CISCO官方配置手册PBR

Corporate Headquarters:Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706USACopyright © 2005 Cisco Systems, Inc. All rights reserved.BGP Link BandwidthThe Border Gateway Protocol (BGP) Link Bandwidth feature is used to advertise the bandwidth of an autonomous system exit link as an extended community. This feature is configured for links between directly connected external BGP (eBGP)neighbors.The link bandwidth extended community attribute is propagated to iBGP peers when extended community exchange is enabled. This feature is used with BGP multipath features to configure load balancing over links with unequal bandwidth.History for the BGP Link Bandwidth FeatureFinding Support Information for Platforms and Cisco IOS Software ImagesUse Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at /go/fn . You must have an account on .If you do not have an account or have forgotten your username or password,click Cancel at the login dialog box and follow the instructions that appear.Contents•Prerequisites for BGP Link Bandwidth, page 2•Restrictions for BGP Link Bandwidth, page 2•Information About BGP Link Bandwidth, page 2•How to Configure BGP Link Bandwidth, page 3•Configuration Examples for BGP Link Bandwidth, page 5•Additional References, page 9•Command Reference, page 11Release Modification12.2(2)T This feature was introduced.12.2(14)S This feature was integrated into Cisco IOS Release 12.0(14)S.12.2(11)T This feature was integrated in Cisco IOS Release 12.2(11)T.12.0(24)SThis feature was integrated into Cisco IOS Release 12.0(24)S.BGP Link Bandwidth Prerequisites for BGP Link Bandwidth2Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SPrerequisites for BGP Link Bandwidth•BGP load balancing or multipath load balancing must be configured before this feature is enabled.•BGP extended community exchange must be enabled between iBGP neighbors to which the link bandwidth attribute is to be advertised.•Cisco Express Forwarding (CEF) or distributed CEF (dCEF) must be enabled on all participating routers.Restrictions for BGP Link Bandwidth•This feature can be configured only under IPv4 and VPNv4 address family sessions.•BGP can originate the link bandwidth community only for directly connected links to eBGPneighbors.•Both iBGP and eBGP load balancing are supported in IPv4and VPNv4address families.However, eiBGP load balancing is supported only in VPNv4 address-family.Information About BGP Link BandwidthTo configure the BGP Link Bandwidth feature, you must understand the following concept:•BGP Link Bandwidth Overview, page2•Link Bandwidth Extended Community Attribute, page3•Benefits of the BGP Link Bandwidth Feature, page3BGP Link Bandwidth OverviewThe BGP Link Bandwidth feature used to enable multipath load balancing for external links withunequal bandwidth capacity.This feature is enabled under an IPv4or VPNv4address family sessions byentering the bgp dmzlink-bw command. This feature supports both iBGP, eBGP multipath loadbalancing, and eiBGP multipath load balancing in Multiprotocol Label Switching (MPLS) VirtualPrivate Networks(VPNs).When this feature is enabled,routes learned from directly connected externalneighbor are propagated through the internal BGP (iBGP) network with the bandwidth of the sourceexternal link.The link bandwidth extended community indicates the preference of an autonomous system exit link interms of bandwidth. This extended community is applied to external links between directly connectedeBGP peers by entering the neighbor dmzlink-bw command.The link bandwidth extended communityattribute is propagated to iBGP peers when extended community exchange is enabled with the neighborsend-community command.BGP Link BandwidthHow to Configure BGP Link BandwidthLink Bandwidth Extended Community AttributeThe link bandwidth extended community attribute is a4-byte value that is configured for a link that onthe demilitarized zone (DMZ) interface that connects two single hop eBGP peers. The link bandwidthextended community attribute is used as a traffic sharing value relative to other paths while forwardingtraffic. Two paths are designated as equal for load balancing if the weight, local-pref, as-path length,Multi Exit Discriminator (MED), and Interior Gateway Protocol (IGP) costs are the same. Benefits of the BGP Link Bandwidth FeatureThe BGP Link Bandwidth feature allows BGP to be configured to send traffic over multiple iBGP oreBGP learned paths where the traffic that is sent is proportional to the bandwidth of the links that areused to exit the autonomous system.The configuration of this feature can be used with eBGP and iBGPmultipath features to enable unequal cost load balancing over multiple links. Unequal cost loadbalancing over links with unequal bandwidth was not possible in BGP before the BGP Link Bandwidthfeature was introduced.How to Configure BGP Link BandwidthThis section contains the following procedures:•Configuring BGP Link Bandwidth, page3•Verifying BGP Link Bandwidth Configuration, page5Configuring BGP Link BandwidthTo configure the BGP Link Bandwidth feature, perform the steps in this section.SUMMARY STEPS1.enable2.configure {terminal |memory |network}3.router bgp as-number4.address-family ipv4[mdt | multicast |tunnel | unicast[vrf vrf-name] |vrf vrf-name] | ipv6[multicast |unicast] |vpnv4[unicast]5.bgp dmzlink-bw6.neighbor ip-address dmzlink-bw7.neighbor ip-address send-community [both |extended |standard]8.endCisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)S3BGP Link Bandwidth How to Configure BGP Link Bandwidth4Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SDETAILED STEPSCommand or Action PurposeStep1enableExample:Router> enable Enables higher privilege levels, such as privileged EXEC mode.•Enter your password if prompted.Step2configure {terminal | memory | network}Example:Router# configure terminalEnters global configuration mode.Step3router bgp as-numberExample:Router(config)# router bgp 50000Enters router configuration mode to create or configure a BGP routing process.Step4address-family ipv4[mdt|multicast|tunnel| unicast [vrf vrf-name] | vrf vrf-name] | ipv6[multicast | unicast] | vpnv4 [unicast]Example:Router(config-router)#address-family ipv4Places the router in address family configuration mode.•The BGP Link Bandwidth feature is supported only under the IPv4 and VPNv4 address families.Step5bgp dmzlink-bwExample:Router(config-router-af)#bgp dmzlink-bw Configures BGP to distribute traffic proportionally to the bandwidth of the link.•This command must be entered on each router that contains an external interface that is to be used formultipath load balancing.Step6neighbor ip-address dmzlink-bwExample:Router(config-router-af)#neighbor 172.16.1.1dmzlink-bw Configures BGP to include the link bandwidth attribute for routes learned from the external interface specified IP address.•This command must be configured for each eBGP link that is to be configured as a multipath. Enabling thiscommand allows the bandwidth of the external link to be propagated through the link bandwidth extendedcommunity.Step7neighbor ip-address send-community [both | extended | standard]Example:Router(config-router-af)#neighbor 10.10.10.1send-community extended (Optional) Enables community and/or extended community exchange with the specified neighbor.•This command must be configured for iBGP peers to which the link bandwidth extended communityattribute is to be propagated.Step8endExample:Router(config-router-af)#end Exits address family configuration mode,and enters Privileged EXEC mode.BGP Link BandwidthConfiguration Examples for BGP Link Bandwidth5Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SVerifying BGP Link Bandwidth ConfigurationTo verify the BGP Link Bandwidth feature, perform the steps in this section.SUMMARY STEPS1.enable2.show ip bgp ip-address [longer-prefixes [injected ] |shorter-prefixes [mask-length ]]3.show ip route [[ip-address [mask ] [longer-prefixes ]] | [protocol [process-id ]] | [list access-list-number |access-list-name ] | [static download ]]DETAILED STEPSConfiguration Examples for BGP Link BandwidthThe following examples show how to configure and verify this feature:•BGP Link Bandwidth Configuration Example, page 6•Verifying BGP Link Bandwidth, page 8Command or ActionPurposeStep 1enableExample:Router> enableEnables higher privilege levels, such as privileged EXEC mode.•Enter your password if prompted.Step 2show ip bgp ip-address [longer-prefixes[injected] | shorter-prefixes [mask-length]]Example:Router# show ip bgp 10.0.0.0Displays information about the TCP and BGP connections to neighbors.•The output displays the status of the link bandwidth configuration. The bandwidth of the link is shown in kilobytes.Step 3show ip route [[ip-address [mask][longer-prefixes]] | [protocol [process-id]] |[list access-list-number | access-list-name] |[static download]]Example:Router#show ip route 10.0.0.0Displays the current state of the routing table.•The output displays traffic share values, including the weights of the links that are used to direct traffic proportionally to the bandwidth of each link.BGP Link BandwidthConfiguration Examples for BGP Link Bandwidth6Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SBGP Link Bandwidth Configuration ExampleIn the following examples,the BGP Link Bandwidth feature is configured so BGP will distribute traffic proportionally to the bandwidth of each external link.Figure 1shows two external autonomous systems connected by three links that each carry a different amount of bandwidth (unequal cost links).Multipath load balancing is enabled and traffic is balanced proportionally.Figure 1BGP Link Bandwidth ConfigurationRouter A ConfigurationIn the following example, Router A is configured to support iBGP multipath load balancing and to exchange the BGP extended community attribute with iBGP neighbors:Router A(config)#router bgp 100Router A(config-router)#neighbor 10.10.10.2 remote-as 100Router A(config-router)#neighbor 10.10.10.2 update-source Loopback 0Router A(config-router)#neighbor 10.10.10.3 remote-as 100Router A(config-router)#neighbor 10.10.10.3 update-source Loopback 0Router A(config-router)#address-family ipv4Router A(config-router)#bgp dmzlink-bwRouter A(config-router-af)#neighbor 10.10.10.2 activateRouter A(config-router-af)#neighbor 10.10.10.2 send-community both Router A(config-router-af)#neighbor 10.10.10.3 activateRouter A(config-router-af)#neighbor 10.10.10.3 send-community both Router A(config-router-af)#maximum-paths ibgp 6Autonomous system 100Autonomous system 200Router ARouter Bs1s1s0s1s0s010.10.10.x/24Router CRouter D Router EBandwidth in bits per =50017335000second54705BGP Link BandwidthConfiguration Examples for BGP Link BandwidthRouter B ConfigurationIn the following example, Router B is configured to support multipath load balancing, to distributeRouter D and Router E link traffic proportionally to the bandwidth of each link, and to advertise thebandwidth of these links to iBGP neighbors as an extended community:Router B(config)#router bgp 100Router B(config-router)#neighbor 10.10.10.1 remote-as 100Router B(config-router)#neighbor 10.10.10.1 update-source Loopback 0Router B(config-router)#neighbor 10.10.10.3 remote-as 100Router B(config-router)#neighbor 10.10.10.3 update-source Loopback 0Router B(config-router)#neighbor 172.16.1.1 remote-as 200Router B(config-router)#neighbor 172.16.1.1 ebgp-multihop 1Router B(config-router)#neighbor 172.16.2.2 remote-as 200Router B(config-router)#neighbor 172.16.2.2 ebgp-multihop 1Router B(config-router)#address-family ipv4Router B(config-router-af)#bgp dmzlink-bwRouter B(config-router-af)#neighbor 10.10.10.1 activateRouter B(config-router-af)#neighbor 10.10.10.1 next-hop-selfRouter B(config-router-af)#neighbor 10.10.10.1 send-community bothRouter B(config-router-af)#neighbor 10.10.10.3 activateRouter B(config-router-af)#neighbor 10.10.10.3 next-hop-selfRouter B(config-router-af)#neighbor 10.10.10.3 send-community bothRouter B(config-router-af)#neighbor 172.16.1.1activateRouter B(config-router-af)#neighbor 172.16.1.1 dmzlink-bwRouter B(config-router-af)#neighbor 172.16.2.2 activateRouter B(config-router-af)#neighbor 172.16.2.2 dmzlink-bwRouter B(config-router-af)#maximum-paths ibgp 6Router B(config-router-af)#maximum-paths 6Router C ConfigurationIn the following example, Router C is configured to support multipath load balancing and to advertisethe bandwidth of the link with Router E to iBGP neighbors as an extended community:Router C(config)#router bgp 100Router C(config-router)#neighbor 10.10.10.1 remote-as 100Router C(config-router)#neighbor 10.10.10.1 update-source Loopback 0Router C(config-router)#neighbor 10.10.10.2 remote-as 100Router C(config-router)#neighbor 10.10.10.2 update-source Loopback 0Router C(config-router)#neighbor 172.16.3.30 remote-as 200Router C(config-router)#neighbor 172.16.3.30 ebgp-multihop 1Router C(config-router)#address-family ipv4Router C(config-router-af)#bgp dmzlink-bwRouter C(config-router-af)#neighbor 10.10.10.1 activateRouter C(config-router-af)#neighbor 10.10.10.1 send-community bothRouter C(config-router-af)#neighbor 10.10.10.1 next-hop-selfRouter C(config-router-af)#neighbor 10.10.10.2 activateRouter C(config-router-af)#neighbor 10.10.10.2 send-community bothRouter C(config-router-af)#neighbor 10.10.10.2 next-hop-selfRouter C(config-router-af)#neighbor 172.16.3.3 activateRouter C(config-router-af)#neighbor 172.16.3.3 dmzlink-bwRouter C(config-router-af)#maximum-paths ibgp 6Router C(config-router-af)#maximum-paths 6Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)S7BGP Link Bandwidth Configuration Examples for BGP Link Bandwidth8Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SVerifying BGP Link BandwidthThe examples in this section show the verification of this feature on Router A and Router B.Router BIn the following example,the show ip bgp command is entered on Router B to verify that two unequalcost best paths have been installed into the BGP routing table.The bandwidth for each link is displayedwith each route.Router B#show ip bgp 192.168.1.0BGP routing table entry for 192.168.1.0/24, version 48Paths: (2 available, best #2)Multipath: eBGPAdvertised to update-groups:1 2200172.16.1.1 from 172.16.1.2 (192.168.1.1)Origin incomplete, metric 0, localpref 100, valid, external, multipath, bestExtended Community: 0x0:0:0DMZ-Link Bw 278 kbytes200172.16.2.2 from 172.16.2.2 (192.168.1.1)Origin incomplete, metric 0, localpref 100, valid, external, multipath, bestExtended Community: 0x0:0:0DMZ-Link Bw 625 kbytesRouter AIn the following example, the show ip bgp command is entered on Router A to verify that the linkbandwidth extended community has been propagated through the iBGP network to Router A.The outputshows that a route for each exit link (on Router B and Router C) to autonomous system 200 has beeninstalled as a best path in the BGP routing table.Router A#show ip bgp 192.168.1.0BGP routing table entry for 192.168.1.0/24, version 48Paths: (3 available, best #3)Multipath: eBGPAdvertised to update-groups:1 2200172.16.1.1 from 172.16.1.2 (192.168.1.1)Origin incomplete, metric 0, localpref 100, valid, external, multipathExtended Community: 0x0:0:0DMZ-Link Bw 278 kbytes200172.16.2.2 from 172.16.2.2 (192.168.1.1)Origin incomplete, metric 0, localpref 100, valid, external, multipath, bestExtended Community: 0x0:0:0DMZ-Link Bw 625 kbytes200172.16.3.3 from 172.16.3.3 (192.168.1.1)Origin incomplete, metric 0, localpref 100, valid, external, multipath, bestExtended Community: 0x0:0:0DMZ-Link Bw 2500 kbytesBGP Link BandwidthWhere to Go Next9Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SRouter AIn the following example, the show ip route command is entered on Router A to verify the multipath routes that are advertised and the associated traffic share values:Router A#show ip route 192.168.1.0Routing entry for 192.168.1.0/24Known via "bgp 100", distance 200, metric 0 Tag 200, type internalLast update from 172.168.1.1 00:01:43 ago Routing Descriptor Blocks:* 172.168.1.1, from 172.168.1.1, 00:01:43 ago Route metric is 0, traffic share count is 13 AS Hops 1, BGP network version 0 Route tag 200172.168.2.2, from 172.168.2.2, 00:01:43 ago Route metric is 0, traffic share count is 30 AS Hops 1, BGP network version 0 Route tag 200172.168.3.3, from 172.168.3.3, 00:01:43 agoRoute metric is 0, traffic share count is 120 AS Hops 1, BGP network version 0 Route tag 200Where to Go NextFor information about the BGP Multipath Load Sharing for Both eBGP and iBGP in an MPLS-VPN feature, refer to the following document:/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s24/s_e ibmpl.htmFor more information about the iBGP Multipath Load Sharing feature,refer to the following document:/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t2/ftbgpls.htmAdditional ReferencesThe following sections provide references related to BGP Link Bandwidth feature.Related DocumentsRelated TopicDocument TitleBGP commands:complete command syntax,command mode, command history, defaults, usage guidelines,and examples•Cisco IOS IP Command Reference, Volume 2 of 4: Routing Protocols,Release 12.3TBGP configuration tasks •Cisco IOS IP Configuration Guide,Release 12.3CEF configuration tasks•Cisco IOS Switching Services Configuration Guide , 12.3BGP Link BandwidthAdditional References10Cisco IOS Release 12.2(2)T, 12.2(14)S, 12.2(11)T, and 12.0(24)SStandardsMIBsRFCsTechnical AssistanceStandardTitleNo new or modified standards are supported by this feature,and support for existing standards has not been modified by this feature.—MIBMIBs LinkNo new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.To obtain lists of supported MIBs by platform and Cisco IOSrelease,and to download MIB modules,go to the Cisco MIB website on at the following URL:/public/sw-center/netmgmt/cmtk/mibs.shtmlRFCTitledraft-ramachandra-bgp-ext-communities-09.txtBGP Extended Communities AttributeDescriptionLinkTechnical Assistance Center (TAC) home page,containing 30,000 pages of searchable technical content, including links to products, technologies,solutions, technical tips, and tools. Registered users can log in from this page to access even more content.TAC Home Page:/public/support/tac/home.shtml BGP Support Page:/cgi-bin/Support/browse/psp_view.pl?p=Inter networking:BGPCommand ReferenceCommand ReferenceThis section documents the new commands.•bgp dmzlink-bw•neighbor dmzlink-bwbgp dmzlink-bw bgp dmzlink-bwTo configure BGP to distribute traffic proportionally over external links with unequal bandwidth whenmultipath load balancing is enabled,use the bgp dmzlink-bw command in address family configurationmode. To disable traffic distribution proportional to the link bandwidth, use the no form of thiscommand.bgp dmzlink-bwno bgp dmzlink-bwSyntax Description This command has no keywords or arguments.Defaults No default behavior or valuesCommand Modes Address family configurationCommand History Usage Guidelines The bgp dmzlink-bw command is used to configure BGP to distribute traffic proportionally to thebandwidth of external links.This command is configured for multipath load balancing between directlyconnected external BGP (eBGP) neighbors. This feature is used with BGP multipath features toconfigure load balancing over links with unequal bandwidth.The neighbor dmzlink-bw command mustalso be configured for each external link through which multipath load balancing is configured toadvertise the link bandwidth as an extended community. The neighbor send-community command isconfigured to exchange the link bandwidth extended community with internal BGP (iBGP) peers.Examples In the following example, the BGP Link Bandwidth feature is configured to allow multipath loadbalancing to distribute link traffic proportionally to the bandwidth of each external link,and to advertisethe bandwidth of these links to iBGP peers as an extended community:Router(config)#router bgp 100Router(config-router)#neighbor 10.10.10.1 remote-as 100Router(config-router)#neighbor 10.10.10.1 update-source Loopback 0Router(config-router)#neighbor 10.10.10.3 remote-as 100Router(config-router)#neighbor 10.10.10.3 update-source Loopback 0Router(config-router)#neighbor 172.16.1.1 remote-as 200Router(config-router)#neighbor 172.16.1.1 ebgp-multihop 1Router(config-router)#neighbor 172.16.2.2 remote-as 200Router(config-router)#neighbor 172.16.2.2 ebgp-multihop 1Router(config-router)#address-family ipv4ReleaseModification 12.2(2)TThis command was introduced.12.2(14)SThis command was integrated into Cisco IOS Release 12.2(14)S.12.2(11)TThis command was integrated into Cisco IOS Release 12.2(11)T.12.0(24)S This command was integrated into Cisco IOS Release 12.0(24)S.bgp dmzlink-bw Router(config-router-af)#bgp dmzlink-bwRouter(config-router-af)#neighbor 10.10.10.1 activateRouter(config-router-af)#neighbor 10.10.10.1 next-hop-selfRouter(config-router-af)#neighbor 10.10.10.1 send-community bothRouter(config-router-af)#neighbor 10.10.10.3 activateRouter(config-router-af)#neighbor 10.10.10.3 next-hop-selfRouter(config-router-af)#neighbor 10.10.10.3 send-community bothRouter(config-router-af)#neighbor 172.16.1.1activateRouter(config-router-af)#neighbor 172.16.1.1 dmzlink-bwRouter(config-router-af)#neighbor 172.16.2.2 activateRouter(config-router-af)#neighbor 172.16.2.2 dmzlink-bwRouter(config-router-af)#maximum-paths ibgp 6Router(config-router-af)#maximum-paths 6Related Commands Command Descriptionneighbor dmzlink-bw Configures BGP to advertise the bandwidth of links that are used toexit an autonomous system.neighbor send-community Specifies that a communities attribute should be sent to a BGPneighbor.maximum-paths Controls the maximum number of parallel routes an IP routingprotocol can support.maximum-paths eibgp Controls the maximum number of eBGP or iBGP paths that can beconfigured in an MPLS VPN.maximum-paths ibgp Controls the maximum number of parallel iBGP routes that can beinstalled in a routing table.neighbor dmzlink-bw neighbor dmzlink-bwTo configure BGP to advertise the bandwidth of links that are used to exit an autonomous system, usethe neighbor dmzlink-bw command in address family configuration mode. To disable link bandwidthadvertisement, use the no form of this command.neighbor ip-address dmzlink-bwno neighbor ip-address dmzlink-bwSyntax Description Defaults No default behavior or valuesCommand Modes Address family configurationCommand History Usage Guidelines The neighbor dmzlink-bw command is used to configure BGP to advertise the bandwidth of thespecified external interface as an extended community. This command is configured for links betweendirectly connected external BGP (eBGP)neighbors.The link bandwidth extended community attributeis propagated to iBGP peers when extended community exchange is enabled with the neighborsend-community command. This feature is used with BGP multipath features to configure loadbalancing over links with unequal bandwidth. This feature is not enabled until the bgp dmzlink-bwcommand is entered under the address family session for each router that has a directly connectedexternal link.Examples In the following example, the BGP Link Bandwidth feature is configured to allow multipath loadbalancing to distribute link traffic proportionally to the bandwidth of each external link,and to advertisethe bandwidth of these links to iBGP peers as an extended community:Router(config)#router bgp 100Router(config-router)#neighbor 10.10.10.1 remote-as 100Router(config-router)#neighbor 10.10.10.1 update-source Loopback 0Router(config-router)#neighbor 10.10.10.3 remote-as 100Router(config-router)#neighbor 10.10.10.3 update-source Loopback 0Router(config-router)#neighbor 172.16.1.1 remote-as 200Router(config-router)#neighbor 172.16.1.1 ebgp-multihop 1Router(config-router)#neighbor 172.16.2.2 remote-as 200Router(config-router)#neighbor 172.16.2.2 ebgp-multihop 1ip-address The IP address that identifies the external interface.ReleaseModification 12.2(2)TThis command was introduced.12.2(14)SThis command was integrated into Cisco IOS Release 12.2(14)S.12.2(11)TThis command was integrated into Cisco IOS Release 12.2(11)T.12.0(24)S This command was integrated into Cisco IOS Release 12.0(24)S.neighbor dmzlink-bw Router(config-router)#address-family ipv4Router(config-router-af)#bgp dmzlink-bwRouter(config-router-af)#neighbor 10.10.10.1 activateRouter(config-router-af)#neighbor 10.10.10.1 next-hop-selfRouter(config-router-af)#neighbor 10.10.10.1 send-community bothRouter(config-router-af)#neighbor 10.10.10.3 activateRouter(config-router-af)#neighbor 10.10.10.3 next-hop-selfRouter(config-router-af)#neighbor 10.10.10.3 send-community bothRouter(config-router-af)#neighbor 172.16.1.1activateRouter(config-router-af)#neighbor 172.16.1.1 dmzlink-bwRouter(config-router-af)#neighbor 172.16.2.2 activateRouter(config-router-af)#neighbor 172.16.2.2 dmzlink-bwRouter(config-router-af)#maximum-paths ibgp 6Router(config-router-af)#maximum-paths 6Related Commands Command Descriptionbgp dmzlink-bw Configures BGP to distribute traffic proportionally over external linkswith unequal bandwidth when multipath load balancing is enabled.neighbor send-community Specifies that a communities attribute should be sent to a BGPneighbor.maximum-paths Controls the maximum number of parallel routes an IP routingprotocol can support.maximum-paths eibgp Controls the maximum number of eBGP or iBGP paths that can beconfigured in an MPLS VPN.maximum-paths ibgp Controls the maximum number of parallel iBGP routes that can beinstalled in a routing table.neighbor dmzlink-bwCCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work,Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP,CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital,the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink,Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo,Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet,The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in theUnited States and certain other countries.All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply apartnership relationship between Cisco and any other company. (0601R)Copyright © 2005 Cisco Systems, Inc. All rights reserved.。

思科CCNP认证PBR策略路由与BGP协议详解本⽂讲述了思科CCNP认证PBR策略路由与BGP协议。

分享给⼤家供⼤家参考，具体如下：PBR——策略路由定义：通过流量策略来执⾏选路的⼀种转发⼿段。

控制层⾯——给路由的转发做指导数据层⾯——在路由表中找到路由的出接⼝或者下⼀跳传统的路由表转发只能通过数据的⽬标地址做策略。

策略路由可以根据源地址、⽬的地址、源端⼝、⽬的端⼝、协议、TOS等流量特征来做决策提供路由——灵活性⾼，但速度慢，需要⼀个⼀个抓，操作相对⿇烦。

路由表与策略路由的关系：策略路由是先于路由表执⾏的，策略路由没有捕获的流量依然会去执⾏路由表。

两种配置：1：接⼝下配置access-list 100 permit ip host 1.1.1.1 any //⽤ACL捕获流量route-map pbr permit 10 //定义route-mapnatch ip address 10 //调⽤被ACL捕获的流量set ip next-hop 10.1.1.1 //设置下⼀跳int f0/1ip policy route-map pbr //接⼝下调⽤只能捕获该接⼝的⼊接⼝流量做策略（不能处理本路由器产⽣的流量）。

2：全局配置access-list 100 permit ip host 1.1.1.1 any //⽤ACL捕获流量route-map pbr permit 10 //定义route-mapmatch ip address 10 //调⽤被ACL捕获的流量set ip next-hop 10.1.1.1 //设置下⼀跳ip local policy route-map pbr能够捕获所有接⼝⼊接⼝流量以及本路由器产⽣的流量（源地址是本路由器地址）3：策略路由的冗余设置route-map pbr permit 10match ip address 1ip next-hop verify-availability 10.1.24.2 1 track 1 //track 成功则本条⽣效，track失败则执⾏下⼀条set语句track ip next-hop 10.1.34.3track 1 ip sla 1 //定义⼀个track监控sla的探测结果ip sla 1 //定义⼀个slaip icmp-echo 10.1.12.1 source-ip 10.4.4.4 //设置其探针ip sla schedule 1 life forever start-time now //设置sla 1的执⾏时间4：default 语句在route-map的set ip default这个位置输⼊，定义被捕获的流量为先查路由表。

思科Cisco策略路由详细介绍思科Cisco策略路由详细介绍思科策略路由怎么配置呢?下面yjbys为大家就策略路由的以下四个方面做相关讲解，配置Cisco策略的朋友可以参考下注:PBR以前是CISCO用来丢弃报文的一个主要手段。

比如：设置set interface null 0，按CISCO说法这样会比ACL的deny要节省一些开销。

这里我提醒：interface null 0no ip unreachable //加入这个命令这样避免因为丢弃大量的报文而导致很多ICMP的不可达消息返回。

三层设备在转发数据包时一般都基于数据包的目的地址(目的网络进行转发)，那么策略路由有什么特点呢?1、可以不仅仅依据目的地址转发数据包，它可以基于源地址、数据应用、数据包长度等。

这样转发数据包更灵活。

2、为QoS服务。

使用route-map及策略路由可以根据数据包的特征修改其相关QoS项，进行为QoS服务。

3、负载平衡。

使用策略路由可以设置数据包的行为，比如下一跳、下一接口等，这样在存在多条链路的情况下，可以根据数据包的应用不同而使用不同的链路，进而提供高效的负载平衡能力。

策略路由影响的只是本地的行为，所以可能会引起“不对称路由”形式的流量。

比如一个单位有两条上行链路A与B，该单位想把所有HTTP流量分担到A 链路，FTP流量分担到B链路，这是没有问题的，但在其上行设备上，无法保证下行的HTTP流量分担到A链路，FTP 流量分担到B链路。

策略路由一般针对的是接口入(in)方向的数据包，但也可在启用相关配置的情况下对本地所发出的数据包也进行策略路由。

本文就策略路由的以下四个方面做相关讲解：1、启用策略路由2、启用Fast-Switched PBR3、启用Local PBR4、启用CEF-Switched PBR启用策略路由：开始配置route-map。

使用route-map map-tag [permit | deny] [sequence-number]进入route-map的配置模式。

配置接口特性这一章详细说明交换机上的接口和描述怎么配置他们。

这章有以下这些内容：●理解接口类型●使用接口命令●配置二层接口●监控和维护第二层接口●配置第三从接口注意：需要完整的有关该章的语法和应用信息，请参考Catalyst 3550 Multilayer Switch Command Reference和Cisco IOS Interface Command Referencefor Release 12.1.理解接口类型这个部分描述了不同的接口类型，以及其它章节所包括的详细配置这些接口的一些参考内容。

其他章节描述了物理接口特性的配置过程。

这部分包括：•基于端口的VLAN （Port-Based VLANs）•交换端口（Switch Ports）•以太网通道端口组（EtherChannel Port Groups）•交换虚拟接口（Switch Virtual Interfaces）•被路由端口（Routed Ports）•连接接口（Connecting Interfaces）基于端口的VLAN （Port-based Vlans）一个Vlan是一个按功能、组、或者应用被逻辑分段的交换网络，并不考虑使用者的物理位置。

要更多关于Vlan的信息请看“Configuring VLANS”。

一个端口上接受到的包被发往属于同一个Vlan的接收端口。

没有一个第三层的设备路由Vlan间的流量，不同Vlan的网络设备无法通讯。

为了配置普通范围（Normal-range） Vlan（Vlan IDs 1-1005），使用命令：config-vlan模式(global) vlan vlan-id或vlan-configuration模式(exec) vlan database针对Vlan ID 1-1005的vlan-configration模式被保存在vlan数据库中。

为配置扩展范围（extended-range） Vlans （Vlan ID 1006-4094），你必须使用config-vlan模式，并把VTP的模式设为transparent透明模式。

Cisco产品配置手册（路由器部分）同天科技目录第一章路由器配置基础一、基本设置方式 (2)二、命令状态 (3)三、设置对话过程 (3)四、常用命令 (7)五、配置IP地址 (9)六、配置静态路由 (12)第二章广域网协议设置一、HDCL (13)二、PPP (16)三、X.25 (18)四、Frame Relay (22)五、ISDN (26)六、PSTN (35)第三章路由器协议设置一、RIP协议 (49)二、IGRP协议 (50)三、OSPF协议 (52)四、重新分配路由 (56)五、IPX协议设置 (59)第四章服务质量及访问控制一、协议优先级设置 (61)二、队列定制 (62)三、访问控制 (63)第五章虚拟局域网（VLAN）路由一、虚拟局域网（VLAN） (64)二、交换机间链路（ISL）协议 (64)三、虚拟局域网（VLAN）路由实例 (64)第六章参考一、Cisco路由器口令恢复 (70)二、IP地址分配 (71)1.路由器配置基础1.1. 基本配置方式一般来说，可以用5种方式来设置路由器：1．Console 口接终端或运行终端仿真软件的微机；机相连；3．通过Ethernet上的TFTP服务器；4．通过Ethernet 上的TELNET程序；5．通过Ethernet 上的SNMP网管工作站。

但路由器的第一次设置必须通过第一种方式进行，此时终端的硬件设置如下：波特率：960O数据位：8停止位：1奇偶校验：无1.2.1.3. 命令状态1．router＞路由器处于用户命令状态，这时用户可以看路由器的连接状态，访问它网络和主机，但不能看到和更改路由器的设置内容。

2．router＃往router＞提示符下键人enable，路由器进入特权命令状态router＃，时不但可以执行所有的用户命令，还可以看到和更改路由器的设置内容。

3．router（config）＃在router＃提示符下键入。

Configure terminal，出现提示符router（config）＃，此时路由器处于分局设置状态，这时可以设置路出器的全局参数。

CISCO 策略路由（PBR）配置实例时间:2010-02-17 22:56来源:未知作者:admin 点击: 142次策略路由选择可以选择修改下一跳地址以及标记数据包来提供不通的网络服务。

PBR一般用于修改基于源地址的下一跳地址。

推荐实现方式：PBR给于外发IP数据包标记IP优先位，这样方便了实施QoS策略。

一般来说，PBR是通过路由映射来配置的。

看个详细配置实例，你策略路由选择可以选择修改下一跳地址以及标记数据包来提供不通的网络服务。

PBR一般用于修改基于源地址的下一跳地址。

推荐实现方式：PBR给于外发IP数据包标记IP优先位，这样方便了实施QoS策略。

一般来说，PBR是通过路由映射来配置的。

看个详细配置实例，你会更加明白：定义了两个访问列表：10和20，经过配置使来自网络192.168.1.0/24的数据包的下一跳地址改为192.168.100.1；使来自 192.168.2.0/24的数据包的下一跳地址改为192.168.100.2.其他源始发的数据包正常路由。

命令如下：My3377(config)#access-list 10 permit 192.168.1.0 //用访问控制列表先抓取路由My3377(config)#access-list 20 permit 192.168.2.0My3377(config)#route-map nexthop permit 10 //起个名字My3377(config-route-map)#match ip address 10 //匹配一个列表My3377(config-route-map)#set ip next-hop 192.168.100.1 //设置一个策略My3377(config-route-map)#exitMy3377(config)#route-map nexthop permit 20My3377(config-route-map)#match ip address 20My3377(config-route-map)#set ip next-hop 192.168.100.2My3377(config-route-map)#exitMy3377(config)#route-map nexthop permit 30My3377(config)#int s2/1My3377(config-if)#ip policy route-map nexthop //接口下调用My3377(config-if)#exit。

Cisco路由器配置手册(大全)第一章路由器配置基础一、基本设置方式一般来说，可以用5种方式来设置路由器：1．Console口接终端或运行终端仿真软件的微机；2．AUX口接MODEM，通过电话线与远方的终端或运行终端仿真软件的微机相连；3．通过Ethernet上的TFTP服务器；4．通过Ethernet上的TELNET程序；5．通过Ethernet上的SNMP网管工作站。

但路由器的第一次设置必须通过第一种方式进行,此时终端的硬件设置如下:波特率：9600数据位：8停止位：1奇偶校验: 无二、命令状态1. router>路由器处于用户命令状态，这时用户可以看路由器的连接状态，访问其它网络和主机，但不能看到和更改路由器的设置内容。

2. router#在router>提示符下键入enable,路由器进入特权命令状态router#，这时不但可以执行所有的用户命令，还可以看到和更改路由器的设置内容。

3. router(config)#在router#提示符下键入configure terminal,出现提示符router(config)#，此时路由器处于全局设置状态，这时可以设置路由器的全局参数。

4. router(config-if)#; router(config-line)#; router(config-router)#;…路由器处于局部设置状态，这时可以设置路由器某个局部的参数。

5. >路由器处于RXBOOT状态，在开机后60秒内按ctrl-break可进入此状态，这时路由器不能完成正常的功能，只能进行软件升级和手工引导。

6. 设置对话状态这是一台新路由器开机时自动进入的状态，在特权命令状态使用SETUP命令也可进入此状态，这时可通过对话方式对路由器进行设置。

三、设置对话过程1. 显示提示信息2. 全局参数的设置3. 接口参数的设置4. 显示结果利用设置对话过程可以避免手工输入命令的烦琐，但它还不能完全代替手工设置，一些特殊的设置还必须通过手工输入的方式完成。

Cisco配置实例:BGP的各种属性配置发布时间：05-07页数：2页上一篇:思科认证考试及课程表下一篇:思科认证:ISA2004发布非标准端口的FTP服务Lab 31. Configuring BGP Summarization实验目的：1、掌握使用指向NULL0接口的静态路由的汇总配置方法。

2、掌握使用聚合属性的路由汇总配置方法。

R1(config)#ip route 172.16.0.0 255.255.252.0 null 0R1(config)#router bgp 64512R1(config-router)#aggregate-address 172.16.0.0 255.255.252.0 summary- onlyLab 33. BGP Neighbor Authentication实验目的：1、掌握其于MD5的BGP对等体认证配置。

R1(config)#router bgp 64512R1(config-router)#neighbor 10.1.255.2 password cisco123R2(config)#router bgp 64513R2(config-router)#neighbor 10.1.255.1 password cisco123Lab 34. Configuring BGP Local Preference实验目的：1、理解掌握BGP的本地优选属性概念和配置方法。

2、本地优选的属性默认值为100，较高值的路径会被优先选择。

3、本地优先属性，决定离开本自治系统最佳的路径。

(BGP在选择最佳路由时，并不会考具体链路的带宽。

为了解决这一问题，可以在本地配置“本地优先”来确定数据流如何流出本自治系统。

BGP会优先选择本地优先属性值较高的路由。

)R4(config)#router bgp 64513R4(config-router)#bgp default local-preference 200R4(config-router)#exitR4(config)#(BGP在向IBGP对等体通告路由时，其下一跳不变，这种机制被称为BGP的下一跳属性.)R4(config)#router bgp 64513R4(config-router)#neighbor 10.1.1.1 next-hop-selfLab 35. Using Route Maps to Configuring BGP Local Preference实验目的：1、掌握基于route-map的本地优先配置方法。

思科路由器配置手册一、基本设置方式一般来说，可以用5种方式来设置路由器：1．Console口接终端或运行终端仿真软件的微机；2．AUX口接MODEM，通过电话线与远方的终端或运行终端仿真软件的微机相连；3．通过Ethernet上的TFTP服务器；4．通过Ethernet上的TELNET程序；5．通过Ethernet上的SNMP网管工作站。

但路由器的第一次设置必须通过第一种方式进行,此时终端的硬件设置如下:波特率：9600数据位：8停止位：1奇偶校验: 无二、命令状态1. router>路由器处于用户命令状态，这时用户可以看路由器的连接状态，访问其它网络和主机，但不能看到和更改路由器的设置内容。

2. router#在router>提示符下键入enable,路由器进入特权命令状态router#，这时不但可以执行所有的用户命令，还可以看到和更改路由器的设置内容。

3. router(config)#在router#提示符下键入configure terminal,出现提示符router(config)#，此时路由器处于全局设置状态，这时可以设置路由器的全局参数。

4. router(config-if)#; router(config-line)#; router(config-router)#;…路由器处于局部设置状态，这时可以设置路由器某个局部的参数。

5. >路由器处于RXBOOT状态，在开机后60秒内按ctrl-break可进入此状态，这时路由器不能完成正常的功能，只能进行软件升级和手工引导。

6. 设置对话状态这是一台新路由器开机时自动进入的状态，在特权命令状态使用SETUP命令也可进入此状态，这时可通过对话方式对路由器进行设置。

三、设置对话过程显示提示信息全局参数的设置接口参数的设置显示结果利用设置对话过程可以避免手工输入命令的烦琐，但它还不能完全代替手工设置，一些特殊的设置还必须通过手工输入的方式完成。

CISCO交换机配置手册V1.0作者：乖乖猪目录前言 (4)第一章交换机配置基础 ......................................... 错误!未定义书签。

1.1配置方式 ................................................ 错误!未定义书签。

第二章交换机基本配置 .. (4)2.1用户认证 (5)2.1.1特权口令 (5)2.1.2VTY口令 (6)2.2设备名称 (6)2.3SNMP网管串 (6)2.4交换机管理IP (6)2.5综合实验 (7)第三章交换机高级配置 (7)3.1VLAN（虚拟局域网） (7)3.1.1简介 (7)3.1.2命令 (46)3.1.3案例一（VTP方式） (49)3.1.4案例二（VTP方式） (50)3.2STP(生成树协议) (53)3.2.1简介 (53)3.2.2命令 (67)3.2.3案例一(PVST/PVST+ / Rapid -PVST+ 常用) (68)3.2.4案例二（MST VLAN数量大使用） (71)3.2.5案例三（STP 不常用） (72)3.3E THER C HANNEL (75)3.3.1简介 (75)3.3.2命令 (79)3.3.3案例一(强制模式) (80)3.3.4案例二(PAGP模式) (82)3.3.5案例三（LACP模式） (84)3.3.6案例四（交换机与服务器） (85)3.3.7案例五（三层模式） (94)3.4HSRP(思科私有) (95)3.4.1简介 (95)3.4.2命令 (96)3.4.3案例一 (97)3.4.4案例二 (111)3.4.5案例三 (116)3.5VRRP (119)3.5.1简介 (119)3.5.2命令 (124)3.5.3案例一 (125)3.5.4案例二 (132)3.6DHCP (133)3.6.1简介 (133)3.6.2命令 (139)3.6.3案例一 (140)3.6.4案例二 (141)3.6.5案例三 (143)3.7VACL(不常用) (145)3.7.1简介 (145)3.7.2命令 (145)3.7.3案例 (148)3.8端口限速 (151)3.8.1简介 (151)3.8.2案例一（三层交换机QOS） (151)3.8.3案例二（三层交换机风暴控制） (153)第四章日常维护 (155)4.1密码恢复 (155)4.1.1CatOS交换机密码恢复 (155)4.1.2CATALYST 2900,3500XL的密码恢复 (159)4.1.3CATALYST 2940,2950L的密码恢复 (159)4.1.4CATALYST 2955的密码恢复 (159)4.1.5CATALYST 3550,3560,3750的密码恢复 (163)4.1.6CATALYST 6500密码恢复 (164)4.2ISO备份升级 (178)4.2.1TFTP方式 (178)4.2.2Xmodem方式 (180)4.3端口镜像 (182)4.3.1简介 (182)4.3.2命令 (183)4.3.3案例 (185)4.4交换机堆叠 (193)4.4.1简介 (193)4.4.2命令 (198)4.4.3案例一(3750) (199)第五章专业术语解释 (204)5.1冲突域、广播域 (204)5.2CSMA/CD (205)5.3交换机的几种主要技术参数详解和计算 (206)5.4POE (213)前言本手册是作者多年学习整理汇编而成，主要目的是方便大家设备调试使用。

Cisco路由器配置手册(大全)第一章路由器配置基础一、基本设置方式一般来说，可以用5种方式来设置路由器：1．Console口接终端或运行终端仿真软件的微机；2．AUX口接MODEM，通过电话线与远方的终端或运行终端仿真软件的微机相连；3．通过Ethernet上的TFTP服务器；4．通过Ethernet上的TELNET程序；5．通过Ethernet上的SNMP网管工作站。

但路由器的第一次设置必须通过第一种方式进行,此时终端的硬件设置如下:波特率：9600数据位：8停止位：1奇偶校验: 无二、命令状态1. router>路由器处于用户命令状态，这时用户可以看路由器的连接状态，访问其它网络和主机，但不能看到和更改路由器的设置内容。

2. router#在router>提示符下键入enable,路由器进入特权命令状态router#，这时不但可以执行所有的用户命令，还可以看到和更改路由器的设置内容。

3. router(config)#在router#提示符下键入configure terminal,出现提示符router(config)#，此时路由器处于全局设置状态，这时可以设置路由器的全局参数。

4. router(config-if)#; router(config-line)#; router(config-router)#;…路由器处于局部设置状态，这时可以设置路由器某个局部的参数。

5. >路由器处于RXBOOT状态，在开机后60秒内按ctrl-break 可进入此状态，这时路由器不能完成正常的功能，只能进行软件升级和手工引导。

6. 设置对话状态这是一台新路由器开机时自动进入的状态，在特权命令状态使用SETUP命令也可进入此状态，这时可通过对话方式对路由器进行设置。

三、设置对话过程1. 显示提示信息2. 全局参数的设置3. 接口参数的设置4. 显示结果利用设置对话过程可以避免手工输入命令的烦琐，但它还不能完全代替手工设置，一些特殊的设置还必须通过手工输入的方式完成。

Configuring Policy-Based RoutingYou can use policy-based routing (PBR) to configure a defined policy for traffic flows. By using PBR, you can have more control over routing by reducing the reliance on routes derived from routing protocols. PBR can specify and implement routing policies that allow or deny paths based on:•Identity of a particular end system•Application•ProtocolYou can use PBR to provide equal-access and source-sensitive routing, routing based on interactive versus batch traffic, or routing based on dedicated links. For example, you could transfer stock records to a corporate office on a high-bandwidth, high-cost link for a short time while transmitting routine application data such as e-mail over a low-bandwidth, low-cost link.With PBR, you classif y traffic using access control lists (ACLs) and then make traffic go through a different path. PBR is applied to incoming packets. All packets received on an interface with PBR enabled are passed through route maps. Based on the criteria defined in the route maps, packets are forwarded (routed) to the appropriate next hop.•If packets do not match any route map statements, all set clauses are applied.•If a statement is marked as permit and the packets do not match any route-map statements, the packets are sent through the normal forwarding channels, and destination-based routing is performed.•For PBR, route-map statements marked as deny are not supported.For more information about configuring route maps, see the "Using Route Maps to Redistribute Routing Information" section.You can use standard IP ACLs to specify match criteria for a source address or extended IP ACLs to specify match criteria based on an application, a protocol type, or an end station. The process proceeds through the route map until a match is found. If no match is found, normaldestination-based routing occurs. There is an implicit deny at the end of the list of match statements.If match clauses are satisfied, you can use a set clause to specify the IP addresses identifying the next hop router in the path.For details about PBR commands and keywords, see the Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2. For a list of PBR commands that are visible but not supported by the switch, see Appendix C, "Unsupported Commands inCisco IOS Release 12.2(35)SE,"Note This software release does not support PBR when processing IPv4 and IPv6 traffic.PBR Configuration GuidelinesBefore configuring PBR, you should be aware of this information:•To use PBR, you must have the IP services image installed on the switch.•Multicast traffic is not policy-routed. PBR applies to only to unicast traffic.•You can enable PBR on a routed port or an SVI.•The switch does not support route-map deny statements for PBR.•You can apply a policy route map to an EtherChannel port channel in Layer 3 mode, but you cannot apply a policy route map to a physical interface that is a member of the EtherChannel. If you try to do so, the command is rejected. When a policy route map is applied to a physical interface, that interface cannot become a member of an EtherChannel.•You can define a maximum of 246 IP policy route maps on the switch.•You can define a maximum of 512 access control entries (ACEs) for PBR on the switch.•When configuring match criteria in a route map, follow these guidelines:–Do not match ACLs that permit packets destined for a local address. PBR would forward these packets, which could cause ping or Telnet failure or route protocol flapping.–Do not match ACLs with deny ACEs. Packets that match a deny ACE are sent to the CPU, which could cause high CPU utilization.•To use PBR, you must first enable the routing template by using the sdm prefer routing global configuration command. PBR is not supported with the VLAN or default template. For more information on the SDM templates, see Chapter 7, "Configuring SDM Templates."•VRF and PBR are mutually exclusive on a switch interface. You cannot enable VRF when PBR is enabled on an interface. In contrast, you cannot enable PBR when VRF is enabled on an interface.•The number of TCAM entries used by PBR depends on the route map itself, the ACLs used, and the order of the ACLs and route-map entries.•Policy-based routing based on packet length, TOS, set interface, set default next hop, or set default interface are not supported. Policy maps with no valid set actions or with set action set to Don't Fragment are not supported.•Beginning with Cisco IOS Release 12.2(35)SE, the switch supports quality of service (QoS) DSCP and IP precedence matching in PBR route maps with these limitations:–You cannot apply QoS DSCP mutation maps and PBR route maps to the same interface.–You cannot configure DSCP transparency and PBR DSCP route maps on the same switch.–When you configure PBR with QoS DSCP, you can set QoS to be enabled (by entering the mls qos global configuration command) or disabled (by entering the no mls qos command). When QoS is enabled, to ensure that the DSCP value of the traffic is unchanged, you should configure DSCP trust state on the port where traffic enters the switch by entering the mls qos trust dscp interface configuration command. If the trust state is not DSCP, by default all nontrusted traffic would have the DSCP value marked to 0.Enabling PBRBy default, PBR is disabled on the switch. To enable PBR, you must create a route map that specifies the match criteria and the resulting action if all of the match clauses are met. Then, you must enable PBR for that route map on an interface. All packets arriving on the specified interface matching the match clauses are subject to PBR.PBR can be fast-switched or implemented at speeds that do not slow down the switch.Fast-switched PBR supports most match and set commands. PBR must be enabled before you enable fast-switched PBR. Fast-switched PBR is disabled by default.Packets that are generated by the switch, or local packets, are not normally policy-routed. When you globally enable local PBR on the switch, all packets that originate on the switch are subject to local PBR. Local PBR is disabled by default.Note To enable PBR, the switch must be running the IP services image.Beginning in privileged EX EC mode, follow these steps to configure PBR:•••Use the no route-map map-tag global configuration command or the no match or no setroute-map configuration commands to delete an entry. Use the no ip policy route-map map-tag interface configuration command to disable PBR on an interface. Use the no ip route-cache policyinterface configuration command to disable fast-switching PBR. Use the no ip local policy route-map map-tag global configuration command to disable policy-based routing on packets originating on the switch.。

QoS、PBR及基于流的重定向操作目录目录第1章QoS配置........................................................................ 1-11.1 QoS介绍.............................................................................................. 1-11.1.1 QoS术语....................................................................................................1-11.1.2 QoS实现....................................................................................................1-21.1.3 QoS基本模型 ............................................................................................1-21.2 QoS配置.............................................................................................. 1-61.3 QoS举例............................................................................................ 1-101.4 QoS排错帮助..................................................................................... 1-13第2章PBR配置........................................................................ 2-12.1 PBR介绍.............................................................................................. 2-12.2 PBR配置.............................................................................................. 2-12.3 PBR举例.............................................................................................. 2-2第3章IPv6 PBR配置 ............................................................... 3-13.1 PBR（基于策略的路由）功能介绍..................................................... 3-13.2 PBR配置任务序列............................................................................... 3-13.3 PBR举例.............................................................................................. 3-23.4 PBR排错帮助 ...................................................................................... 3-3第4章基于流的重定向 ............................................................. 4-14.1 基于流的重定向介绍........................................................................... 4-14.2 基于流的重定向配置任务序列............................................................ 4-14.3 基于流的重定向举例........................................................................... 4-14.4 基于流的重定向排错帮助 ................................................................... 4-2第1章QoS配置说明：本章所指的L3交换机和路由器代表了一般意义下的路由器或运行了路由协议的无线控制产品。

怎么设置Cisco路由多链路负载均衡思科公司已成为公认的全世界网络互联解决方案的领先厂商，其公司出产的一系列路由器更是引领世界，那么你知道怎么设置Cisco 路由多链路负载均衡吗?下面是店铺整理的一些关于怎么设置Cisco路由多链路负载均衡的相关资料，供你参考。

设置Cisco路由多链路负载均衡的方法基于策略的路由允许应用一个策略控制数据包应如何走而非基于路由表选路。

IP路由基于目标地，而PBR允许基于源的路由，即来自何处而应到哪去，从而根据需要走一条特殊的路径。

在网络中实施基于策略的路由有以下优点1、基于源的供应商选择：通过策略路由使源于不同用户组的数据流选择经过不同的Internet连接。

2、服务质量：可以通过在网络边缘路由器上设置IP数据包包头中的优先级或TOS值，并利用队列机制在网络核心或主干中为数据流划分不同的优先级，来为不同的数据流提供不同级别的QoS。

3、负载均衡：网络管理员可以通过策略路由在多条路径上分发数据流。

4、网络管理更加灵活。

双出口配置实例1、R1连接本地子网，R2为边缘策略路由器，R3模拟双ISP接入的Internet环境。

2、要求R1所连接的局域网部分流量走R2-R3间上条链路(ISP1链路)，部分流量走R2-R3间下条链路(ISP2链路)从而实现基于源的供应商链路选择和网络负载均衡。

R1#sh run //路由器R1的配置……interface Loopback0 //模拟子网一：192.168.1.0/24ip address 192.168.1.1 255.255.255.0 //模拟子网中第一台主机ip address 192.168.1.2 255.255.255.0 secondary //模拟子网中第二台主机!interface Loopback2 //模拟子网二：192.168.2.0/24 ip address 192.168.2.1 255.255.255.0ip address 192.168.2.2 255.255.255.0 secondary!interface FastEthernet0/0ip address 12.0.0.1 255.255.255.0duplex half!……!router rip //通过RIP协议配置网络的连通性version 2network 192.168.1.0network 192.168.1.0network 12.0.0.0……end-----------------------------R3#sh run //路由器R3的配置Building configuration...……interface Loopback0 //模拟一个连接目标description to internetip address 100.100.100.100 255.255.255.0!interface Serial1/1 //模拟ISP1的接入端口ip address 123.0.0.3 255.255.255.0serial restart-delay 0……interface Serial1/3 //模拟ISP2的接入端口ip address 223.0.0.3 255.255.255.0serial restart-delay 0!router ripversion 2network 100.0.0.0network 123.0.0.0network 223.0.0.0no auto-summary!……end---------------------------------------------------------------------------------R2#sh run //策略路由器R2的配置Building configuration...……interface FastEthernet0/0ip address 12.0.0.2 255.255.255.0ip policy route-map isp-test //在接口上启用策略路由isp-test 进行流量控制duplex half!……interface Serial1/1ip address 123.0.0.1 255.255.255.0serial restart-delay 0interface Serial1/3ip address 223.0.0.1 255.255.255.0serial restart-delay 0……router ripversion 2network 12.0.0.0network 123.0.0.0network 223.0.0.0no auto-summary……logging alarm informationalaccess-list 101 permit ip 192.168.1.0 0.0.0.255 host 100.100.100.100 //访问控制列表101，用于过滤原地址，允许子网192.168.1.0流量通过 */access-list 102 permit ip 192.168.2.0 0.0.0.255 host 100.100.100.100 //访问控制列表102，用于过滤原地址，允许子网192.168.2.0流量通过 */!route-map isp-test permit 10 //定义route-map，取名为isp-test，序列为10match ip address 101 //检查源地址，匹配acl 101set ip default next-hop 123.0.0.3 //指定下一跳地址!route-map isp-test permit 20 //定义isp-test的第二条语句，序列号为20match ip address 102 //检查源地下，匹配acl102set ip default next-hop 223.0.0.3!route-map isp-test permit 30 //定义isp-test的第三条语句，序列号为30set default interface Null0 //丢弃不匹配规定标准的包……end---------------------------------------------------------------------------------R2#sh ip policy //显示应用的策略Interface Route mapFa0/0 isp-accR2#sh route-map isp-test //显示配置的路由映射图route-map isp-test, permit, sequence 10Match clauses:ip address (access-lists): 101Set clauses:ip default next-hop 123.0.0.3Policy routing matches: 0 packets, 0 bytesroute-map isp-test, permit, sequence 20Match clauses:ip address (access-lists): 102Set clauses:ip default next-hop 223.0.0.3Policy routing matches: 0 packets, 0 bytesroute-map isp-test, permit, sequence 30Match clauses:Set clauses:default interface Null0Policy routing matches: 0 packets, 0 bytes====================================== ==================================R1#traceroute //路由跟踪Protocol [ip]: //ip流量Target IP address: 100.100.100.100 //目标地Source address: 192.168.1.1 //源地址为子网一的第一台主机Numeric display [n]:Timeout in seconds [3]:Probe count [3]:Minimum Time to Live [1]:Maximum Time to Live [30]:Port Number [33434]:Loose, Strict, Record, Timestamp, Verbose[none]:Type escape sequence to abort.Tracing the route to 100.100.100.1001 12.0.0.2 72 msec 216 msec 276 msec2 123.0.0.3 288 msec 360 msec * //ISP1入口-------------------------------------------------------------------------------R1# tracerouteProtocol [ip]:Target IP address: 100.100.100.100Source address: 192.168.1.2 //源地址为子网一的第二台主机Numeric display [n]:Timeout in seconds [3]:Probe count [3]:Minimum Time to Live [1]:Maximum Time to Live [30]:Port Number [33434]:Loose, Strict, Record, Timestamp, Verbose[none]:Type escape sequence to abort.Tracing the route to 100.100.100.1001 12.0.0.2 92 msec 188 msec 52 msec2 123.0.0.3 416 msec 436 msec * //ISP1入口----------------------------------------------------------------------------------R1#tracerouteProtocol [ip]:Target IP address: 100.100.100.100Source address: 192.168.2.1 //源地址为子网二的第一台主机Numeric display [n]:Timeout in seconds [3]:Probe count [3]:Minimum Time to Live [1]:Maximum Time to Live [30]:Port Number [33434]:Loose, Strict, Record, Timestamp, Verbose[none]:Type escape sequence to abort.Tracing the route to 100.100.100.1001 12.0.0.2 136 msec 40 msec 144 msec2 223.0.0.3 356 msec * 132 msec //ISP2入口---------------------------------------------------------R1#tracerouteProtocol [ip]:Target IP address: 100.100.100.100Source address: 192.168.2.2 //源地址为子网二中第二台主机Numeric display [n]:Timeout in seconds [3]:Probe count [3]:Minimum Time to Live [1]:Maximum Time to Live [30]:Port Number [33434]:Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort.Tracing the route to 100.100.100.1001 12.0.0.2 28 msec 104 msec 200 msec2 223.0.0.3 300 msec * 196 msec //ISP2入口-----------------------------------------------------。

CISCO路由器配置手册第一章路由器配置基础一、基本设置方式一般来说，可以用5种方式来设置路由器：1．Console口接终端或运行终端仿真软件的微机；2．AUX口接MODEM，通过电话线与远方的终端或运行终端仿真软件的微机相连；3．通过Ethernet上的TFTP服务器；4．通过Ethernet上的TELNET程序；5．通过Ethernet上的SNMP网管工作站。

但路由器的第一次设置必须通过第一种方式进行,此时终端的硬件设置如下: 波特率：9600数据位：8停止位：1奇偶校验: 无二、命令状态1.router>路由器处于用户命令状态，这时用户可以看路由器的连接状态，访问其它网络和主机，但不能看到和更改路由器的设置内容。

2.router#在router>提示符下键入enable,路由器进入特权命令状态router#，这时不但可以执行所有的用户命令，还可以看到和更改路由器的设置内容。

3.router(config)#在router#提示符下键入configure terminal,出现提示符router(config)#，此时路由器处于全局设置状态，这时可以设置路由器的全局参数。

4.router(config-if)#; router(config-line)#; router(config-router)#;…路由器处于局部设置状态，这时可以设置路由器某个局部的参数。

5.>路由器处于RXBOOT状态，在开机后60秒内按ctrl-break可进入此状态，这时路由器不能完成正常的功能，只能进行软件升级和手工引导。

6.设置对话状态这是一台新路由器开机时自动进入的状态，在特权命令状态使用SETUP命令也可进入此状态，这时可通过对话方式对路由器进行设置。

三、设置对话过程1.显示提示信息2.全局参数的设置3.接口参数的设置4.显示结果利用设置对话过程可以避免手工输入命令的烦琐，但它还不能完全代替手工设置，一些特殊的设置还必须通过手工输入的方式完成。