BGP(Border Gateway Protocol -- 边界网关协议)是一种在自治系统之间动态交换路由信息、具有丰富的路由控制机制、稳定而安全的路由协议，一般部署在骨干(主要、核心)路由器。

　　BGP适用于大中型网络的组建，在很多企业当中都有应用。

　　一般情况下，企业的网络当中不会只是简单地使用一种网络协议，都会混杂着启用很多的网络协议并且根据需求进行逻辑隔离，也可以在一种协议当中引用另外一种协议的部分网络资源。

　　BGP分为 EBGP（External/Exterior BGP）和 IBGP（Internal/Interior BGP），这是按照运行方式来划分的。EBGP运行于不同AS之间,IBGP运行于同一AS内部。
　　为了防止AS间所产生的环路，当BGP设备接收EBGP对等体发送的路由时，会将带有本地AS号的路由丢弃；而为了防止AS内部所产生的环路，BGP设备不将从IBGP对等体学到的路由通告给其他IBGP对等体，并与所有IBGP对等体建立全连接。为了解决IBGP对等体的连接数量太多的问题，BGP有路由反射器和 BGP 联盟。

　　比如，企业当中有办公网络、物联网、视频监控网络等，在这样的情况下为了节约网络硬件，办公、自动化、视频都在同一个网络设备上但进行了分割，办公网使用OSPF、自动化和视频使用BGP，三个网络分开互不影响，根据需要可以设定路由来完成特殊的应用。

　　BGP组网略微复杂一点，根据组建需求配置参数略微多，BGP需要学习的内容很多。

　　一、常用查询的命令

　　①display bgp routing-table 

　　②refresh bgp all export

　　③display ip interface brief

　　④display bgp peer

　　⑤display ip routing-table protocol bgp

　　二、试验图

　　三、试验结果

　　四、配置

　　Router3配置：

 sysname Router3
#snmp-agent local-engineid 800007DB03000000000000snmp-agent 
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#drop illegal-mac alarm
#undo info-center enable
#wlan ac-global carrier id other ac id 0
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 200.200.1.1 255.255.255.252 
#
interface GigabitEthernet0/0/1ip address 200.200.9.2 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0ip address 4.4.4.4 255.255.255.255 
#
bgp 100peer 200.200.1.2 as-number 200 #ipv4-family unicastundo synchronizationnetwork 4.4.4.4 255.255.255.255 network 192.168.1.0 network 200.200.1.0 255.255.255.252 network 200.200.9.0 network 200.200.9.0 255.255.255.252 import-route staticpeer 200.200.1.2 enable
#
ip route-static 192.168.0.0 255.255.0.0 200.200.9.1
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

　　Router1配置：

 sysname Router1
#snmp-agent local-engineid 800007DB03000000000000snmp-agent 
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#drop illegal-mac alarm
#undo info-center enable
#wlan ac-global carrier id other ac id 0
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 200.200.2.5 255.255.255.252 
#
interface GigabitEthernet0/0/1ip address 200.200.1.2 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0ip address 2.2.2.2 255.255.255.255 
#
bgp 200peer 200.200.1.1 as-number 100 peer 200.200.2.6 as-number 200 #ipv4-family unicastundo synchronizationnetwork 200.200.2.5 255.255.255.255 peer 200.200.1.1 enablepeer 200.200.2.6 enablepeer 200.200.2.6 next-hop-local 
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

　　Router0配置：

 sysname Router0
#snmp-agent local-engineid 800007DB03000000000000snmp-agent 
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#drop illegal-mac alarm
#undo info-center enable
#wlan ac-global carrier id other ac id 0
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 200.200.2.6 255.255.255.252 
#
interface GigabitEthernet0/0/1ip address 200.200.3.9 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0ip address 1.1.1.1 255.255.255.255 
#
bgp 200peer 200.200.2.5 as-number 200 peer 200.200.3.10 as-number 200 #ipv4-family unicastundo synchronizationnetwork 200.200.2.4 255.255.255.252 network 200.200.3.8 255.255.255.252 peer 200.200.2.5 enablepeer 200.200.2.5 reflect-clientpeer 200.200.3.10 enablepeer 200.200.3.10 reflect-client
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

　　Router2配置：

 sysname Router2
#snmp-agent local-engineid 800007DB03000000000000snmp-agent 
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#drop illegal-mac alarm
#undo info-center enable
#wlan ac-global carrier id other ac id 0
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 200.200.3.10 255.255.255.252 
#
interface GigabitEthernet0/0/1ip address 200.200.4.13 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0ip address 3.3.3.3 255.255.255.255 
#
bgp 200peer 200.200.3.9 as-number 200 peer 200.200.4.14 as-number 300 #ipv4-family unicastundo synchronizationnetwork 3.3.3.3 255.255.255.255 network 200.200.3.8 255.255.255.252 network 200.200.4.12 255.255.255.252 peer 200.200.3.9 enablepeer 200.200.3.9 next-hop-local peer 200.200.4.14 enable
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

　　Router4配置：

 sysname Router4
#snmp-agent local-engineid 800007DB03000000000000snmp-agent 
#clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#drop illegal-mac alarm
#undo info-center enable
#wlan ac-global carrier id other ac id 0
#set cpu-usage threshold 80 restore 75
#
aaa authentication-scheme defaultauthorization-scheme defaultaccounting-scheme defaultdomain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$local-user admin service-type http
#
firewall zone Localpriority 15
#
interface GigabitEthernet0/0/0ip address 200.200.4.14 255.255.255.252 
#
interface GigabitEthernet0/0/1ip address 200.200.19.2 255.255.255.252 
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0ip address 5.5.5.5 255.255.255.255 
#
bgp 300peer 200.200.4.13 as-number 200 #ipv4-family unicastundo synchronizationnetwork 5.5.5.5 255.255.255.255 network 172.16.1.0 255.255.255.0 network 200.200.19.0 255.255.255.252 import-route staticpeer 200.200.4.13 enable
#
ip route-static 176.16.0.0 255.255.0.0 200.200.19.1
#
user-interface con 0authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return