验证理论
Ⅰ
首先路由一定是下一跳可达+关闭了同步 //只有best的路由才会被传递,只对best的路由进行选路
BGP路由优选规则:
当到达同一个目的网段存在多条路由时,BGP通过如下的次序进行路由优选:
1.优选Preferred-Value属性值最大的路由
2.优选Local-Preference属性值最大的路由
3.本地始发的BGP路由优于从其他对等体学习到的路由,本地始发的路由优先级:优选手动聚合>自动聚合>network>import>从对等体学到的
4.优选AS Path属性值最短的路由
5.优选Origin属性最优的路由。Origin属性值按优先级从高到低的排列是:IGP.EGP及Incomplete
6.优选MED属性值最小的路由
7.优选从EBGP对等体学来的路由(EBGP路由优先级高于IBGP路由)
8.优选到Next Hop的IGP度量值最小的路由
9.BGP负载均衡(AS-PATH 要求长度和路径完全相同。路由表才会限时负载均衡)
10.优选Cluster List最短的路由
11.优选Router ID(Orginator ID)最小的设备通告的路由
12.优选具有最小IP地址的对等体通告的路由
ⅡAS-PATH FILTER+正则表达式
实验拓扑
初始配置及结果
AS内建立IBGP邻居,AS之间建立EBGP邻居,AR1和AR3之间存在IBGP邻居。为破IBGP防环机制,AR2,AR3均为反射器。AR2的客户端是AR1,AR3的客户端是AR1 AR4
一.
实验目的:
验证BGP12路由优选原则
实验步骤
首先在AR5,AR6上使用network方式引入环回口
第一步:优选首选值Preferred-Value(PrefVal)属性值最大的路由
协议首选值(PrefVal,可选非传递)是华为设备的特有属性,该属性仅在本地有效,无法向任何BGP邻居(包括IBGP和EBGP)传递,且只能在入方向配置,因为无法传递,所以在出方向配置没有意义
初始结果下,AR5上优选来自AR6的150.1.6.6(选择原因查看第四步),更改来自AR1的150.1.6.6的路由的首选优先级为10,此时AR5优选来自AR1的150.1.6.6 /32路由
[AR5]ip ip-prefix NET6 permit 150.1.6.6 32
[AR5]route-policy SET-PRE permit node 10
[AR5-route-policy]if-match ip-prefix NET6
[AR5-route-policy]apply preferred-value 10
[AR5]route-policy SET-PRE permit node 20
[AR5-bgp]peer 155.1.15.1 route-policy SET-PRE import [AR5]dis bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 150.1.5.5/32 0.0.0.0 0 0 i
*> 150.1.6.6/32 155.1.15.1 10 100 300i
* 155.1.56.6 0 0 300i
* 155.1.45.4 0 100 300i查看路由明细发现
[AR5]dis bgp routing-table 150.1.6.6
BGP local router ID : 155.1.56.5
Local AS number : 200
Paths: 3 available, 1 best, 1 select
BGP routing table entry information of 150.1.6.6/32:
From: 155.1.15.1 (155.1.12.1)
Route Duration: 00h00m09s
Direct Out-interface: GigabitEthernet0/0/1
Original nexthop: 155.1.15.1
Qos information : 0x0
AS-path 100 300, origin igp, pref-val 10, valid, external, best, select, active, pre 255
Advertised to such 3 peers:
155.1.45.4
155.1.15.1
155.1.56.6
BGP routing table entry information of 150.1.6.6/32:
From: 155.1.56.6 (155.1.56.6)
Route Duration: 01h13m10s
Direct Out-interface: GigabitEthernet0/0/0
Original nexthop: 155.1.56.6
Qos information : 0x0
AS-path 300, origin igp, MED 0, pref-val 0, valid, external, pre 255, not preferred for PreVal
Not advertised to any peer yetAR5会尝试将本路由表中最优的路由发出,但是不会携带首选值
[AR5]dis bgp routing-table peer 155.1.56.6 advertised-routes 150.1.6.6
BGP local router ID : 155.1.56.5
Local AS number : 200
BGP routing table entry information of 150.1.6.6/32:
From: 155.1.15.1 (155.1.12.1)
Route Duration: 00h02m22s
Direct Out-interface: GigabitEthernet0/0/1
Original nexthop: 155.1.15.1
Advertised nexthop: 155.1.56.5
Qos information : 0x0
AS-path 200 100 300, origin igp
第二步:优选Local-Preference属性值最大的路由
本地优先级(LocPrf,公认任意)用来在AS内部选择去往目的网段的最优路径。只能在IBGP对等体之间传递,不能在EBGP对等体之间传递,如果EBGP对等体间收到的路由的路径属性中携带了Local Preference,则会进行错误处理。但是EBGP对等体在接收这条路由之后,会在本地为这条路由赋予一个缺省Local-Preference值(100),然后再将路由传递给自己的IBGP对等体
初始状态下AR2会优选来自AR1的150.1.1.1/32的路由(参考第八步:优选到Next Hop的IGP度量值最小的路由),通过Local-Preference设置让AR2优选来自AR4的150.1.1.1/32的路由
[AR4]ip ip-prefix NET5 permit 150.1.5.5 32
[AR4]route-policy SET-LP permit node 10
[AR4-route-policy]if-match ip-prefix NET5
[AR4-route-policy]apply local-preference 101
[AR4]route-policy SET-LP permit node 20
[AR4-bgp]peer 155.1.45.5 route-policy SET-LP import[AR2]dis bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 150.1.5.5/32 150.1.4.4 0 101 0 200i
*>i 150.1.6.6/32 150.1.4.4 0 100 0 300i此时AR2上仅剩下从4.4过来的150.1.5.5的路由了。因为AR4面向整个AS100传递的150.1.5.5的本地优先级都是101,所以AR1上也会经过选路认为从AR4到AR1过来的150.1.5.5优于直接从AR5到AR1的150.1.5.5,所以AR1从AR2收到的150.1.5.5为最优,从AR5收到的150.1.5.5不是最优,不是最优不传递
第三步:本地始发的BGP路由优于从其他对等体学习到的路由,本地始发的路由优先级:优选手动聚合>自动聚合>network>import>从对等体学到的
在AR6上新增加环回口Lo 1 接口地址也为150.1.5.5 ,引入BGP,并且在AR5上干掉由AR6引入的150.1.5.5的AS-PATH,至此,AR5上本地的150.1.5.5和AR6过来的150.1.5.5的首选值,本地优先级,以及AS-PATH都相同,但是AR5还是选择本地的150.1.5.5最优,因为本地始发的BGP路由优于从其他对等体学习到的路由
[AR6-bgp]network 150.1.5.5 32
[AR5]ip ip-prefix NET5 permit 150.1.5.5 32
[AR5]route-policy SET-AS-PATH permit node 10
[AR5-route-policy]if-match ip-prefix NET5
[AR5-route-policy]apply as-path none overwrite [AR5]route-policy SET-AS-PATH permit node 20
[AR5-bgp]peer 155.1.56.6 route-policy SET-AS-PATH import
[AR5]dis bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 150.1.5.5/32 0.0.0.0 0 0 i
* 155.1.56.6 0 0 i
*> 150.1.6.6/32 155.1.56.6 0 0 300i
* 155.1.15.1 0 100 300i
* 155.1.45.4 0 100 300i
第四步:优选AS Path属性值最短的路由
初始结果下AR5上的BGP路由表为:
150.1.6.6 /32选择下一跳为155.1.56.6最优的原因:
首先AR5上可以从3条路径收到150.1.6.6/32的路由:AR6->AR5;AR6->4->3->2->1->5;AR6->AR4->AR5
1.三条路由都没有设置首选值,即prefval(preferred-value)相同
2.三条路由都是通过EBGP邻居传递,不携带本地优先级,即LocPrf(local-preference)相同
3.3条路由NextHop既不是0.0.0.0也不是127.0.0.1,都是从EBGP邻居学到,即三条路径都不是本地生成都是从对等体学到
4.因为来自155.1.56.6的PATH(AS PATH)最短所以优选来自155.1.56.6的路由,验证了第四条选路原则:优选AS PATH属性值最短的路由
[AR5]dis bgp routing-table 150.1.6.6
BGP local router ID : 155.1.56.5
Local AS number : 200
Paths: 3 available, 1 best, 1 select
BGP routing table entry information of 150.1.6.6/32:
From: 155.1.56.6 (155.1.56.6)
Route Duration: 01h20m10s
Direct Out-interface: GigabitEthernet0/0/0
Original nexthop: 155.1.56.6
Qos information : 0x0
AS-path 300, origin igp, MED 0, pref-val 0, valid, external, best, select, active, pre 255
Advertised to such 3 peers:
155.1.45.4
155.1.15.1
155.1.56.6
BGP routing table entry information of 150.1.6.6/32:
From: 155.1.15.1 (155.1.12.1)
Route Duration: 00h03m47s
Direct Out-interface: GigabitEthernet0/0/1
Original nexthop: 155.1.15.1
Qos information : 0x0
AS-path 100 300, origin igp, pref-val 0, valid, external, pre 255, not preferred for AS-Path
Not advertised to any peer yet BGP routing table entry information of 150.1.6.6/32:
From: 155.1.45.4 (155.1.46.4)
Route Duration: 01h20m11s
Direct Out-interface: GigabitEthernet0/0/2
Original nexthop: 155.1.45.4
Qos information : 0x0
AS-path 100 300, origin igp, pref-val 0, valid, external, pre 255, not preferred for router ID //这个和155.1.15.1相比是因为router id 通告者比小落选,具体在11步讲
Not advertised to any peer yet
第五步:优选Origin属性最优的路由。Origin属性值按优先级从高到低的排列时:IGP,EGP及Incomplete
初始结果下AR2优选来自AR1的150.1.5.5的路由。利用起源属性,使得AR2优选来自AR4的150.1.5.5的路由
[AR1]ip ip-prefix NET5 permit 150.1.5.5 32
[AR1]route-policy SET-ORI permit node 10
[AR1-route-policy]if-match ip-prefix NET5
[AR1-route-policy]apply origin incomplete
[AR1]route-policy SET-ORI permit node 20
[AR1-bgp]peer 155.1.15.5 route-policy SET-ORI import
BGP routing table entry information of 150.1.5.5/32:
From: 155.1.15.5 (155.1.56.5)
Route Duration: 00h00m12s
Direct Out-interface: GigabitEthernet0/0/1
Original nexthop: 155.1.15.5
Qos information : 0x0
AS-path 200, origin incomplete, MED 0, pref-val 0, valid, external, pre 255, no
t preferred for Origin
第六步:优选MED属性最小的路由
上一篇已经验证过,不重复验证
第七步:优选从EBGP对等体学来的路由(EBGP路由优先级高于IBGP路由)
初始状态下,AR1上收到两条去往150.1.5.5的路由,优选从EBGP邻居155.1.15.5传递过来的150.1.5.5 /32的路由
分析:
1.从AR5和AR4进来的150.1.5.5的首选值相同都是0
2.本地优先级相同,如果显示为空,则是默认的100
3.都不是本地生成的,而是外部引入的
4.经过的AS-PATH长度相同,都只有一个200
5.起源属性相同,都是i
6.MED相同,都是0
7.从EBGP对等体155.1.15.5学来的路由优选于从IBGP对等体150.1.4.4学来的路由
[AR1]dis bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 150.1.5.5/32 155.1.15.5 0 0 200i
* i 150.1.4.4 0 100 0 200i
*>i 150.1.6.6/32 150.1.4.4 0 100 0 300i
* i 150.1.4.4 0 100 0 300i
* 155.1.15.5 0 200 300i[AR1]dis bgp routing-table 150.1.5.5
BGP local router ID : 155.1.12.1
Local AS number : 100
Paths: 2 available, 1 best, 1 select
BGP routing table entry information of 150.1.5.5/32:
From: 155.1.15.5 (155.1.56.5)
Route Duration: 00h17m09s
Direct Out-interface: GigabitEthernet0/0/1
Original nexthop: 155.1.15.5
Qos information : 0x0
AS-path 200, origin igp, MED 0, pref-val 0, valid, external, best, select, acti
ve, pre 255
Advertised to such 2 peers:
150.1.2.2
150.1.3.3
BGP routing table entry information of 150.1.5.5/32:
From: 150.1.3.3 (155.1.23.3)
Route Duration: 00h57m29s
Relay IP Nexthop: 155.1.12.2
Relay IP Out-Interface: GigabitEthernet0/0/0
Original nexthop: 150.1.4.4
Qos information : 0x0
AS-path 200, origin igp, MED 0, localpref 100, pref-val 0, valid, internal, pre
255, IGP cost 30, not preferred for peer type
Originator: 155.1.46.4
Cluster list: 155.1.23.3
Not advertised to any peer yet
第八步:优选到Next Hop的IGP度量值最小的路由
初始状态下,AR2上收到两条去往150.1.5.5的路由:分别来自AR1和AR4(AR4只会传递最优路由,所以在AR2上看到来自AR4的路由就只有一条)。AR2依据优选到Next Hop的IGP度量值最小的路由,选择来自AR1的路由
分析:
1.两条路由都没有设置首选值
2.两条路由的本地优先级都是0
3.两条路由的下一跳都不是0.0.0.0或者127.0.0.1,即都是从BGP对等体学到的,而不是本地生成的路由
4.两条路由的AS PATH属性值长度相同
5.两条路由的origin属性相同,来源都是network
6.两条路由的MED相同,都为0
7.两条路由都是来源于IBGP邻居学到的
8.因为AR2去往150.1.1.1的度量值为10,小于去往150.1.4.4的度量值20,所以优选来自150.1.1.1的路由
[AR2]dis bgp routing-table
Total Number of Routes: 3
Network NextHop MED LocPrf PrefVal Path/Ogn *>i 150.1.5.5/32 150.1.1.1 0 100 0 200i
* i 150.1.4.4 0 100 0 200i
*>i 150.1.6.6/32 150.1.4.4 0 100 0 300i[AR2]dis ip routing-table protocol isis
150.1.1.1/32 ISIS-L2 15 10 D 155.1.12.1 GigabitEthernet0/0/0
150.1.4.4/32 ISIS-L2 15 20 D 155.1.23.3 GigabitEthernet0/0/1[AR2]dis bgp routing-table 150.1.5.5
BGP local router ID : 155.1.12.2
Local AS number : 100
Paths: 2 available, 1 best, 1 select
BGP routing table entry information of 150.1.5.5/32:
RR-client route.
From: 150.1.1.1 (155.1.12.1)
Route Duration: 01h27m40s
Relay IP Nexthop: 155.1.12.1
Relay IP Out-Interface: GigabitEthernet0/0/0
Original nexthop: 150.1.1.1
Qos information : 0x0
AS-path 200, origin igp, MED 0, localpref 100, pref-val 0, valid, internal, best, select, active, pre 255, IGP cost 10
Advertised to such 1 peers:
150.1.3.3
BGP routing table entry information of 150.1.5.5/32:
From: 150.1.3.3 (155.1.23.3)
Route Duration: 01h27m40s
Relay IP Nexthop: 155.1.23.3
Relay IP Out-Interface: GigabitEthernet0/0/1
Original nexthop: 150.1.4.4
Qos information : 0x0
AS-path 200, origin igp, MED 0, localpref 100, pref-val 0, valid, internal, pre 255, IGP cost 20, not preferred for IGP cost
Originator: 155.1.46.4
Cluster list: 155.1.23.3
Not advertised to any peer yet手动增加AR2->AR1的cost,会发现又出现变化
[AR2-GigabitEthernet0/0/0]isis cost 25
[AR2]dis bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 150.1.5.5/32 150.1.4.4 0 100 0 200i
* i 150.1.1.1 0 100 0 200i
*>i 150.1.6.6/32 150.1.4.4 0 100 0 300i
第九步:BGP负载均衡(AS-PATH要求长度和路径完全相同,路由表才会显示负载均衡)
一般情况下,只有“BGP选择路由的策略”所描述的前8个属性完全相同,BGP路由之间才能相互等价,实现BGP的负载分担。但路由负载分担的规则也可以通过配置来改变,如忽略路由AS-Path属性的比较,但这些配置现需要确保不会引起路由环路
需要先开启负载分担:
- 执行命令maximum load-balancing [ ebgp | ibgp ] number [ ecmp-nexthop-changed ],配置BGP负载分担的最大等价路由条数。
缺省情况下,BGP负载分担的最大等价路由条数为1,即不进行负载分担。
实现AR6上从5和4到150.1.5.5负载分担
[AR6]ip ip-prefix NET5 permit 150.1.5.5 32
[AR6]route-policy SET-AS-PATH permit node 10
[AR6-route-policy]if-match ip-prefix NET5
[AR6-route-policy]apply as-path 200 additive
[AR6-bgp]peer 155.1.56.5 route-policy SET-AS-PATH import [AR6]route-policy SET-AS-PATH permit node 20
[AR6-bgp]maximum load-balancing ebgp 2 //开启EBGP负载均衡最多两条等价路由此时更改完成。前8项都相同
分析:
1.首选值相同,都为0
2.本地优先级相同,都没显示,都是100
3.nexthop都不是0.0.0.0或者127.0.0.1,即都不是本地生成的路由,而是从对等体学到的
4.经过的AS PATH 数量相同
5.起源属性相同,都是i
6.MED相同,都是0,没写默认是0
7.都是从EBGP对等体邻居学到,不存在EBGP优于IBGP的比较
8.都是从EBGP学到,不存在到NEXT-HOP的IGP度量值最小的路由
9.负载均衡
[AR6]dis bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 150.1.5.5/32 155.1.46.4 0 100 200i
* 155.1.56.5 0 0 200 200i
*> 150.1.6.6/32 0.0.0.0 0 0 i[AR6]dis bgp routing-table 150.1.5.5
BGP local router ID : 155.1.56.6
Local AS number : 300
Paths: 2 available, 1 best, 1 select[AR6]dis ip routing-table
150.1.5.5/32 EBGP 255 0 D 155.1.46.4 GigabitEthernet0/0/2重新更改AS-PATH,让他们不仅数量相同,且值也相同之后
实现了负载均衡
[AR6]dis bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 150.1.5.5/32 155.1.46.4 0 100 200i
* 155.1.56.5 0 0 100 200i
*> 150.1.6.6/32 0.0.0.0 0 0 i[AR6]dis bgp routing-table 150.1.5.5
BGP local router ID : 155.1.56.6
Local AS number : 300
Paths: 2 available, 1 best, 2 select[AR6]dis ip routing-table 150.1.5.5
Destination/Mask Proto Pre Cost Flags NextHop Interface 150.1.5.5/32 EBGP 255 0 D 155.1.46.4 GigabitEthernet 0/0/2
EBGP 255 0 D 155.1.56.5 GigabitEthernet 0/0/0所以要形成负载均衡,不仅要求AS长度相同,也要求AS取值相同
[AR6-bgp]load-balancing as-path-ignore //可以通过配置,使得忽略as-path不同,直接形成负载均衡
第十步:优选Cluster List最短的路由
首先增加从AR4进来的150.1.5.5的本地优先级,让AS100内的路由器都优选从4.4进来的150.1.5.5路由
[AR4]ip ip-prefix NET5 permit 150.1.5.5 32
[AR4]route-policy SET-LOCAL permit node 10
[AR4-route-policy]if-match ip-prefix NET5
[AR4-route-policy]apply local-preference 101
[AR4-bgp]peer 150.1.3.3 route-policy SET-LOCAL export此时AR2,AR3都反射了150.1.5.5的路由给到AR1.
1.首选值相同,都是0
2.本地优先级相同,都是101
3.都不是本地生成的路由,都是从邻居学到的路由
4.as-path 个数相同
5.origin属性相同,都是i
6.MED相同,都是0
7.都是从IBGP学到,不存在E优于I
8.下一跳相同,都是150.1.4.4,所以不存在去往下一跳的开销越小越优先
9.不存在负载均衡
10.因为从AR3过来的路由只经历了一个反射器,认为这个路由更优,所以优选AR3过来的路由
[AR4]route-policy SET-LOCAL permit node 20
[AR1]dis bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 150.1.5.5/32 150.1.4.4 0 101 0 200i
* i 150.1.4.4 0 101 0 200i
* 155.1.15.5 0 0 200i
*>i 150.1.6.6/32 150.1.4.4 0 100 0 300i
* i 150.1.4.4 0 100 0 300i
* 155.1.15.5 0 200 300i[AR1]dis bgp routing-table 150.1.5.5
BGP local router ID : 155.1.12.1
Local AS number : 100
Paths: 3 available, 1 best, 1 select
BGP routing table entry information of 150.1.5.5/32:
From: 150.1.3.3 (155.1.23.3)
Route Duration: 00h03m14s
Relay IP Nexthop: 155.1.12.2
Relay IP Out-Interface: GigabitEthernet0/0/0
Original nexthop: 150.1.4.4
Qos information : 0x0
AS-path 200, origin igp, MED 0, localpref 101, pref-val 0, valid, internal, bes
t, select, active, pre 255, IGP cost 30
Originator: 155.1.46.4
Cluster list: 155.1.23.3
Advertised to such 1 peers:
155.1.15.5
BGP routing table entry information of 150.1.5.5/32:
From: 150.1.2.2 (155.1.12.2)
Route Duration: 00h03m14s
Relay IP Nexthop: 155.1.12.2
Relay IP Out-Interface: GigabitEthernet0/0/0
Original nexthop: 150.1.4.4
Qos information : 0x0
AS-path 200, origin igp, MED 0, localpref 101, pref-val 0, valid, internal, pre
255, IGP cost 30, not preferred for Cluster List
Originator: 155.1.46.4
Cluster list: 155.1.12.2, 155.1.23.3
Not advertised to any peer yet
第十一步:优选Router ID(Orginator ID)最小的设备通告的路由
初始条件下,在AR6上,增加AR5->AR6的一个经过的AS-PATH
1.首选值相同,都是0
2.本地优先级相同,都是100
3.都不是本地生成的路由,而是从对等体学到的
4.经过的AS PATH 数量相同
5.起源属性相同,都是i
6.MED相同,都是0
7.都是从EBGP邻居学到,不存在EBGP学到的优于IBGP的比较
8.都是直接从EBGP学到,去往nexthop的IGP开销都是直连
9.path值不相同,无法负载均衡
10.没有经过反射器,不存在cluster id
11.因为邻居155..46.4的router id 小于155.1.56.5的router id ,所以优选从155.1.46.4过来的150.1.5.5的路由
[AR6]dis bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 150.1.5.5/32 155.1.46.4 0 100 200i
* 155.1.56.5 0 0 200 200i
*> 150.1.6.6/32 0.0.0.0 0 0 i
[AR6]dis bgp routing-table 150.1.5.5
BGP local router ID : 155.1.56.6
Local AS number : 300
Paths: 2 available, 1 best, 1 select
BGP routing table entry information of 150.1.5.5/32:
From: 155.1.46.4 (155.1.46.4)
Route Duration: 00h26m31s
Direct Out-interface: GigabitEthernet0/0/2
Original nexthop: 155.1.46.4
Qos information : 0x0
AS-path 100 200, origin igp, pref-val 0, valid, external, best, select, active,
pre 255
Advertised to such 2 peers:
155.1.56.5
155.1.46.4
BGP routing table entry information of 150.1.5.5/32:
From: 155.1.56.5 (155.1.56.5)
Route Duration: 00h00m51s
Direct Out-interface: GigabitEthernet0/0/0
Original nexthop: 155.1.56.5
Qos information : 0x0
AS-path 200 200, origin igp, MED 0, pref-val 0, valid, external, pre 255, not p
referred for router ID
Not advertised to any peer yet
第十二步:优选具有最小IP地址的对等体通告的路由
要比到第12步,可以两个路由器之间连两根线,也可以直接在两个邻居之间一条线用不同的接口建两个邻居
在AR5和AR6之间再利用环回口建立邻居,暂时忽略掉除4,5之间的其他邻居关系
[AR5-bgp]peer 155.1.45.4 ignore //手动忽略邻居关系
[AR5]dis bgp peer
150.1.6.6 4 300 6 7 0 00:01:17 Established 1
155.1.15.1 4 100 0 0 0 00:00:31 Idle(Admin) 0
155.1.45.4 4 100 0 0 0 00:00:22 Idle(Admin) 0
155.1.56.6 4 300 47 47 0 00:40:54 Established 11.首选值相同,都是0
2.本地优先级相同,都是100
3.都是从BGP学习到的
4.AS PATH长度相同
5.起源属性一样
6.MED一样
7.都是从EBGP学到,不存在EBGP学的优于IBGP学到的比较
8.去往下一跳的IGP开销最小,谈不上
9.未开启负载均衡
10.没有经过反射器,没有cluster id
11.发送者的router id 相同,都是AR5的router id
12.因为150.1.5.5的IP地址小于155.1.56.5,所以优选从邻居150.1.5.5过来的路由
[AR6]dis bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 10.1.5.5/32 150.1.5.5 0 0 200i
* 155.1.56.5 0 0 200i
[AR6]dis bgp routing-table 10.1.5.5
BGP local router ID : 155.1.56.6
Local AS number : 300
Paths: 2 available, 1 best, 2 select
BGP routing table entry information of 10.1.5.5/32:
From: 150.1.5.5 (155.1.56.5)
Route Duration: 00h04m39s
Relay IP Nexthop: 155.1.56.5
Relay IP Out-Interface: GigabitEthernet0/0/0
Original nexthop: 150.1.5.5
Qos information : 0x0
AS-path 200, origin igp, MED 0, pref-val 0, valid, external, best, select, acti
ve, pre 255
Advertised to such 2 peers:
150.1.5.5
155.1.56.5
BGP routing table entry information of 10.1.5.5/32:
From: 155.1.56.5 (155.1.56.5)
Route Duration: 00h04m39s
Direct Out-interface: GigabitEthernet0/0/0
Original nexthop: 155.1.56.5
Qos information : 0x0
AS-path 200, origin igp, MED 0, pref-val 0, valid, external, select, active, pr
e 255, not preferred for peer address
BGP超网路由(华为默认禁用)
BGP通告的路由与Next-hop在相同网段,即BGP超网路由。比如说用环回口建立邻居,又引入了环回口作为BGP路由,传出去之后,邻居认为下一跳和收到的路由前缀是相同网段,不传递
华为默认不传递BGP超网路由(ENSP不支持禁用此功能)
bgp 100
supernet unicast advertise enable //打开BGP超网路由传递功能
在AR6上禁用除了150.1.5.5之外的其他所有邻居,此时查看路由
[AR6]dis bgp peer
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
150.1.5.5 4 200 6 8 0 00:01:18 Established 2
155.1.46.4 4 100 0 0 0 00:01:52 Idle(Admin) 0
155.1.56.5 4 200 0 0 0 00:00:09 Idle(Admin) 0此时查看路由
[AR6]dis bgp routing-table
BGP Local router ID is 155.1.56.6
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete Total Number of Routes: 3
Network NextHop MED LocPrf PrefVal Path/Ogn *> 10.1.5.5/32 150.1.5.5 0 0 200i
150.1.5.5/32 150.1.5.5 0 0 200i
*> 150.1.6.6/32 0.0.0.0 0 0 i此时150.1.5.5连*都不带了,意思是甚至不是有效。是因为AR6收到的150.1.5.5 /32和去往这个路由的下一跳150.1.5.5是同一网段的,所以被认为是BGP超网路由,不传递
路由匹配工具:AS-Path Filter
AS-Path Filter是将BGP中的AS-Path属性作为匹配条件的过滤器,利用BGP路由携带的AS-PATH列表对路由进行过滤
在不希望接收某些AS的路由时,可以利用AS-Path Filter对携带这些AS号的路由进行过滤,从而实现拒绝某些路由
恢复AR5,6的邻居建立,通过as-path filter实现AR6不接收经过AS100的任何路由(不包含始发AS 100)
未配置前
[AR6]dis bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 10.1.5.5/32 150.1.5.5 0 0 200i
* 155.1.56.5 0 0 200i
* 155.1.46.4 0 100 200i
*> 150.1.5.5/32 155.1.56.5 0 0 200i
* 155.1.46.4 0 100 200i
150.1.5.5 0 0 200i
*> 150.1.6.6/32 0.0.0.0 0 0 i
配置:
[AR6]ip as-path-filter DENY-AS100 deny _100_
[AR6]ip as-path-filter DENY-AS100 permit .* //和route policy一样,因为是在邻居上直接引用as-path-filter或者route-policy,所以一定要记得最后要允许其他的路由条目过来
[AR6-bgp]peer 155.1.46.4 as-path-filter DENY-AS100 import查看
[AR6]dis bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 10.1.5.5/32 150.1.5.5 0 0 200i
* 155.1.56.5 0 0 200i
*> 150.1.5.5/32 155.1.56.5 0 0 200i
150.1.5.5 0 0 200i
*> 150.1.6.6/32 0.0.0.0 0 0 i此时在AR3上增加10.1.3.3,发布到BGP中,在AR6上是可以看到的,因为始发AS100的100i不满足_100_
正则表达式是按照一定的模板来匹配字符串的公式,由普通字符(例如字符a到z)和特殊字符组成
