix-list aaa seq 1 deny 192.168.1.0/24 ip prefix-list aaa seq 2 permit 0.0.0.0/0 router bgp 200 aggregate-address 192.168.0.0 255.255.248.0 as-set summary-only suppress-map aaa 上面配置不能实现抑制192.168.1.0，针对192.168.2.0和192.168.3.0的聚合行为。但是，如果前缀列表如果向下面这么去写：是可以实现的！！！！ ip prefix-list aaa seq 1 deny 192.168.1.0/24 ip prefix-list aaa seq 2 permit 192.168.2.0/24 ip prefix-list aaa seq 3 permit 192.168.3.0/24 router bgp 200 aggregate-address 192.168.0.0 255.255.248.0 as-set summary-only suppress-map aaa access-list 1 permit 192.168.1.0 0.0.0.255 route-map aaa permit 10 match ip address 1 router bgp 200 aggregate-address 192.168.0.0 255.255.248.0 summary-only neighbor 4.4.4.4 unsuppress-map aaa 把我本地抑制的路由传给4.4.4.4邻居，且是active ! route-map aaa permit 10 set local-preference 120 router bgp 200 aggregate-address 192.168.0.0 255.255.248.0 summary-only attribute-map aaa 聚合中修改汇总路由属性，注意尽量不和ACL连用 注意：聚合时候route-map 和att…map是同一个意思 access-list 1 deny 192.168.1.0 0.0.0.255 access-list 1 permit any ! ! route-map aaa permit 10 match ip address 1 set metric 66 router bgp 200 neighbor 4.4.4.4 route-map aaa out 不向4.4.4.4通告192.168.1.0，但通告其他的且同时修改metric为66 access-list 1 permit 192.168.1.0 0.0.0.255 router bgp 200 distribute-list 1 in 只允许192.168.1.0的路由进来 access-list 1 permit 192.168.1.0 0.0.0.255 router bgp 200 nei 4.4.4.4 distribute-list 1 in 只允许从4.4.4.4收满足ACL的permit流量路由 Prefix-list过滤： Ip prefix-list aaa se 5 per 192