一、BGP选路原则
即所谓BGP路由最优必须确认是否同步(synchronized)、下一跳可达
1.验证选路原则8:
R2与R1和R4运行EBGP,R1、R3、R4之间运行IBGP同时运行OSPF,R2宣告2.2.2.0路由进入BGP
此时R1、R3、R4收到的BGP路由信息如下:
R1:
R1#sh ip bgp
BGP table version is 2, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.0/24 12.1.1.2 0 0 2 iR3:
R3#sh ip bgp
BGP table version is 4, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i2.2.2.0/24 12.1.1.2 0 100 0 2 i
* i 24.1.1.2 0 100 0 2 iR4:
R4#sh ip bgp
BGP table version is 2, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.0/24 24.1.1.2 0 0 2 i可以看到R3收到了两路到2.2.2.0 的路由,且下一跳为R2的接口,因为BGP是将不同的AS作为一个路由器来看待
看到非最优路由首先想到关闭同步、指定下一跳,同步功能已经在R2上关闭了,现在需要指定下一跳
R1(config-router)#neighbor 3.3.3.3 next-hop-self
R4(config-router)#neighbor 3.3.3.3 next-hop-self此时查看R3
R3#sh ip bgp
BGP table version is 6, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i2.2.2.0/24 1.1.1.1 0 100 0 2 i
*>i 4.4.4.4 0 100 0 2 i可以看到最优路由指给了4.4.4.4,这就验证了选路第八条,优先选择IGP中距离最近的邻居,即IGP中开销最小的,因为运行的是OSPF,开销值是用10^8/带宽,以太网带宽为1000kbps,所以是10,串口是1544kbps,所以是64,加上环回口的开销1,所以从R2过来的开销为1+64=65;从R4过来的开销为1+10=11,所以从R4过来的路由开销更小,所以认为这条路由为最优路由;
R3#sh ip bgp 2.2.2.0/24
BGP routing table entry for 2.2.2.0/24, version 6
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Not advertised to any peer
2
1.1.1.1 (metric 65) from 1.1.1.1 (1.1.1.1)
Origin IGP, metric 0, localpref 100, valid, internal
2
4.4.4.4 (metric 11) from 4.4.4.4 (4.4.4.4)
Origin IGP, metric 0, localpref 100, valid, internal, best2.验证选路原则weight值:(注意:此值是思科私有的)
在R2上再加一个环回口,9.9.9.0/24,宣告进BGP
R2#sh ip bgp
BGP table version is 3, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*> 9.9.9.0/24 0.0.0.0 0 32768 i
R1#sh ip bg
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.0/24 12.1.1.2 0 0 2 i
*> 9.9.9.0/24 12.1.1.2 0 0 2 i
R3#sh ip bgp
Network Next Hop Metric LocPrf Weight Path
* i2.2.2.0/24 1.1.1.1 0 100 0 2 i
*>i 4.4.4.4 0 100 0 2 i
* i9.9.9.0/24 1.1.1.1 0 100 0 2 i
*>i 4.4.4.4 0 100 0 2 i
R4#sh ip bgp
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.0/24 24.1.1.2 0 0 2 i
*> 9.9.9.0/24 24.1.1.2 0 0 2 i可以看到除了宣告路由的R2的weight的值为32768,其余的都为0,这是两个默认值,宣告路由的默认为32768,其余的默认为0
现在是R3收到了两个方向来的路由,所以选路最终是在R3上体现,通过修改weight值,此值可以在R1/R4的出方向做,也可在R3进方向上做。
方法1:
R3(config-router)#neighbor 1.1.1.1 weight 1 (默认是in方向)R3#sh ip bgp
BGP table version is 9, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i2.2.2.0/24 1.1.1.1 0 100 1 2 i
* i 4.4.4.4 0 100 0 2 i
*>i9.9.9.0/24 1.1.1.1 0 100 1 2 i
* i 4.4.4.4 0 100 0 2 i可以看到weight已经变为1,最优路由已经转为从R1走,但这时发现两条路由都从R1走了,不够灵活
方法2 route-map:
R3(config)#ip prefix-list 2 permit 2.2.2.0/24
R3(config)#route-map W
R3(config-route-map)#match ip address prefix-list 2
R3(config-route-map)#set weight 3
R3(config)#route-map W permit 20
R3(config-router)#neighbor 1.1.1.1 route-map W in注意标红的位置,代表将没抓的路由放行
查看R3 bgp路由
R3#sh ip bgp
BGP table version is 12, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i2.2.2.0/24 1.1.1.1 0 100 3 2 i
* i 4.4.4.4 0 100 0 2 i
* i9.9.9.0/24 1.1.1.1 0 100 0 2 i
*>i 4.4.4.4 0 100 0 2 i3.验证选路原则本地优先级:(作用:用于告诉IGP邻居如何离开此AS)
a.只能在一个AS内传播
b.默认值为100
c.越大越优
清除weight的配置
既然是告诉邻居如何离开本AS,肯定是在边界路由上做,这里就是R1或R4,所以是在边界路由的出方向做配置
方法1:
R1(config-router)#bgp default local-preference 111注:此配置做完在show ip bgp中是看不到的,需要在明细中查看
R1#sh ip bgp 2.2.2.0/24
BGP routing table entry for 2.2.2.0/24, version 4
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x800
Advertised to update-groups:
2
2
12.1.1.2 from 12.1.1.2 (2.2.2.2)
Origin IGP, metric 0, localpref 111, valid, external, best
R3#sh ip bgp
BGP table version is 15, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i2.2.2.0/24 1.1.1.1 0 111 0 2 i
* i 4.4.4.4 0 100 0 2 i
*>i9.9.9.0/24 1.1.1.1 0 111 0 2 i
* i 4.4.4.4 0 100 0 2 i此时R3上选路已经改变,但还是选路不够灵活,还是需要用route-map做
方法2:
router bgp 1
neighbor 3.3.3.3 route-map S out
ip prefix-list 2 seq 5 permit 2.2.2.0/24
no cdp log mismatch duplex
!
route-map S permit 10
match ip address prefix-list 2
set local-preference 111
!
route-map S permit 204.验证第4条AS路径最短:
R5#sh ip bgp
BGP table version is 3, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.0/24 35.1.1.3 0 1 2 i
*> 9.9.9.0/24 35.1.1.3 0 1 2 i这里的1 2 是有顺序的,顺序是从右往左,代表此路由先从2传到1,再传给R5的
这里要验证的就是这个AS 的长短即经过了几个AS,越短越优
AS path分为in 和 out两个方向,因为路由现在都是R2宣告的,所以out方向就是在R2上做
R2(config)#ip prefix-list 2 permit 2.2.2.0/24
R2(config)#route-map AS
R2(config-route-map)#match ip address prefix-list 2
R2(config-route-map)#set as-path prepend 6 7 8
R2(config)#route-map AS permit 20
R2(config)#router bgp 2
R2(config-router)#neighbor 24.1.1.4 route-map AS out查看R3
R3#sh ip bgp
BGP table version is 20, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i2.2.2.0/24 1.1.1.1 0 100 0 2 i
* i 4.4.4.4 0 100 0 2 6 7 8 i
* i9.9.9.0/24 1.1.1.1 0 100 0 2 i
*>i 4.4.4.4 0 100 0 2 i5.验证第6条最低的MED:(类似IGP的metric,用于告诉EBGP如何进入别的AS)
a.只能传一个AS
b.默认值为0
c.值越小越好
在R3上加一个环回口,地址8.8.8.0/24,并通告路由
R2#sh ip bgp
BGP table version is 4, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.0/24 0.0.0.0 0 32768 i
* 8.8.8.0/24 24.1.1.4 0 1 i
*> 12.1.1.1 0 1 i
*> 9.9.9.0/24 0.0.0.0 0 32768 i这里之所以选的R1为最优,是通过比较第10条,最低的router ID
因为MED是用于告诉对方如何进入其他AS,也就是需要告诉R2如何进入AS1到达8.8.8.0,因为metric默认是0,我们想让R2访问8.8.8.8通过R4进来,所以我们只能去将R1的metric改大
R1(config)#route-map MED
R1(config-route-map)#set metric 8
R1(config-router)#neighbor 12.1.1.2 route-map MED out查看R2:
R2#sh ip bgp
BGP table version is 5, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*> 8.8.8.0/24 24.1.1.4 0 1 i
* 12.1.1.1 8 0 1 i
*> 9.9.9.0/24 0.0.0.0 0 32768 i可以看到选路已经改变
验证选路的方法用扩展ping:
Reply to request 0 (80 ms). Received packet has options
Total option bytes= 40, padded length=40
Record route:
(13.1.1.3)
(12.1.1.1)
(2.2.2.2)
(24.1.1.2)
(34.1.1.4)
(8.8.8.8) <*>
(0.0.0.0)
(0.0.0.0)
(0.0.0.0)
End of list可以看出去是走的R1,回来的包走的R4
还可以通过debug看BGP更新
注意:比较常用的就是MED和local-preference
二、解决IBGP的水平分割
1.路由反射器
路由反射器是一个C/S模型,S端叫RR(router reflecter)
1.RR从EBGP收到路由,即会将路由反射给客户端,也会反射给非客户端
2.RR从clinet收到的路由,会将路由反射给非客户端,也会反射给EBGP邻居
3.RR从非clinet收到的路由,只会讲路由反射给客户端和EBGP邻居
实验验证:
R1通过EBGP学到了2.2.2.0/24的路由,传给了R3,由于IGP水平分割的原意,从IGP收的路由不会再转给IGP邻居,所以R4就收不到2.2.2.0/24的路由,如果想让R4收到,这时我们就需要用到路由反射器
R3(config)#router bgp 1
R3(config-router)#neighbor 1.1.1.1 route-reflector-client
R3(config-router)#neighbor 4.4.4.4 route-reflector-client此命令的作用就是指定R1和R4都为客户端,同时R3自己就成为了服务端即RR
查看R4:
R4#sh ip bgp
BGP table version is 15, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i2.2.2.0/24 1.1.1.1 0 111 0 2 i
*>i9.9.9.0/24 1.1.1.1 0 100 0 2 i2.联邦
联邦解决思路如图中所示,在IGP中再划分区域,叫联邦内的EBGP,这样就不存在IBGP水平分割问题了
实验步骤:
1.先配置小AS号(64512、64513)
2.再声明大AS号(1)
3.联邦EBGP之间互指peers
R1:
router bgp 64512 (声明小AS)
no synchronization
bgp router-id 1.1.1.1
bgp log-neighbor-changes
bgp confederation identifier 1 (指明大AS)
neighbor 3.3.3.3 remote-as 64512
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self (最优指定下一跳)
neighbor 12.1.1.2 remote-as 2
no auto-summaryR3:
router bgp 64512
no synchronization
bgp router-id 3.3.3.3
bgp log-neighbor-changes
bgp confederation identifier 1
bgp confederation peers 64513 (互指peer,让路由识别是联邦EBGP)
neighbor 1.1.1.1 remote-as 64512
neighbor 1.1.1.1 update-source Loopback0
neighbor 4.4.4.4 remote-as 64513
neighbor 4.4.4.4 ebgp-multihop 255
neighbor 4.4.4.4 update-source Loopback0
no auto-summaryR4:
router bgp 64513
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
bgp confederation identifier 1
bgp confederation peers 64512
neighbor 3.3.3.3 remote-as 64512
neighbor 3.3.3.3 ebgp-multihop 255
neighbor 3.3.3.3 update-source Loopback0
no auto-summary
R4#sh ip bgp
BGP table version is 3, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.0/24 1.1.1.1 0 100 0 (64512) 2 i
*> 9.9.9.0/24 1.1.1.1 0 100 0 (64512) 2 i联邦内的AS号不作为AS path的选路原则
三、社团属性
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
