我是巴西人,所以请原谅我的任何语法错误。
我有一个 cisco 路由器 ASR1001(IOS XE 版本:03.08.01.S),我需要将它连接到运行 BGP ipv4 的服务提供商。该服务提供商给了我 IP 地址 187.16.221.69/21 以设置为 dot1q vlan id 3404 的子接口,并且必须在同一个 /21 网络中访问 5 个 IP 地址,即:187.16.216.252 - 187.16.216.253 - 187.16.216.254 - 187.16.223.253 - 187.16.223.254。
从这个子接口我只能到达这个 ip 地址中的 2 个:187.16.223.253 - 187.16.223.254
我根本无法访问的其他 3 个 ip:187.16.216.252 - 187.16.216.253 - 187.16.216.254。
我将此服务提供商的连接更改为配置相同子接口的 Switch Cisco 3560G,我可以毫无问题地访问所有 5 个 IP 地址。
服务提供商说我的路由器无法学习 2048 (arp) mac 地址,因此我无法访问该网络的所有 IP 地址。
任何人都知道我可以在路由器上检查什么样的配置来解决这个问题?
关注更多信息和部分配置:
现在我需要达到这 5 个 ip 并与它们建立 bgp 连接。它仅适用于 2 个 IP 地址。正如我所看到的,这 5 个 ip 地址在同一个网络上,因此它们应该作为 L2 工作以访问该网络的所有 ip。
我真的相信有某种配置不允许路由器看到整个 L2 / 21 网络,只能看到其中的一部分。
我什至无法 ping 前 3 个 ip,只能从路由器 ping 后 2 个。但是,如果我将此配置更改为交换机,我可以毫无问题地通过 ping 访问所有 5 个 ip。
SPO_RT_BGP_02#show run
Building configuration...
Current configuration : 11911 bytes
!
! Last configuration change at 17:06:22 UTC Wed Sep 20 2017 by xxxxxxx
!
version 15.3
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
!
hostname SPO_RT_BGP_02
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
!
aaa new-model
!
!
aaa authentication login xxxxxxx local
aaa authorization console
aaa authorization config-commands
!
!
!
!
!
aaa session-id common
!
!
!
!
!
!
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
username xxxxxx privilege 15 password 0 xxxxxxx
!
redundancy
mode none
!
!
!
ip tftp source-interface GigabitEthernet0
!
track 133 ip sla 133 reachability
!
track 187 ip sla 187 reachability
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0/0
no ip address
negotiation auto
!
interface GigabitEthernet0/0/0.204
description CLI_INTERNET_ATAQUE_PUBLICIDADE
encapsulation dot1Q 204
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
standby 204 ip XXX.XXX.XXX.XXX
standby 204 priority 160
standby 204 preempt
!
interface GigabitEthernet0/0/0.2000
description BGP com Level3
encapsulation dot1Q 2000
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
!
interface GigabitEthernet0/0/0.3000
description BGP com VIVO
encapsulation dot1Q 3000
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
!
interface GigabitEthernet0/0/0.3404
encapsulation dot1Q 3404
ip address 187.16.221.69 255.255.248.0
!
interface GigabitEthernet0/0/1
no ip address
negotiation auto
!
interface GigabitEthernet0/0/1.1900
description BGP com ALGAR
encapsulation dot1Q 1900
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
!
interface GigabitEthernet0/0/1.2500
description BGP com AMERICANET
encapsulation dot1Q 2500
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
!
interface GigabitEthernet0/0/2
no ip address
negotiation auto
!
interface GigabitEthernet0/0/2.21
description REDE_VALIDA_INTERNA_DADOS
encapsulation dot1Q 21
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
standby 21 ip XXX.XXX.XXX.XXX
standby 21 priority 160
standby 21 preempt
!
interface GigabitEthernet0/0/2.22
encapsulation dot1Q 22
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
standby 22 ip XXX.XXX.XXX.XXX
standby 22 priority 160
standby 22 preempt
!
interface GigabitEthernet0/0/2.24
description REDE_VALIDA_INTERNA_VPNS_E_VOZ
encapsulation dot1Q 24
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
!
interface GigabitEthernet0/0/2.39
description CLIENTE_TMCO
encapsulation dot1Q 39
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
!
interface GigabitEthernet0/0/3
no ip address
negotiation auto
!
interface GigabitEthernet0/0/3.25
description REDE_VALIDA_VERAZ_II
encapsulation dot1Q 25
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
standby 25 ip XXX.XXX.XXX.XXX
standby 25 priority 160
standby 25 preempt
!
interface GigabitEthernet0/0/3.26
description REDE_VALIDA_VPN_CONCENTRADOR
encapsulation dot1Q 26
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
standby 26 ip XXX.XXX.XXX.XXX
standby 26 priority 160
standby 26 preempt
!
interface GigabitEthernet0/0/3.27
description REDE_VALIDA_SERVER_C5_E_SIMMODE
encapsulation dot1Q 27
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
standby 27 ip XXX.XXX.XXX.XXX
standby 27 priority 160
standby 27 preempt
!
interface GigabitEthernet0/0/3.28
description REDE_VALIDA_VPN_FOCO
encapsulation dot1Q 28
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
standby 28 ip XXX.XXX.XXX.XXX
standby 28 priority 160
standby 28 preempt
!
interface GigabitEthernet0/0/3.1000
encapsulation dot1Q 1000
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
!
interface GigabitEthernet0/0/3.2381
description REDE_VALIDA_OSASCO_TELES
encapsulation dot1Q 2381
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
!
interface GigabitEthernet0/0/3.2385
description REDE_VALIDA_JAGUARE_TELES
encapsulation dot1Q 2385
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!
router bgp XXXXXX
no bgp enforce-first-as
bgp log-neighbor-changes
neighbor 187.16.216.252 remote-as 20121
neighbor 187.16.216.252 description PTT_LGC
neighbor 187.16.216.253 remote-as 26162
neighbor 187.16.216.253 description PTT_RS1
neighbor 187.16.216.254 remote-as 26162
neighbor 187.16.216.254 description PTT_RS2
neighbor 187.16.223.253 remote-as 26162
neighbor 187.16.223.253 description PTT_RS3
neighbor 187.16.223.254 remote-as 26162
neighbor 187.16.223.254 description PTT_RS4
neighbor XXX.XXX.XXX.XXX remote-as XXXX
neighbor XXX.XXX.XXX.XXX description BGP com AMERICANET
neighbor XXX.XXX.XXX.XXX remote-as XXXXX
neighbor XXX.XXX.XXX.XXX description BGP_VIVO
neighbor XXX.XXX.XXX.XXX remote-as XXXXX
neighbor XXX.XXX.XXX.XXX description BGP com LEVEL3 CJARDIM
!
address-family ipv4
network XXX.XXX.XXX.XXX mask XXX.XXX.XXX.XXX
network XXX.XXX.XXX.XXX mask XXX.XXX.XXX.XXX
network XXX.XXX.XXX.XXX mask XXX.XXX.XXX.XXX
network XXX.XXX.XXX.XXX mask XXX.XXX.XXX.XXX
network XXX.XXX.XXX.XXX mask XXX.XXX.XXX.XXX
network XXX.XXX.XXX.XXX mask XXX.XXX.XXX.XXX
network XXX.XXX.XXX.XXX mask XXX.XXX.XXX.XXX
network XXX.XXX.XXX.XXX mask XXX.XXX.XXX.XXX
neighbor 187.16.216.252 activate
neighbor 187.16.216.252 soft-reconfiguration inbound
neighbor 187.16.216.252 prefix-list nobogons in
neighbor 187.16.216.252 prefix-list ptt out
neighbor 187.16.216.253 activate
neighbor 187.16.216.253 soft-reconfiguration inbound
neighbor 187.16.216.253 prefix-list nobogons in
neighbor 187.16.216.253 prefix-list ptt out
neighbor 187.16.216.254 activate
neighbor 187.16.216.254 soft-reconfiguration inbound
neighbor 187.16.216.254 prefix-list nobogons in
neighbor 187.16.216.254 prefix-list ptt out
neighbor 187.16.223.253 activate
neighbor 187.16.223.253 soft-reconfiguration inbound
neighbor 187.16.223.253 prefix-list nobogons in
neighbor 187.16.223.253 prefix-list ptt out
neighbor 187.16.223.254 activate
neighbor 187.16.223.254 soft-reconfiguration inbound
neighbor 187.16.223.254 prefix-list nobogons in
neighbor 187.16.223.254 prefix-list ptt out
neighbor XXX.XXX.XXX.XXX activate
neighbor XXX.XXX.XXX.XXX soft-reconfiguration inbound
neighbor XXX.XXX.XXX.XXX prefix-list nobogons in
neighbor XXX.XXX.XXX.XXX prefix-list bgp_americanet out
neighbor XXX.XXX.XXX.XXX activate
neighbor XXX.XXX.XXX.XXX soft-reconfiguration inbound
neighbor XXX.XXX.XXX.XXX prefix-list nobogons in
neighbor XXX.XXX.XXX.XXX prefix-list BGPmask24 out
neighbor XXX.XXX.XXX.XXX activate
neighbor XXX.XXX.XXX.XXX soft-reconfiguration inbound
neighbor XXX.XXX.XXX.XXX prefix-list nobogons in
neighbor XXX.XXX.XXX.XXX prefix-list bgp_level3 out
exit-address-family
!
ip forward-protocol nd
!
no ip http server
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX Null0
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX Null0
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX Null0
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX Null0
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX Null0
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX Null0
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX Null0
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip route 192.168.1.0 255.255.255.0 2.2.2.1
ip route 192.168.2.0 255.255.254.0 2.2.2.1
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip route XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
!
!
ip prefix-list BGPmask24 seq 100 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 110 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 120 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 130 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 140 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 150 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 160 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 170 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 200 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 210 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 220 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 230 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 240 permit XXX.XXX.XXX.XXX/24
ip prefix-list BGPmask24 seq 250 permit XXX.XXX.XXX.XXX/24
!
ip prefix-list bgp_americanet seq 100 permit XXX.XXX.XXX.XXX/24
ip prefix-list bgp_americanet seq 109 permit XXX.XXX.XXX.XXX/24
ip prefix-list bgp_americanet seq 130 permit XXX.XXX.XXX.XXX/24
ip prefix-list bgp_americanet seq 140 permit XXX.XXX.XXX.XXX/24
ip prefix-list bgp_americanet seq 200 permit XXX.XXX.XXX.XXX/24
!
ip prefix-list bgp_level3 seq 100 permit XXX.XXX.XXX.XXX/24
ip prefix-list bgp_level3 seq 110 permit XXX.XXX.XXX.XXX/24
ip prefix-list bgp_level3 seq 120 permit XXX.XXX.XXX.XXX/24
ip prefix-list bgp_level3 seq 130 permit XXX.XXX.XXX.XXX/24
ip prefix-list bgp_level3 seq 140 permit XXX.XXX.XXX.XXX/24
ip prefix-list bgp_level3 seq 150 permit XXX.XXX.XXX.XXX/24
ip prefix-list bgp_level3 seq 200 permit XXX.XXX.XXX.XXX/24
!
ip prefix-list nobogons seq 10 deny 0.0.0.0/8
ip prefix-list nobogons seq 15 deny 2.2.2.0/24
ip prefix-list nobogons seq 20 deny 10.0.0.0/8
ip prefix-list nobogons seq 30 deny 127.0.0.0/8
ip prefix-list nobogons seq 40 deny 169.254.0.0/16
ip prefix-list nobogons seq 50 deny 172.16.0.0/12
ip prefix-list nobogons seq 60 deny 192.0.0.0/24
ip prefix-list nobogons seq 70 deny 192.0.2.0/24
ip prefix-list nobogons seq 80 deny 192.168.0.0/16
ip prefix-list nobogons seq 90 deny 198.18.0.0/15
ip prefix-list nobogons seq 100 deny 198.51.100.0/24
ip prefix-list nobogons seq 110 deny 203.0.113.0/24
ip prefix-list nobogons seq 120 deny 224.0.0.0/4
ip prefix-list nobogons seq 130 deny 240.0.0.0/4
ip prefix-list nobogons seq 140 permit 0.0.0.0/0 le 32
!
ip prefix-list ptt seq 10 permit XXX.XXX.XXX.XXX/24
ip sla 133
icmp-echo XXX.XXX.XXX.XXX
frequency 5
ip sla schedule 133 life forever start-time now
ip sla 187
icmp-echo XXX.XXX.XXX.XXX
frequency 5
ip sla schedule 187 life forever start-time now
access-list 10 permit 192.168.1.148
access-list 10 deny any
access-list 105 deny udp any eq snmp any
access-list 105 deny udp any eq snmptrap any
access-list 105 permit ip any any
access-list 106 permit udp any eq snmp host 192.168.1.148
access-list 106 permit udp any eq snmptrap host 192.168.1.148
access-list 106 permit ip any any
!
snmp-server community XXXX RW 10
snmp-server location XXXX
snmp-server contact XXXXX@XXXXXXXXXXXXXX.XXX.XX
!
!
!
control-plane
!
!
!
!
!
!
!
banner login ^CC
*************************************************************************
* *
* XXXXXXXXXXXX *
* *
* *
* *
* *
* ATENCAO, ESTE EQUIPAMENTO E DE ACESSO RESTRITO. QUALQUER CONEXAO *
* SERA MONITORADA E LOGADA. USUARIOS QUE NAO POSSUEM PERMISSAO DE *
* ACESSO DEVERAO SAIR IMEDIATAMENTE. *
* *
* ATTENTION, THIS IS A RESTRICTED ACCESS EQUIPMENT. ANY CONNECTIONS *
* ARE MONITORED AND LOGGED. USERS WITHOUT ACCESS PERMISSION THEY *
* WILL HAVE TO LEAVE IMMEDIATELY. *
* *
*************************************************************************
^C
!
line con 0
privilege level 15
login authentication xxxxx
stopbits 1
line aux 0
stopbits 1
line vty 0 4
privilege level 15
login authentication xxxxxx
!
!
end