需求
1、as200TCP连接采用isis
2、r3不配置BGP
3、在R1上发布1.1.1.1,在r5上发布5.5.5.5
4、通过route recursive-lookup tunnel,解决BGP黑洞
配置
R1
display current-configuration
[V200R003C00]
#
sysname r1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 12.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
bgp 100
router-id 1.1.1.1
undo default ipv4-unicast
peer 12.1.1.2 as-number 200
#
ipv4-family unicast
undo synchronization
network 1.1.1.1 255.255.255.255
peer 12.1.1.2 enable
#
user-interface con 0
authentication-mode password
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R2
display current-configuration
[V200R003C00]
#
sysname r2
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#
local-user admin service-type http
#
isis 100
is-level level-2
network-entity 49.0001.0020.0200.2002.00
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 12.1.1.2 255.255.255.0
isis enable 100
#
interface GigabitEthernet0/0/1
ip address 23.1.1.2 255.255.255.0
isis enable 100
mpls
mpls ldp
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
isis enable 100
#
bgp 200
router-id 2.2.2.2
undo default ipv4-unicast
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
peer 12.1.1.1 as-number 100
#
ipv4-family unicast
undo synchronization
peer 4.4.4.4 enable
peer 4.4.4.4 next-hop-local
peer 12.1.1.1 enable
#
route recursive-lookup tunnel
#
user-interface con 0
authentication-mode pass服务器托管网word
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R3
display current-configuration
[V200R003C00]
#
sysname r3
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
mpls lsr-id 3.3.3.3
mpls
#
mpls ldp
#
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user服务器托管网 admin password cipher %$%$K8m.Nt84DZ}e#
local-user admin service-type http
#
isis 100
is-level level-2
network-entity 49.0001.0030.0300.3003.00
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 23.1.1.3 255.255.255.0
isis enable 100
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
ip address 34.1.1.3 255.255.255.0
isis enable 100
mpls
mpls ldp
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
isis enable 100
#
user-interface con 0
authentication-mode password
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R4
display current-configuration
[V200R003C00]
#
sysname r4
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
mpls lsr-id 4.4.4.4
mpls
#
mpls ldp
#
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#
local-user admin service-type http
#
isis 100
is-level level-2
network-entity 49.0001.0040.0400.4004.00
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 34.1.1.4 255.255.255.0
isis enable 100
isis dis-priority 100
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
ip address 45.1.1.4 255.255.255.0
isis enable 100
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
isis enable 100
#
bgp 200
router-id 4.4.4.4
undo default ipv4-unicast
peer 2.2.2.2 as-number 200
peer 2.2.2.2 connect-interface LoopBack0
peer 45.1.1.5 as-number 300
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
peer 2.2.2.2 next-hop-local
peer 45.1.1.5 enable
#
route recursive-lookup tunnel
#
user-interface con 0
authentication-mode password
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R5
display current-configuration
[V200R003C00]
#
sysname r5
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 45.1.1.5 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
#
bgp 300
undo default ipv4-unicast
peer 45.1.1.4 as-number 200
#
ipv4-family unicast
undo synchronization
network 5.0.0.0
network 5.5.5.5 255.255.255.255
peer 45.1.1.4 enable
#
user-interface con 0
authentication-mode password
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
特别注意事项,
以上接口都需要配置为isis,IBGP采用环回接口建立邻居peer
这两台设备需要配置:peer 4.4.4.4 next-hop-local,根据BGP水平分割的原理,只能传给相邻设备,不能传送给间隔设别,同时两端还需要配置route recursive-lookup tunnel
服务器托管,北京服务器托管,服务器租用 http://www.fwqtg.net
机房租用,北京机房租用,IDC机房托管, http://www.fwqtg.net
问题描述 整体性能慢。不满足客户作业对时延要求或者不满足客户预期。 问题现象 业务反馈业务接口时延高;或者数据库P80/P95等指标升高;有可能会出现大量慢SQL。 告警 业务侧相关接口时延、成功率等告警。 数据库内核P80/P95相关告警。 业务影响 业务时…