一、拓扑图
使用distribute-list(分发列表)过滤BGP路由_路由
 
二、配置
 
R1#sh run
Building configuration...
Current configuration : 1725 bytes
!
! Last configuration change at 09:38:24 UTC Fri Jul 9 2010
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
archive
 log config
  hidekeys
!
!
interface Loopback0
 ip address 172.16.1.1 255.255.255.0
!
interface Loopback1
 ip address 172.16.2.1 255.255.255.0
!
interface Loopback2
 ip address 172.16.3.1 255.255.255.0
!
interface Loopback3
 ip address 172.16.4.1 255.255.255.0
!
interface FastEthernet0/0
 ip address 12.12.12.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet1/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet1/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
router bgp 64512
 no synchronization
 bgp log-neighbor-changes
 network 172.16.1.0 mask 255.255.255.0
 network 172.16.2.0 mask 255.255.255.0
 network 172.16.3.0 mask 255.255.255.0
 network 172.16.4.0 mask 255.255.255.0
 neighbor 12.12.12.2 remote-as 64512
 no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!

control-plane
!
gatekeeper
 shutdown
!
!
line con 0
 exec-timeout 0 0
 logging synchronous
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 login
!
end
====================================================================
R2#sh run
Building configuration...
Current configuration : 1822 bytes
!
! Last configuration change at 11:00:00 UTC Fri Jul 9 2010
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
archive
 log config
  hidekeys
!

interface Loopback0
 ip address 192.168.1.1 255.255.255.0
!
interface Loopback1
 ip address 192.168.2.1 255.255.255.0
!
interface Loopback2
 ip address 192.168.3.1 255.255.255.0
!
interface FastEthernet0/0
 ip address 12.12.12.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 23.23.23.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet1/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
router bgp 64512
 no synchronization
 bgp log-neighbor-changes
 network 192.168.1.0
 network 192.168.2.0
 network 192.168.3.0
 neighbor 12.12.12.1 remote-as 64512
 neighbor 12.12.12.1 next-hop-self
 neighbor 23.23.23.2 remote-as 100
 neighbor 23.23.23.2 distribute-list dl out
 no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!        
!
!
ip access-list extended dl
 deny   ip 172.16.1.0 0.0.0.255 any
 deny   ip 172.16.2.0 0.0.0.255 any
 permit ip any any
!

control-plane
!
gatekeeper
 shutdown
!
!
line con 0
 exec-timeout 0 0
 logging synchronous
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 login
!
end
====================================================================
R3#sh run
Building configuration...
Current configuration : 1625 bytes
!
! Last configuration change at 10:43:52 UTC Fri Jul 9 2010
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
!
!
!        
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
archive
 log config
  hidekeys
!
interface Loopback0
 ip address 10.10.10.1 255.255.255.0
!
interface Loopback1
 ip address 10.10.11.1 255.255.255.0
!
interface Loopback2
 ip address 10.10.12.1 255.255.255.0
!
interface FastEthernet0/0
 ip address 23.23.23.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet1/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet1/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet2/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 network 10.10.10.0 mask 255.255.255.0
 network 10.10.11.0 mask 255.255.255.0
 network 10.10.12.0 mask 255.255.255.0
 neighbor 23.23.23.1 remote-as 64512
 no auto-summary
!
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
!
gatekeeper
 shutdown
!
!
line con 0
 exec-timeout 0 0
 logging synchronous
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 login
!
end
 
R3#sh ip bgp
BGP table version is 23, local router ID is 10.10.12.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.10.0/24    0.0.0.0                  0         32768 i
*> 10.10.11.0/24    0.0.0.0                  0         32768 i
*> 10.10.12.0/24    0.0.0.0                  0         32768 i
*> 172.16.3.0/24    23.23.23.1                             0 64512 i
*> 172.16.4.0/24    23.23.23.1                             0 64512 i
*> 192.168.1.0      23.23.23.1               0             0 64512 i
*> 192.168.2.0      23.23.23.1               0             0 64512 i
*> 192.168.3.0      23.23.23.1               0             0 64512 i
 
 
这样就可过滤掉R1的172.16.1.0/24和172.16.2.0/24两个网段。