论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2003-04-11 13:20 |只看该作者 |倒序浏览

ROUTER TELECOM-SP GATEWAY 01 (GW01)
hostname GW01
router eigrp 7341
network 212.18.22.0
redistribute static route-map ONLY_DEFAULT
passive-interface serial 1
passive-interface serial 2
passive-interface serial 3
passive-interface serial 7
router bgp 7341
no synchronization
no auto-summary
network 212.18.22.0 mask 255.255.252.0
network 212.18.12.0 mask 255.255.248.0
network 201.9.110.0 mask 255.255.240.0
network 173.41.220.0 mask 255.255.248.0
network 200.5.32.0 mask 255.255.224.0
network 200.23.7.0 mask 255.255.224.0
network 172.22.0.0 mask 255.255.0.0
neighbor PEER_MAP peer-group
neighbor PEER_MAP remote-as 921
neighbor PEER_MAP filter-list 20 out
neighbor PEER_MAP distribute-list 2 in
neighbor PEER_MAP distribute-list 2 out
neighbor a.a.a.1 peer-group PEER_MAP
neighbor b.b.b.1 peer-group PEER_MAP
neighbor c.c.c.1 peer-group PEER_MAP
neighbor a.a.a.1 route-map SET_COMMUNITY_1 out
neighbor b.b.b.1 route-map SET_COMMUNITY_2 out
neighbor c.c.c.1 route-map SET_COMMUNITY_3 out
neighbor a.a.a.1 send-community
neighbor b.b.b.1 send-community
neighbor c.c.c.1 send-community
neighbor j.j.j.1 remote-as 1121
neighbor j.j.j.1 filter-list 21 in
neighbor j.j.j.1 distribute-list 2 in
neighbor j.j.j.1 distribute-list 2 out
neighbor y.y.y.2 remote-as 7341
! Access list summary:
! #2 Used for Ingress to filter private space prefixes as well
! as any other prefixes desired.
! #3 Used for redistribution into EIGRP process to permit only
! static route to default 0/0 to be redistributed.
! #10 Used to set community attribute for CIMR sessions and to
! implicitly filter prefixes out to CIMR peers other than
! those specified.
! #11 Used to set community attribute for CIMR sessions and to
! implicitly filter prefixes out to CIMR peers other than
! those specified.
! #12 Used to set community attribute for CIMR sessions and to
! implicitly filter prefixes out to CIMR peers other than
! those specified.
! #20 AS Path filter to ensure that AS7341 serve only as transit
! to AS1121 and not to any other neighboring AS.
! #21 AS Path filter to ensure that only prefixes originating
! from AS1121 are allowed to be propagated throughout AS7341.
! Ingress filtering to prevent 1918 private address space from
! being injected into AS7341. This access-list can be used to
! add other filters which TELECOM-SP wishes to impose at the ingress
! to their AS.
access-list 2 deny 10.0.0.0 0.255.255.255
access-list 2 deny 172.6.0.0 0.15.255.255
access-list 2 deny 192.168.0.0 0.0.255.255
access-list 2 permit any
! Access list to permit default only being injected into EIGRP
! process.
access-list 3 permit 0.0.0.0 0.0.0.0
access-list 3 deny any
! Prefixes A, B, C, D and E.
access-list 10 permit 212.18.22.0 255.255.252.0
access-list 10 permit 212.18.12.0 255.255.248.0
access-list 10 permit 201.9.110.0 255.255.240.0
access-list 10 permit 200.5.32.0 255.255.224.0
access-list 10 permit 173.41.220.0 255.255.248.0
access-list 10 deny any
! Prefixes F and G.
access-list 11 permit 200.23.7.0 255.255.224.0
access-list 11 permit 172.22.0.0 255.255.0.0
access-list 11 deny any
! AS Path filter list for outgoing prefixes. This filter can be
! used on all peering sessions with CIMR, OBERON, INTEX and
! ACSNET. In each case there may be overlap but it will still
! work. It is intended to prevent AS7341 from acting as a transit
! network for everyone except XPAC (AS1121).
ip as-path access-list 20 deny ^432_
ip as-path access-list 20 deny ^5037_
ip as-path access-list 20 deny ^1399_
ip as-path access-list 20 deny _854_
ip as-path access-list 20 permit .*
! AS Path filter list for incoming prefixes. This filter is
! used on the XPAC peering session.
ip as-path access-list 21 permit _1121$
ip as-path access-list 21 deny any
! Permit A, B, C, D and E to be propagated - they will default
! to Local_Pref of 100 in the upstream neighbor.
route-map SET_COMMUNITY_1 permit 10
match ip address 10
! Explicitly deny all other prefixes from being
! propagated to the associated peer router.
route-map SET_COMMUNITY_1 deny 20
route-map SET_COMMUNITY_2 permit 10
match ip address 10
match ip address 11
set community 0x0DE9005A
route-map SET_COMMUNITY_2 deny 20
route-map SET_COMMUNITY_3 permit 10
match ip address 11
route-map SET_COMMUNITY_3 deny 20
! This route-map is necessary to permit only the redistribution
! of the default route into the EIGRP process 7341. There is
! no need to introduce the other “place-holder” routes to null0
! into the EIGRP process.
route-map ONLY_DEFAULT permit 10
match ip address 3
route-map ONLY_DEFAULT deny 20
! Static route definitions.
ip route 0.0.0.0 0.0.0.0 b.b.b.1
ip route 0.0.0.0 0.0.0.0 a.a.a.1 210
ip route 212.18.22.0 255.255.252.0 null0
ip route 212.18.12.0 255.255.248.0 null0
ip route 201.9.110.0 255.255.240.0 null0
ip route 173.41.220.0 255.255.248.0 null0
ip route 200.5.32.0 255.255.224.0 null0
ip route 200.23.7.0 255.255.224.0 null0
ip route 172.22.0.0 255.255.0.0 null0

网络管理, 网络管理