配置on prem路由器

打开 OnpremDevicesSession 链接,并输入数字以连接到dc1-router设备。

image-20260311131337926

在路由器终端输入 configure并按 Enter 进入配置模式。我们现在将看到带有 # 的提示符。

image-20260311131505735

使用配置生成器来简化配置本地路由器的任务。我们用于订购 Direct Connect 连接的门户还包含一个配置生成器,可从页面右上角访问。

image-20260311112852295

打开后在Input Configuration部分输入以下内容:

set interfaces ethernet eth3 vif {{sort:1, name:"DC1-VLANID"}} address {{sort:3, name:"DC1-IPV4-YOUR-ROUTER-PEER"}}
set interfaces ethernet eth3 vif {{sort:1, name:"DC1-VLANID"}} address {{sort:6, name:"DC1-IPV6-YOUR-ROUTER-PEER"}}
set protocols bgp 65101 neighbor {{sort:4, ip-only, name:"DC1-IPV4-AMAZON-ROUTER-PEER"}} address-family ipv4-unicast prefix-list export DC1-OUT
set protocols bgp 65101 neighbor {{sort:4, ip-only, name:"DC1-IPV4-AMAZON-ROUTER-PEER"}} address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp 65101 neighbor {{sort:4, ip-only, name:"DC1-IPV4-AMAZON-ROUTER-PEER"}} description AWS
set protocols bgp 65101 neighbor {{sort:4, ip-only, name:"DC1-IPV4-AMAZON-ROUTER-PEER"}} remote-as 65000
set protocols bgp 65101 neighbor {{sort:4, ip-only, name:"DC1-IPV4-AMAZON-ROUTER-PEER"}} password {{sort:2, name:"DC1-IPV4-BGP-AUTHENTICATION-KEY"}}
set protocols bgp 65101 neighbor {{sort:4, ip-only, name:"DC1-IPV4-AMAZON-ROUTER-PEER"}} solo
set protocols bgp 65101 neighbor {{sort:7, ip-only, name:"DC1-IPV6-AMAZON-ROUTER-PEER"}} address-family ipv6-unicast prefix-list export DC1-OUT
set protocols bgp 65101 neighbor {{sort:7, ip-only, name:"DC1-IPV6-AMAZON-ROUTER-PEER"}} address-family ipv6-unicast soft-reconfiguration inbound
set protocols bgp 65101 neighbor {{sort:7, ip-only, name:"DC1-IPV6-AMAZON-ROUTER-PEER"}} description AWS
set protocols bgp 65101 neighbor {{sort:7, ip-only, name:"DC1-IPV6-AMAZON-ROUTER-PEER"}} remote-as 65000
set protocols bgp 65101 neighbor {{sort:7, ip-only, name:"DC1-IPV6-AMAZON-ROUTER-PEER"}} password {{sort:5, name:"DC1-IPV6-BGP-AUTHENTICATION-KEY"}}
set protocols bgp 65101 neighbor {{sort:7, ip-only, name:"DC1-IPV6-AMAZON-ROUTER-PEER"}} solo
commit
save

image-20260311131737768

输入所有值,这些值在上一节中可以找到:

image-20260311131924921

复制 Output Configuration ,将其输入到我们的本地路由器控制台。

输出结果类似于:

set interfaces ethernet eth3 vif 1708 address 169.254.96.14/29
set interfaces ethernet eth3 vif 1708 address 2600:1ffd:1103:18b0:0:b:d7d5:9f26/125
set protocols bgp 65101 neighbor 169.254.96.9 address-family ipv4-unicast prefix-list export DC1-OUT
set protocols bgp 65101 neighbor 169.254.96.9 address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp 65101 neighbor 169.254.96.9 description AWS
set protocols bgp 65101 neighbor 169.254.96.9 remote-as 65000
set protocols bgp 65101 neighbor 169.254.96.9 password 0xtneDDRUOkfT4NFGkeX5YNQ
set protocols bgp 65101 neighbor 169.254.96.9 solo
set protocols bgp 65101 neighbor 2600:1ffd:1103:18b0:0:b:d7d5:9f21 address-family ipv6-unicast prefix-list export DC1-OUT
set protocols bgp 65101 neighbor 2600:1ffd:1103:18b0:0:b:d7d5:9f21 address-family ipv6-unicast soft-reconfiguration inbound
set protocols bgp 65101 neighbor 2600:1ffd:1103:18b0:0:b:d7d5:9f21 description AWS
set protocols bgp 65101 neighbor 2600:1ffd:1103:18b0:0:b:d7d5:9f21 remote-as 65000
set protocols bgp 65101 neighbor 2600:1ffd:1103:18b0:0:b:d7d5:9f21 password 0xLIt0CGeJLiM3Y08A1.Jaz_
set protocols bgp 65101 neighbor 2600:1ffd:1103:18b0:0:b:d7d5:9f21 solo
commit
save

在路由器上执行:

image-20260311132147695

执行完成后,DC1状态会变成available:

image-20260311132535625

重复上面的过程,为DC2进行配置, input Configuration如下:

set interfaces ethernet eth3 vif {{sort:8, name:"DC2-VLANID"}} address {{sort:10, name:"DC2-IPV4-YOUR-ROUTER-PEER"}}
set interfaces ethernet eth3 vif {{sort:8, name:"DC2-VLANID"}} address {{sort:13, name:"DC2-IPV6-YOUR-ROUTER-PEER"}}
set protocols bgp 65102 neighbor {{sort:11, ip-only, name:"DC2-IPV4-AMAZON-ROUTER-PEER"}} address-family ipv4-unicast prefix-list export DC2-OUT
set protocols bgp 65102 neighbor {{sort:11, ip-only, name:"DC2-IPV4-AMAZON-ROUTER-PEER"}} address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp 65102 neighbor {{sort:11, ip-only, name:"DC2-IPV4-AMAZON-ROUTER-PEER"}} description AWS
set protocols bgp 65102 neighbor {{sort:11, ip-only, name:"DC2-IPV4-AMAZON-ROUTER-PEER"}} remote-as 65000
set protocols bgp 65102 neighbor {{sort:11, ip-only, name:"DC2-IPV4-AMAZON-ROUTER-PEER"}} password {{sort:9, name:"DC2-IPV4-BGP-AUTHENTICATION-KEY"}}
set protocols bgp 65102 neighbor {{sort:11, ip-only, name:"DC2-IPV4-AMAZON-ROUTER-PEER"}} solo
set protocols bgp 65102 neighbor {{sort:14, ip-only, name:"DC2-IPV6-AMAZON-ROUTER-PEER"}} address-family ipv6-unicast prefix-list export DC2-OUT
set protocols bgp 65102 neighbor {{sort:14, ip-only, name:"DC2-IPV6-AMAZON-ROUTER-PEER"}} address-family ipv6-unicast soft-reconfiguration inbound
set protocols bgp 65102 neighbor {{sort:14, ip-only, name:"DC2-IPV6-AMAZON-ROUTER-PEER"}} description AWS
set protocols bgp 65102 neighbor {{sort:14, ip-only, name:"DC2-IPV6-AMAZON-ROUTER-PEER"}} remote-as 65000
set protocols bgp 65102 neighbor {{sort:14, ip-only, name:"DC2-IPV6-AMAZON-ROUTER-PEER"}} password {{sort:12, name:"DC2-IPV6-BGP-AUTHENTICATION-KEY"}}
set protocols bgp 65102 neighbor {{sort:14, ip-only, name:"DC2-IPV6-AMAZON-ROUTER-PEER"}} solo
commit
save

image-20260311132703709

生成的配置:

set interfaces ethernet eth3 vif 2655 address 169.254.96.22/29
set interfaces ethernet eth3 vif 2655 address 2600:1ffd:1108:160:0:e:3f69:37e6/125
set protocols bgp 65102 neighbor 169.254.96.17 address-family ipv4-unicast prefix-list export DC2-OUT
set protocols bgp 65102 neighbor 169.254.96.17 address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp 65102 neighbor 169.254.96.17 description AWS
set protocols bgp 65102 neighbor 169.254.96.17 remote-as 65000
set protocols bgp 65102 neighbor 169.254.96.17 password 0x4vpiFHnQszX236asc0jPDN
set protocols bgp 65102 neighbor 169.254.96.17 solo
set protocols bgp 65102 neighbor 2600:1ffd:1108:160:0:e:3f69:37e1 address-family ipv6-unicast prefix-list export DC2-OUT
set protocols bgp 65102 neighbor 2600:1ffd:1108:160:0:e:3f69:37e1 address-family ipv6-unicast soft-reconfiguration inbound
set protocols bgp 65102 neighbor 2600:1ffd:1108:160:0:e:3f69:37e1 description AWS
set protocols bgp 65102 neighbor 2600:1ffd:1108:160:0:e:3f69:37e1 remote-as 65000
set protocols bgp 65102 neighbor 2600:1ffd:1108:160:0:e:3f69:37e1 password 0xyycev_wjTUasSzSnYC3Ryv
set protocols bgp 65102 neighbor 2600:1ffd:1108:160:0:e:3f69:37e1 solo
commit
save

验证连接

我们将确认每台本地路由器上IPv4和IPv6 BGP会话的状态,并验证每台路由器的IPv4和IPv6路由表的内容。

确认 dc1-router 有2个IPv4 BGP会话。

run show bgp ipv4 summary

与AS65102的会话是DC2,而与AS65000的会话是通过Direct Connect与AWS建立的:

image-20260311132931242

同样,观察2个IPv6 BGP会话。

run show bgp ipv6 summary

一个会话建立到DC2,另一个建立到AWS。

image-20260311133018634

查看IPv4路由表的内容:

run show bgp ipv4

image-20260311133118287

此示例中观察到的前缀为:

  • 10.1.0.0/16:DC1,通过下一跳 0.0.0.0 和空AS路径属性确认
  • 10.2.0.0/16:DC2,通过DC2的源ASN(65102)确认
  • 172.21.0.0/24172.21.1.0/24172.21.2.0/24:us-west-2的AWS CIDR块,通过该区域Core Network Edge(CNE)的源ASN(64512)确认
  • 172.22.0.0/24172.22.1.0/24172.22.2.0/24:ap-southeast-2的AWS CIDR块,通过该区域CNE的源ASN(64513)确认

同样,观察IPv6路由表。

run show bgp ipv6 unicast

image-20260311133534269

现在我们已经通过Direct Connect从两台本地路由器建立了到AWS的第三层连接