BGP拓扑正确配置

R1的配置

-----------------------------------------------------------------------------

sysname RT1
#
super password level 3 simple h3c
#
domain default enable system
#
telnet server enable
#
acl number 2000
rule 0 permit source 192.168.200.0 0.0.0.255
acl number 2030
rule 0 permit source 192.168.200.1 0
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
group-attribute allow-guest
#
local-user rt1
password simple rt1
authorization-attribute level 2
service-type telnet
local-user useradmin
authorization-attribute level 2
#
wlan rrm
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
attack-defense policy 1
#
bgp 65000
undo synchronization
peer 172.16.1.2 as-number 65001
peer 2.2.2.2 as-number 65000
peer 6.6.6.6 as-number 65000
peer 7.7.7.7 as-number 65000
peer 172.16.1.2 route-policy fk export
peer 172.16.1.2 route-policy fa import
peer 2.2.2.2 next-hop-local
peer 2.2.2.2 connect-interface LoopBack0
peer 6.6.6.6 next-hop-local
peer 6.6.6.6 connect-interface LoopBack0
peer 7.7.7.7 next-hop-local
peer 7.7.7.7 connect-interface LoopBack0
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 172.16.0.2 0.0.0.0
network 172.16.0.9 0.0.0.0
network 1.1.1.1 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply as-path 400 600
route-policy fa permit node 20
route-policy fk permit node 10
if-match as-path 1
#
ip as-path 1 permit ^$
#
snmp-agent
snmp-agent local-engineid 800063A203000FE2D06060
snmp-agent community read h3c-read
snmp-agent sys-info version v2c v3
snmp-agent target-host trap address udp-domain 192.168.200.1 params securityname h3c-read
undo snmp-agent trap enable voice dial
snmp-agent trap source LoopBack0
#
load xml-configuration
#
load tr069-configuration
#
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
acl 2030 inbound
authentication-mode scheme
idle-timeout 0 0
protocol inbound telnet
#
return

R2的配置

--------------------------------------------------------------------------

sysname RT2
#
super password level 3 simple h3c
#
domain default enable system
#
telnet server enable
#
acl number 2000
rule 0 permit source 192.168.100.0 0.0.0.255
acl number 2030
rule 0 permit source 192.168.200.1 0
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
ike proposal 1
#
ike peer rt4
pre-shared-key simple h3c
remote-address 172.16.1.6
#
ipsec proposal 1
#
ipsec policy-template huawei 1
ike-peer rt4
proposal 1
#
ipsec policy h3c 1 isakmp template huawei
#
user-group system
group-attribute allow-guest
#
local-user rt2
password simple rt2
authorization-attribute level 2
service-type telnet
local-user useradmin
authorization-attribute level 2
#
wlan rrm
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
attack-defense policy 1
#
bgp 65000
undo synchronization
peer 1.1.1.1 as-number 65000
peer 172.16.1.6 as-number 65001
peer 6.6.6.6 as-number 65000
peer 7.7.7.7 as-number 65000
peer 1.1.1.1 next-hop-local
peer 1.1.1.1 connect-interface LoopBack0
peer 172.16.1.6 route-policy fk export
peer 172.16.1.6 route-policy fa import
peer 6.6.6.6 next-hop-local
peer 6.6.6.6 connect-interface LoopBack0
peer 7.7.7.7 next-hop-local
peer 7.7.7.7 connect-interface LoopBack0
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 172.16.0.6 0.0.0.0
network 172.16.0.10 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply as-path 400 600
route-policy fa permit node 20
route-policy fk permit node 10
if-match as-path 1
#
ip as-path 1 permit ^$
#
ip route-static 0.0.0.0 0.0.0.0 100.0.0.2
#
snmp-agent
snmp-agent local-engineid 800063A203000FE2E62FC0
snmp-agent community read h3c-read
snmp-agent sys-info version v2c v3
snmp-agent target-host trap address udp-domain 192.168.200.1 params securityname h3c-read
undo snmp-agent trap enable voice dial
snmp-agent trap source LoopBack0
#
load xml-configuration
#
load tr069-configuration
#
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
acl 2030 inbound
authentication-mode scheme
idle-timeout 0 0
protocol inbound telnet
#
return

R3的配置

--------------------------------------------------------------------

sysname RT3
#
super password level 3 simple 123
#
domain default enable system
#
ip ttl-expires enable
ip unreachables enable
#
dar p2p signature-file flash:/p2p_default.mtd
#
port-security enable
#
acl number 2000
rule 0 permit source 192.168.20.0 0.0.0.255
acl number 2008
rule 0 deny source 0.0.0.0 0
rule 5 permit
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
group-attribute allow-guest
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
authorization-attribute level 3
service-type telnet
#
wlan rrm
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
cwmp
undo cwmp enable
#
bgp 65001
undo synchronization
peer 4.4.4.4 as-number 65001
peer 172.16.1.1 as-number 65000
peer 5.5.5.5 as-number 65001
peer 4.4.4.4 next-hop-local
peer 4.4.4.4 connect-interface LoopBack0
peer 172.16.1.1 filter-policy 2008 export
peer 172.16.1.1 route-policy fa import
peer 5.5.5.5 next-hop-local
peer 5.5.5.5 connect-interface LoopBack0
#
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 172.16.2.1 0.0.0.0
network 172.16.2.5 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply as-path 400 600
route-policy fa permit node 20
#
#
voice-setup
#
sip
#
sip-server
#
call-rule-set
#
call-route
#
dial-program
default entity fax protocol standard-t38
default entity fax protocol standard-t38 hb-redundancy 0
default entity fax protocol standard-t38 lb-redundancy 0
#
aaa-client
#
gk-client
#
load xml-configuration
#
load tr069-configuration
#
user-interface tty 12
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return

R4的配置

------------------------------------------------------------------------

sysname RT4
#
ipsec cpu-backup enable
#
undo cryptoengine enable
#
domain default enable system
#
acl number 2000
rule 0 permit source 192.168.10.0 0.0.0.255
acl number 2030
rule 0 permit source 192.168.200.0 0.0.0.255
#
acl number 3000
rule 0 permit ip source 192.168.200.0 0.0.0.255 destination 192.168.20.0 0.0.0.255
acl number 3030
rule 0 permit ip source 192.168.20.0 0.0.0.255 destination 192.168.200.0 0.0.0.255
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
ike proposal 1
#
ike peer rt2
pre-shared-key simple h3c
remote-address 172.16.1.5
#
ipsec proposal 1
#
ipsec policy h3c 1 isakmp
security acl 3000
ike-peer rt2
proposal 1
#
traffic classifier oa operator and
if-match acl 3030
#
traffic behavior oa
queue af bandwidth pct 50
#
qos policy h3c
classifier oa behavior oa
#
local-user rt4
password simple h3c
service-type ppp
#
bgp 65001
undo synchronization
peer 5.5.5.5 as-number 65001
peer 172.16.1.5 as-number 65000
peer 3.3.3.3 as-number 65001
peer 5.5.5.5 next-hop-local
peer 5.5.5.5 default-route-advertise
peer 5.5.5.5 connect-interface LoopBack0
peer 172.16.1.5 route-policy fa import
peer 3.3.3.3 next-hop-local
peer 3.3.3.3 default-route-advertise
peer 3.3.3.3 connect-interface LoopBack0
#
ospf 1 router-id 4.4.4.4
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 172.16.2.2 0.0.0.0
network 172.16.2.9 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply as-path 400 600
route-policy fa permit node 20
#
ip route-static 0.0.0.0 0.0.0.0 200.0.0.2
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
#
return

R5的配置

-------------------------------------------------------------------

sysname RT5
#
ipsec cpu-backup enable
#
undo cryptoengine enable
#
domain default enable system
#
acl number 2000
rule 0 permit source 192.168.20.0 0.0.0.255
acl number 2001
rule 0 permit source 192.168.10.0 0.0.0.255
#
acl number 3030
rule 5 permit ip source 192.168.200.0 0.0.0.255 destination 192.168.20.0 0.0.0.255
#
vlan 1
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
traffic classifier oa operator and
if-match acl 3030
#
traffic behavior oa
queue af bandwidth pct 50
#
qos policy h3c
classifier oa behavior oa
#
local-user rt5
password simple h3c
service-type ppp
#
bgp 65001
network 192.168.100.1 255.255.255.255
network 192.168.200.1 255.255.255.255
undo synchronization
peer 4.4.4.4 as-number 65001
peer 3.3.3.3 as-number 65001
peer 4.4.4.4 route-policy fk import
peer 4.4.4.4 connect-interface LoopBack0
peer 3.3.3.3 route-policy fk import
peer 3.3.3.3 connect-interface LoopBack0
#
ospf 1 router-id 5.5.5.5
area 0.0.0.0
network 5.5.5.5 0.0.0.0
network 172.16.2.6 0.0.0.0
network 172.16.2.10 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply local-preference 400
route-policy fa permit node 20
route-policy fk permit node 10
if-match acl 2001
apply local-preference 400
route-policy fk permit node 20
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
#
return

SW1的配置

----------------------------------------------------------------------

sysname SW1
#
domain default enable system
#
burst-mode enable
#
undo ip http enable
#
password-recovery enable
#
acl number 2000
rule 0 permit source 192.168.10.0 0.0.0.255
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
#
stp region-configuration
region-name h3c
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
#
stp instance 0 root primary
stp instance 1 root primary
stp instance 2 root secondary
stp enable
#
bgp 65000
network 192.168.10.0 route-policy fa
network 192.168.20.0
undo synchronization
peer 1.1.1.1 as-number 65000
peer 2.2.2.2 as-number 65000
peer 1.1.1.1 connect-interface LoopBack0
peer 2.2.2.2 connect-interface LoopBack0
#
ospf 1 router-id 6.6.6.6
area 0.0.0.0
network 6.6.6.6 0.0.0.0
network 172.16.0.1 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply local-preference 400
#
user-interface aux 0
user-interface vty 0 4
#
return

SW2 的配置

--------------------------------------------------------------------------

version 5.20, Release 5319P04
#
sysname SW2
#
super password level 3 cipher $c$3$nbNypWi5fBQG/0cezZ0kQlLgfhZBVkx+anDhOHBaSwsLC8U=
#
domain default enable system
#
burst-mode enable
#
undo ip http enable
#
password-recovery enable
#
acl number 2000
rule 0 permit source 192.168.20.0 0.0.0.255
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
#
stp region-configuration
region-name h3c
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
#
stp instance 0 root secondary
stp instance 1 root secondary
stp instance 2 root primary
stp enable
#
interface Bridge-Aggregation1
port link-type trunk
port trunk permit vlan 1 10 20
stp instance 1 cost 1000
#
interface NULL0
#
interface LoopBack0
ip address 7.7.7.7 255.255.255.255
#
interface Vlan-interface10
ip address 192.168.10.252 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.10.254
vrrp vrid 1 authentication-mode simple cipher $c$3$Bad9sQ7oGU1f3WXX6oCbS+4r///6ZA==
#
interface Vlan-interface20
ip address 192.168.20.252 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.20.254
vrrp vrid 2 priority 110
vrrp vrid 2 track interface Vlan-interface30 reduced 30
vrrp vrid 2 authentication-mode simple cipher $c$3$7y7634QLWJTLfcyELBMFVKnhZ5l8PQ==
#
interface Vlan-interface30
ip address 172.16.0.5 255.255.255.252
#
interface Ethernet1/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 10 20
port link-aggregation group 1
#
interface Ethernet1/0/2
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 10 20
port link-aggregation group 1
#
interface Ethernet1/0/3
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 10 20
#
interface Ethernet1/0/4
port link-mode bridge
port access vlan 30
#
interface Ethernet1/0/5
port link-mode bridge
#
interface Ethernet1/0/6
port link-mode bridge
#
interface Ethernet1/0/7
port link-mode bridge
#
interface Ethernet1/0/8
port link-mode bridge
#
interface Ethernet1/0/9
port link-mode bridge
#
interface Ethernet1/0/10
port link-mode bridge
#
interface Ethernet1/0/11
port link-mode bridge
#
interface Ethernet1/0/12
port link-mode bridge
#
interface Ethernet1/0/13
port link-mode bridge
#
interface Ethernet1/0/14
port link-mode bridge
#
interface Ethernet1/0/15
port link-mode bridge
#
interface Ethernet1/0/16
port link-mode bridge
#
interface Ethernet1/0/17
port link-mode bridge
#
interface Ethernet1/0/18
port link-mode bridge
#
interface Ethernet1/0/19
port link-mode bridge
#
interface Ethernet1/0/20
port link-mode bridge
#
interface Ethernet1/0/21
port link-mode bridge
#
interface Ethernet1/0/22
port link-mode bridge
#
interface Ethernet1/0/23
port link-mode bridge
#
interface Ethernet1/0/24
port link-mode bridge
#
interface GigabitEthernet1/1/1
port link-mode bridge
#
interface GigabitEthernet1/1/2
port link-mode bridge
#
interface GigabitEthernet1/1/3
port link-mode bridge
#
interface GigabitEthernet1/1/4
port link-mode bridge
#
bgp 65000
network 192.168.10.0
network 192.168.20.0 route-policy fa
undo synchronization
peer 1.1.1.1 as-number 65000
peer 2.2.2.2 as-number 65000
peer 1.1.1.1 connect-interface LoopBack0
peer 2.2.2.2 connect-interface LoopBack0
#
ospf 1 router-id 7.7.7.7
area 0.0.0.0
network 7.7.7.7 0.0.0.0
network 172.16.0.5 0.0.0.0
#
route-policy fa permit node 10
if-match acl 2000
apply local-preference 400
#
user-interface aux 0
user privilege level 2
user-interface vty 0 4
#
return

SW3的配置

-----------------------------------------------------------------------

sysname SW3
#
super password level 3 cipher *\Y0``CC]'I.BI/aC,8H/Q!!
#
radius scheme system
#
domain system
#
stp bpdu-protection
stp enable
stp region-configuration
region-name h3c
instance 1 vlan 10
instance 2 vlan 20
active region-configuration
#
vlan 1
#
vlan 10
#
vlan 20
#
user-interface aux 0
user privilege level 2
idle-timeout 0 0
user-interface vty 0 4
#
return

BGP拓扑正确配置的更多相关文章

MySQL数据库集群进行正确配置步骤
MySQL数据库集群进行正确配置步骤 2010-06-09 10:47 arrowcat 博客园字号:T | T 我们今天是要和大家一起分享的是对MySQL数据库集群进行正确配置,我前两天在相关网站 ...
phpMyAdmin:无法在发生错误时创建会话，请检查 PHP 或网站服务器日志，并正确配置 PHP 安装。
一:错误提示英文:Cannot start session without errors, please check errors given in your PHP and/or webserve ...
Power Point已经检测到你的显卡可能无法正确配置
Microsoft PowerPoint打开ppt时提示信息 PowerPoint已检测到你的显卡可能无法正确配置最佳的幻灯片播放体验(“Power Point has detected that y ...
VM中ubuntu已经正确配置了静态IP仍无法上网
情况描述:正确配置了ubuntu的IP,getway,DNS..无法ping通getway. 环境:宿主机:win7 32Bit 虚拟机:ununtu 10.04 VM:9.0.1 build-8 ...
IAR编译ZStack-CC2530为可下载运行的HEX文件的正确配置
转自IAR编译ZStack-CC2530为可下载运行的HEX文件的正确配置 IAR编译ZStack-CC2530为可下载运行的HEX文件的正确配置: 1.正确配置输出文件格式:菜单选择P ...
Cacti监控Windows主机，Windows主机的正确配置
使用cacti监控Windows主机的时候经常遇到无法获取Windows主机的snmp信息和Windows主机的硬件信息,主要原因是Windows主机没有正确配置snmp,以下是正确的配置步骤:1.安 ...
sql2008升级到r2提示：检查当前是否正确配置了报表服务器、数据库服务器是否正在运行以及您是否有权访问
sql2008升级到r2提示:检查当前是否正确配置了报表服务器.数据库服务器是否正在运行以及您是否有权访问解决方法:把服务开启ok
Oracle APEX 5.1 with Ords 17 in Tomcat 9–Error tips: 请求无法映射到任何数据库。请确保请求 URL 正确, 并且已正确配置 URL 到数据库的映射
一次意外关机引发的血案 1.重新开机打开 tomcat 9, 一切正常 2.打开 ords,异常报错: 404 Not Found 请求无法映射到任何数据库.请确保请求 URL 正确, 并且已正确配置 ...
struts2 正确配置通配符方式访问，报错解决
今天遇到正确配置通配符访问action的方法,但是还是报错,原因struts 2.3 以后会内部会验证是否允许该方法,而我用的刚好是2.5的版本要action配置中加上<allowed-met ...

随机推荐

spring+mybatis利用interceptor(plugin)兑现数据库读写分离
使用spring的动态路由实现数据库负载均衡系统中存在的多台服务器是"地位相当"的,不过,同一时间他们都处于活动(Active)状态,处于负载均衡等因素考虑,数据访问请求需要在这 ...
HDU 4041 Eliminate Witches! （模拟题 ACM ICPC 2011亚洲北京赛区网络赛）
HDU 4041 Eliminate Witches! (模拟题 ACM ICPC 2011 亚洲北京赛区网络赛题目) Eliminate Witches! Time Limit: 2000/1000 ...
JQuery获取与设置HTML元素的值value
JQuery获取与设置HTML元素的值value 作者:简明现代魔法图书馆发布时间:2011-07-07 10:16:13 20481 次阅读服务器君一共花费了13.221 ms进行了6次数据库查 ...
参考storm中的RotatingMap实现key超时处理
storm0.8.1以后的RotatingMap完全可以独立于storm用来实现hashmap的key超时删除,并调用回调函数 RotatingMap.java: import java.util.H ...
JDK 环境变量配置（Mac）
Mac JDK 安装过后修改 ~/. bash_profile 配置环境变量修改内容: JAVA_HOME=$(/usr/libexec/java_home) export JAVA_HOME P ...
首款符合PICO-ITX规格的A20开源硬件开发平台
http://mp.weixin.qq.com/mp/appmsg/show?__biz=MjM5NzM0MjcyMQ==&appmsgid=10001083&itemidx=2&am ...
Android中View绘制优化之一---- 优化布局层次
本文原创, 转载请注明出处:http://blog.csdn.net/qinjuning 前言,竟然是翻译,当然得弄的有板有眼. 照着大作家格式来咯 , - - . 译序最近一直在做锁屏界面,之前也 ...
C陷阱与缺陷代码分析之第1章词法陷阱
作者:刘昊昱博客:http://blog.csdn.net/liuhaoyutz 编译器中负责将程序分解为一个一个符号的部分,称为“词法分析器”.下面看一个例子: if(x > big) bi ...
ASP.NET - 多文件上传，纯代码，不使用插件
解决方案: 前段代码: <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Mu ...
Vanya and Lanterns
Description Vanya walks late at night along a straight street of length l, lit by n lanterns. Consid ...

BGP拓扑正确配置

BGP拓扑正确配置的更多相关文章

随机推荐

热门专题