Bgp confederation configuration at the cli, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual
Page 513
488
[SecPathD] bgp 200
[SecPathD-bgp] peer 194.1.1.1 as-number 200
[SecPathD-bgp] quit
3.
Configure the route reflector:
# Configure SecPath C as the route reflector.
[SecPathC] bgp 200
[SecPathC-bgp] peer 193.1.1.2 reflect-client
[SecPathC-bgp] peer 194.1.1.2 reflect-client
[SecPathC-bgp] quit
4.
Verify the configuration:
# Display the BGP routing table on SecPath B.
[SecPathB] display bgp routing-table
Total Number of Routes: 1
BGP Local router ID is 200.1.2.2
Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 1.0.0.0 192.1.1.1 0 0 100i
# Display the BGP routing table on SecPath D.
[SecPathD] display bgp routing-table
Total Number of Routes: 1
BGP Local router ID is 200.1.2.1
Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
i 1.0.0.0 193.1.1.2 0 100 0 100i
SecPath D learned the route 1.0.0.0/8 from SecPath C.
BGP confederation configuration at the CLI
Network requirements
As shown in
, to reduce IBGP connections in AS 200, split it into three sub-ASs, AS65001,
AS65002 and AS65003. Firewalls in AS65001 are fully meshed.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS H3C SecBlade LB Cards H3C SecPath L1000-A Load Balancer