ex4550與防火牆旁路BGP牽引配置
創建as域及對端
set routing-options autonomous-system 65533
set protocols bgp group ebgp type external
set protocols bgp group ebgp neighbor 10.0.0.2 multihop
set protocols bgp group ebgp neighbor 10.0.0.2 import bgp_permit
set protocols bgp group ebgp neighbor 10.0.0.2 export bgp_deny
set protocols bgp group ebgp neighbor 10.0.0.2 peer-as 65534
編寫需要發佈/不發佈的路由,需要引入的路由。
set policy-options policy-statement bgp_deny term 1 from route-filter 0.0.0.0/0 orlonger
set policy-options policy-statement bgp_deny term 1 then reject
set policy-options policy-statement bgp_permit term 1 from route-filter 1.0.0.0/24 upto /32
set policy-options policy-statement bgp_permit term 1 then accept
set policy-options policy-statement bgp_permit term 2 then reject
創建策略路由指定回注端口。
set firewall family inet filter zzidcip term pass from destination-address 1.0.0.0/24
set firewall family inet filter zzidcip term pass then routing-instance zzidcip
set firewall family inet filter zzidcip term 1 then accept
set routing-instances zzidcip instance-type forwarding
set routing-instances zzidcip routing-options static route 0.0.0.0/0 next-hop 172.31.4.5
主策略路由內引入附表 。
set routing-options rib-groups celve import-rib zzidcip.inet.0
端口應用策略路由。
set interfaces xe-0/0/20 unit 0 family inet filter input zzidcip
set interfaces xe-0/0/20 unit 0 family inet address 10.0.0.1/30
通過show bgp summary查看bgp狀態