iBGP 问题重新分配 - 来自 EIGRP 的列表

网络工程 思科 路由 BGP 交换 eigrp
2022-02-26 12:16:17

所以,我有以下拓扑。

A-B
| |
C-D

ABCD 是路由器。接口的 IP 是什么并不重要。重要的是每个路由器都有 2 个环回。1.1.1.1 和 11.11.11.11 用于路由器 A // 2.2.2.2 和 22.22.22.22 用于 B // 3.3.3.3 和 33.33.33.33 用于 C // 4.4.4.4 和 44.44.44.44 用于 D。

我正在为设备之间的 IP 连接运行 EIGRP。

我的 EIGRP 配置是 0.0.0.0 0.0.0.0,因为如果我使用接口的确切配置,我就不会遇到这个问题,而且我喜欢遇到问题。

在 EIGRP 之上,我使用 iBGP。

未应用分发列表时路由表的外观:

A#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        1.1.1.0/24 is directly connected, Loopback0
L        1.1.1.1/32 is directly connected, Loopback0
      2.0.0.0/24 is subnetted, 1 subnets
D        2.2.2.0 [90/409600] via 192.168.12.2, 00:00:35, Ethernet0/0
      3.0.0.0/24 is subnetted, 1 subnets
D        3.3.3.0 [90/409600] via 192.168.13.3, 00:00:35, Ethernet0/1
      4.0.0.0/24 is subnetted, 1 subnets
D        4.4.4.0 [90/435200] via 192.168.13.3, 00:00:35, Ethernet0/1
                 [90/435200] via 192.168.12.2, 00:00:35, Ethernet0/0
      11.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        11.11.11.0/24 is directly connected, Loopback1
L        11.11.11.11/32 is directly connected, Loopback1
      22.0.0.0/24 is subnetted, 1 subnets
D        22.22.22.0 [90/409600] via 192.168.12.2, 00:00:35, Ethernet0/0
      33.0.0.0/24 is subnetted, 1 subnets
D        33.33.33.0 [90/409600] via 192.168.13.3, 00:00:35, Ethernet0/1
      44.0.0.0/24 is subnetted, 1 subnets
D        44.44.44.0 [90/435200] via 192.168.13.3, 00:00:35, Ethernet0/1
                    [90/435200] via 192.168.12.2, 00:00:35, Ethernet0/0
      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet0/0
L        192.168.12.1/32 is directly connected, Ethernet0/0
      192.168.13.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.13.0/24 is directly connected, Ethernet0/1
L        192.168.13.1/32 is directly connected, Ethernet0/1
D     192.168.24.0/24 [90/307200] via 192.168.12.2, 00:00:35, Ethernet0/0
D     192.168.34.0/24 [90/307200] via 192.168.13.3, 00:00:35, Ethernet0/1

一切都好。我看到 EIGRP 通告的环回因为 90 < 200。

假设我希望通过 BGP 而不是 EIGRP 通告我的所有环回。或者至少,我的 EIGRP 环回将保留在拓扑表中,而不是在路由表中提升。

因此,为了做到这一点,我在路由器 A 上创建了一个分发列表来过滤来自所有邻居的传入 EIGRP 路由。

access-list 10 deny   2.2.2.0 0.0.0.255
access-list 10 deny   22.22.22.0 0.0.0.255
access-list 10 deny   3.3.3.0 0.0.0.255
access-list 10 deny   33.33.33.0 0.0.0.255
access-list 10 deny   4.4.4.0 0.0.0.255
access-list 10 deny   44.44.44.0 0.0.0.255


A#sh run | sec router eigrp
router eigrp 123
 distribute-list 10 in
 network 0.0.0.0


A#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        1.1.1.0/24 is directly connected, Loopback0
L        1.1.1.1/32 is directly connected, Loopback0
      2.0.0.0/24 is subnetted, 1 subnets
B        2.2.2.0 [200/0] via 192.168.12.2, 00:00:04
      3.0.0.0/24 is subnetted, 1 subnets
B        3.3.3.0 [200/0] via 192.168.13.3, 00:00:04
      4.0.0.0/24 is subnetted, 1 subnets
B        4.4.4.0 [200/0] via 192.168.34.4, 00:00:04
      11.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        11.11.11.0/24 is directly connected, Loopback1
L        11.11.11.11/32 is directly connected, Loopback1
      22.0.0.0/24 is subnetted, 1 subnets
B        22.22.22.0 [200/0] via 192.168.12.2, 00:00:04
      33.0.0.0/24 is subnetted, 1 subnets
B        33.33.33.0 [200/0] via 192.168.13.3, 00:00:04
      44.0.0.0/24 is subnetted, 1 subnets
B        44.44.44.0 [200/0] via 192.168.34.4, 00:00:04
      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet0/0
L        192.168.12.1/32 is directly connected, Ethernet0/0
      192.168.13.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.13.0/24 is directly connected, Ethernet0/1
L        192.168.13.1/32 is directly connected, Ethernet0/1

到目前为止,一切看起来都很好。

现在我阻止了我的 EIGRP 路由,而不是那些路由,我在路由表中看到了 BGP 路由。

问题是:现在,如果我从访问列表中仅删除 4.4.4.0 0.0.0.255 和 44.44.44.0 0.0.0.255 并且只保留 2 和 3 个环回,我的整个 ip 路由表看起来像这样

A#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        1.1.1.0/24 is directly connected, Loopback0
L        1.1.1.1/32 is directly connected, Loopback0
      2.0.0.0/24 is subnetted, 1 subnets
D        2.2.2.0 [90/409600] via 192.168.12.2, 00:01:19, Ethernet0/0
      3.0.0.0/24 is subnetted, 1 subnets
D        3.3.3.0 [90/409600] via 192.168.13.3, 00:01:19, Ethernet0/1
      4.0.0.0/24 is subnetted, 1 subnets
D        4.4.4.0 [90/435200] via 192.168.13.3, 00:01:19, Ethernet0/1
                 [90/435200] via 192.168.12.2, 00:01:19, Ethernet0/0
      11.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        11.11.11.0/24 is directly connected, Loopback1
L        11.11.11.11/32 is directly connected, Loopback1
      22.0.0.0/24 is subnetted, 1 subnets
D        22.22.22.0 [90/409600] via 192.168.12.2, 00:01:19, Ethernet0/0
      33.0.0.0/24 is subnetted, 1 subnets
D        33.33.33.0 [90/409600] via 192.168.13.3, 00:01:19, Ethernet0/1
      44.0.0.0/24 is subnetted, 1 subnets
D        44.44.44.0 [90/435200] via 192.168.13.3, 00:01:19, Ethernet0/1
                    [90/435200] via 192.168.12.2, 00:01:19, Ethernet0/0
      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet0/0
L        192.168.12.1/32 is directly connected, Ethernet0/0
      192.168.13.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.13.0/24 is directly connected, Ethernet0/1
L        192.168.13.1/32 is directly connected, Ethernet0/1
D     192.168.24.0/24 [90/307200] via 192.168.12.2, 00:02:07, Ethernet0/0
D     192.168.34.0/24 [90/307200] via 192.168.13.3, 00:02:07, Ethernet0/1

确切地。没有 BGP 路由。即使我在访问列表的末尾申请了 permit any,仍然没有。任何人都可以解释这种行为。

后期编辑:如果您想知道我没有使用带序列号的扩展 ACL,是因为我特别想使用标准访问列表,并且每次修改访问列表时都要重写我的访问列表。我想习惯这种场景以获得进一步的认证。

0个回答
没有发现任何回复~
其它你可能感兴趣的问题
上一篇在 CIsco RV134W 上使用特定 VLAN 进行端口转发 下一篇多个站点到站点 VPN