从实验现象详细分析BGP的路由策略与选路原则
1.1?? 組網需求
1)? AS65001邊界網段發布:R2,R5重發布直連路由至ospf(metric 1000 type 1)
2)? AS65002 邊界網段發布:R1,R6network至ospf,并配置被動接口
3)? R3,R4發布業務網段至ospf1 area0 (10.13.3.0/24、10.14.4.0/24、10.15.4.0/24)
4)? BGP配置要求
No synchronization
No auto-summary
Neighbor<IBGP鄰居>update-source loopback0
Neighbor<IBGP鄰居>next-hop-self
5)? R2,R3,R4,R5都運行BGP;R3,R4為同簇RR(簇ID為R3loopback0),R2,R5都分別為R3,R4 的客戶端,且R3與R4之間建立普通的IBGP鄰居
6)? R3,R4發布AS65001的匯總路由至BGP:10.10.0.0/16、10.13.0.0/16、10.14.0.0/16、10.15.0.0/16
7)? R1,R6發布AS65002的匯總路由至BGP:10.200.0.0/16、10.30.0.0/16
1.2?? 組網拓撲
1.3?? 選路需求
AS 65002(R1,R6)去往10.13.0.0/16的主路徑走R1—R2
AS 65002 (R1,R6)去往10.14.0.0/16、10.15.0.0/16的主路徑走R6—R5
AS 65001 (R2,R3,R4,R5)去往10.20.0.0/16的主路徑走R2—R1
AS 65001? (R2,R3,R4,R5)去往10.30.0.0/16的主路徑走R5—R6
1.4?? 基本連通性測試
?
1.5?? BGP配置及調測
?
1)? BGP配置
R3(config)#
router bgp 65001
?bgp cluster-id 10.10.0.3
?bgp log-neighbor-changes
?network 10.10.0.0 mask 255.255.0.0
?network 10.13.0.0 mask 255.255.0.0
?network 10.14.0.0 mask 255.255.0.0
?network 10.15.0.0 mask 255.255.0.0
?neighbor as65001-rr peer-group
?neighbor as65001-rr remote-as 65001
?neighbor as65001-rr update-source Loopback0
?neighbor as65001-rr route-reflector-client
?neighbor as65001-rr next-hop-self
?neighbor 10.10.0.2 peer-group as65001-rr
?neighbor 10.10.0.4 remote-as 65001
?neighbor 10.10.0.4 update-source Loopback0
?neighbor 10.10.0.4 next-hop-self
?neighbor 10.10.0.5 peer-group as65001-rr
?no auto-summary
!????????
ip http server
no ip http secure-server
ip route 10.10.0.0 255.255.0.0 Null0
ip route 10.13.0.0 255.255.0.0 Null0
ip route 10.14.0.0 255.255.0.0 Null0
ip route 10.15.0.0 255.255.0.0 Null0
?
R4(config)#
router ospf 1
?router-id 10.10.0.4
?log-adjacency-changes
?passive-interface Ethernet1/1
?passive-interface Ethernet1/2
?network 10.10.0.4 0.0.0.0 area 0
?network 10.10.1.4 0.0.0.3 area 0
?network 10.10.1.8 0.0.0.3 area 0
?network 10.14.4.0 0.0.0.255 area 0
?network 10.15.4.0 0.0.0.255 area 0
!
router bgp 65001
?no synchronization
?bgp cluster-id 10.10.0.3
network 10.10.0.0 mask 255.255.0.0
?network 10.13.0.0 mask 255.255.0.0
?network 10.14.0.0 mask 255.255.0.0
?network 10.15.0.0 mask 255.255.0.0
?neighbor as65001-rr peer-group
?neighbor as65001-rr remote-as 65001
?neighbor as65001-rr update-source Loopback0
?neighbor as65001-rr route-reflector-client
?neighbor as65001-rr next-hop-self
?neighbor 10.10.0.2 peer-group as65001-rr
?neighbor 10.10.0.3 remote-as 65001
?neighbor 10.10.0.3 update-source Loopback0
?neighbor 10.10.0.3 next-hop-self
?neighbor 10.10.0.5 peer-group as65001-rr
?no auto-summary
!
no ip http secure-server
ip route 10.10.0.0 255.255.0.0 Null0
ip route 10.13.0.0 255.255.0.0 Null0
ip route 10.14.0.0 255.255.0.0 Null0
ip route 10.15.0.0 255.255.0.0 Null0
?
R2(config)#
router bgp 65001
?no synchronization
?bgp log-neighbor-changes
?neighbor 10.10.0.3 remote-as 65001
?neighbor 10.10.0.3 update-source Loopback0
?neighbor 10.10.0.3 next-hop-self
?neighbor 10.10.0.4 remote-as 65001
?neighbor 10.10.0.4 update-source Loopback0
?neighbor 10.10.0.4 next-hop-self
?neighbor 10.10.12.1 remote-as 65002
?neighbor 10.10.12.1 route-map as65002-in in
?no auto-summary
?
R5(config)#(略)
?
R1(config)#
router bgp 65002
?no synchronization
?bgp log-neighbor-changes
?network 10.20.0.0 mask 255.255.0.0
?network 10.30.0.0 mask 255.255.0.0
?neighbor 10.10.12.2 remote-as 65001
?neighbor 10.10.12.2 route-map as65001-in in
?neighbor 10.30.0.5 remote-as 65002
?neighbor 10.30.0.5 update-source Loopback0
?neighbor 10.30.0.5 next-hop-self
?no auto-summary
no ip http secure-server
ip route 10.20.0.0 255.255.0.0 Null0
ip route 10.30.0.0 255.255.0.0 Null0
?
R6(config)#(略)
?
2)? 查看鄰居狀態
R1#show ip bgp neighbors
BGP neighbor is 10.10.12.2,? remote AS 65001, external link
? BGP version 4, remote router ID 10.10.0.2
? BGP state = Established, up for 01:58:07
?
BGP neighbor is 10.30.0.5,? remote AS 65002, internal link
? BGP version 4, remote router ID 10.30.0.5
? BGP state = Established, up for 01:31:05
?
R2#show ip bgp neighbors
BGP neighbor is 10.10.0.3,? remote AS 65001, internal link
? BGP version 4, remote router ID 10.10.0.3
? BGP state = Established, up for 02:11:05
?
BGP neighbor is 10.10.0.4,? remote AS 65001, internal link
? BGP version 4, remote router ID 10.10.0.4
? BGP state = Established, up for 02:06:34
?
BGP neighbor is 10.10.12.1,? remote AS 65002, external link
? BGP version 4, remote router ID 10.20.0.1
? BGP state = Established, up for 01:59:57
?
R3#show ip bgp neighbors
BGP neighbor is 10.10.0.2,? remote AS 65001, internal link
?Member of peer-group as65001-rr for session parameters
? BGP version 4, remote router ID 10.10.0.2
? BGP state = Established, up for 02:12:26
?
BGP neighbor is 10.10.0.4,? remote AS 65001, internal link
? BGP version 4, remote router ID 10.10.0.4
? BGP state = Established, up for 02:07:38
?
?
BGP neighbor is 10.10.0.5,? remote AS 65001, internal link
?Member of peer-group as65001-rr for session parameters
? BGP version 4, remote router ID 10.10.0.5
? BGP state = Established, up for 01:33:47
?
R4#show ip bgp neighbors
BGP neighbor is 10.10.0.2,? remote AS 65001, internal link
?Member of peer-group as65001-rr for session parameters
? BGP version 4, remote router ID 10.10.0.2
? BGP state = Established, up for 02:09:08
?
BGP neighbor is 10.10.0.3,? remote AS 65001, internal link
? BGP version 4, remote router ID 10.10.0.3
? BGP state = Established, up for 02:09:30
?
BGP neighbor is 10.10.0.5,? remote AS 65001, internal link
?Member of peer-group as65001-rr for session parameters
? BGP version 4, remote router ID 10.10.0.5
? BGP state = Established, up for 01:35:45
?
?
R5#? show ip bgp neighbors
BGP neighbor is 10.10.0.3,? remote AS 65001, internal link
? BGP version 4, remote router ID 10.10.0.3
? BGP state = Established, up for 01:36:07
?
BGP neighbor is 10.10.0.4,? remote AS 65001, internal link
? BGP version 4, remote router ID 10.10.0.4
? BGP state = Established, up for 01:36:32
?
R6#show ip bgp neighbors
BGP neighbor is 10.10.56.1,? remote AS 65001, external link
? BGP version 4, remote router ID 10.10.0.5
? BGP state = Established, up for 01:36:32
?
BGP neighbor is 10.20.0.1,? remote AS 65002, internal link
? BGP version 4, remote router ID 10.20.0.1
? BGP state = Established, up for 01:37:12
3) BGP路由策略部署(方案一:Local_preference)
? R1(config)#
ip prefix-list p3 seq 5 permit 10.13.0.0/16
ip prefix-list p4 seq 5 permit 10.14.0.0/16
ip prefix-list p4 seq10 permit 10.15.0.0/16
!
route-map as65001-in permit 10
?match ip address prefix-list p3
?set local-preference 300
!
route-map as65001-in permit 20
?match ip address prefix-list p4
?set local-preference 200
!
route-map as65001-in permit 30
neighbor 10.10.12.2 route-map as65001-in in
R1#clear ip bgp *soft
?
R6(config)#
ip prefix-list p3 seq 5 permit 10.13.0.0/16
!????????
ip prefix-list p4 seq 5 permit 10.14.0.0/16
ip prefix-list p4 seq 10 permit 10.15.0.0/16
!
route-map as65001-in permit 10
?match ip address prefix-list p3
?set local-preference 200
!
route-map as65001-in permit 20
?match ip address prefix-list p4
?set local-preference 300
!
route-map as65001-in permit 30
!
neighbor 10.10.56.1 route-map as65001-in in
?
R6#clear? ip bgp * soft
?
R2(config)#
ip prefix-list p1 seq 5 permit 10.20.0.0/16
!
ip prefix-list p6 seq 5 permit 10.30.0.0/16
!
route-map as65002-in permit 10
?match ip address prefix-list p1
?set local-preference 300
!
route-map as65002-in permit 20
?match ip address prefix-list p6
?set local-preference 200
!
route-map as65002-in permit 30
neighbor 10.10.12.1 route-map as65002-in in
R2#clear? ip bgp * soft
?
ip prefix-list p1 seq 5 permit 10.20.0.0/16
!
ip prefix-list p6 seq 5 permit 10.30.0.0/16
!
route-map as65002-in permit 10
?match ip address prefix-list p1
?set local-preference 200
!
route-map as65002-in permit 20
?match ip address prefix-list p6
?set local-preference 300
neighbor 10.10.56.2 route-map as65002-in in
R5#clear? ip bgp * soft
?
查看設備的BGP表
R1#show ip bgp
?? Network????????? Next Hop??????????? Metric LocPrf Weight Path
*> 10.13.0.0/16???? 10.10.12.2??????????????????? 300????? 0 65001 i
*>i10.14.0.0/16???? 10.30.0.5??????????????? 0??? 300????? 0 65001 i
*???????????????? 10.10.12.2???????????????? ???200????? 0 65001 i
*>i10.15.0.0/16???? 10.30.0.5??????????????? 0??? 300????? 0 65001 i
*???????????????? 10.10.12.2?????????????????? ?200? ????0 65001 i
//選擇local preference 最大的路由
//BGP只把最優的路由通告給它的鄰居:以及基于鄰居的水平分割
R2#show ip bgp
*> 10.20.0.0/16???? 10.10.12.1?????????????? 0??? 300????? 0 65002 i
* i10.30.0.0/16???? 10.10.0.5??????????????? 0??? 300????? 0 65002 i
*>i???????????????? 10.10.0.5 ?????????????0??? 300????? 0 65002 i
*?????????????????? 10.10.12.1???????????? 0??? 200????? 0 65002 i
// 選擇local preference 最大的路由
// 選擇router id 最大的BGP鄰居通告的路由
//BGP只把最優的路由通告給它的鄰居:以及基于鄰居的水平分割
//從IBGP學習到的路由不通告給其他的IBGP鄰居
R3#show ip bgp
*>i10.20.0.0/16???? 10.10.0.2??????????????? 0??? 300????? 0 65002 i
*>i10.30.0.0/16???? 10.10.0.5??????????????? 0??? 300????? 0 65002 i
R4# show ip bgp
*>i10.20.0.0/16???? 10.10.0.2??????????????? 0??? 300????? 0 65002 i
*>i10.30.0.0/16???? 10.10.0.5??????????????? 0??? 300 ?????0 65002 i
R5#show ip bgp
* i10.20.0.0/16???? 10.10.0.2??????????????? 0??? 300????? 0 65002 i
*?????????????????? 10.10.56.2?????????????? 0??? 200????? 0 65002 i
*>i???????????????? 10.10.0.2??????????????? 0??? 300????? 0 65002 i
*> 10.30.0.0/16??? ?10.10.56.2?????????????? 0??? 300????? 0 65002 i
//來吧,我們解釋一下這里為這么10.20.0.0/16有三條,而10.30.0.0/16有一條:
首先,在剛開始的時候,R2將10.20.0./16網段發給R3,R5也將該網段發給R3,R3經過比較之后將從R2發過來的路由反射給R5,此時R5不會再發回去了(IBGP的水平分割),假設R5還與其他設備是BGP鄰居關系,它只會將從R3反射過來的路由傳播出去(傳播最優路由),此時關于10.20.0.0/16網段有兩個RR反射的和一個EBGP鄰居傳來的優先級是200的
而10.30.0.0/16網段根據前面的分析,及時這個網段從R1傳到R2,R2再傳到R3,但因為優先級是200,而R3從R5收到的關于該網段的優先級則為300,R3經過再三考慮,決定不將從R2傳來的路由反射給R5,因為它不是最優的,所以10.30.0.0/16網段只有一條
R6#show ip bgp
*? 10.13.0.0/16???? 10.10.56.1??????????????????? 200????? 0 65001 i
*>i??? ?????????????10.20.0.1??????????????? 0??? 300????? 0 65001 i
*> 10.14.0.0/16???? 10.10.56.1??????????????????? 300????? 0 65001 i
*> 10.15.0.0/16???? 10.10.56.1??????????????????? 300????? 0 65001 i
驗證:
① 用10.20.5.1 traceroute 10.13.3.1
分析:
R1#show ip route
B?????? 10.13.0.0/16 [20/0] via 10.10.12.2, 02:44:05?
C?????? 10.10.12.0/30 is directly connected, Serial0/1
數據包從s0/1轉出到R2
R2#show ip route
O?????? 10.13.3.0/24 [110/110] via 10.10.1.2, 03:13:06, Serial0/1
C?????? 10.10.1.0/30 is directly connected, Serial0/1
從s0/1出,到R3
R3# show ip route
C?????? 10.13.3.0/24 is directly connected, Ethernet1/1
到達目的地
查看traceroute 結果
R1#traceroute 10.13.3.1 sour 10.20.5.1
? 1 10.10.12.2 [AS 65001] 28 msec 76 msec 28 msec
? 2 10.10.1.2 [AS 65001] 76 msec *? 488 msec
?
用10.20.5.1 traceroute 10.14.4.1
B?????? 10.14.0.0/16 [200/0] via 10.30.0.5, 02:43:54
O?????? 10.30.0.5/32 [110/101] via 10.20.1.2, 03:08:44, Ethernet1/0
?C?????? 10.20.1.0/30 is directly connected, Ethernet1/0
從e1/0出,到R6
R6#show ip route
B?????? 10.14.0.0/16 [20/0] via 10.10.56.1, 02:50:26
C?????? 10.10.56.0/30 is directly connected, Serial0/0
從s0/0出,到R5
O?????? 10.14.4.0/24 [110/110] via 10.10.1.9, 03:16:39, Serial0/0
C?????? 10.10.1.8/30 is directly connected, Serial0/0
從s0/0出,到R4
R4#show ip route
C?????? 10.14.4.0/24 is directly connected, Ethernet1/1
到達目的地
查看traceroute 結果
R1#traceroute 10.14.4.1 sour 10.20.5.1
? 1 10.20.1.2 40 msec 60 msec 48 msec
? 2 10.10.56.1 [AS 65001] 40 msec 468 msec 288 msec
? 3 10.10.1.9 [AS 65001] 908 msec 520 msec *
?
② 用10.14.4.1 traceroute 10.20.5.1
R4#show ip route
B?????? 10.20.0.0/16 [200/0] via 10.10.0.2, 02:44:04
O?????? 10.10.0.2/32 [110/201] via 10.10.1.10, 03:17:45, Serial0/1
???????????????????? [110/201] via 10.10.1.5, 03:17:45, Serial0/0
C?????? 10.10.1.8/30 is directly connected, Serial0/1
C?????? 10.10.1.4/30 is directly connected, Serial0/0
數據包到達R2
R2#show ip route
B?????? 10.20.0.0/16 [20/0] via 10.10.12.1, 02:36:58
C?????? 10.10.12.0/30 is directly connected, Serial0/0
從s0/0出到達R1
R1#show ip route
C?????? 10.20.5.0/24 is directly connected, Ethernet1/1
到達目的地
查看traceroute 結果
R4# traceroute 10.20.5.1 sour 10.14.4.1
? 1 10.10.1.10 60 msec
??? 10.10.1.5 28 msec
??? 10.10.1.10 380 msec
? 2 10.10.1.1 120 msec
??? 10.10.1.13 60 msec
??? 10.10.1.1 52 msec
? 3 10.10.12.1 484 msec 764 msec *
4) BGP路由策略部署(方案二:MED)
R1(config)#
ip prefix-list p5 seq 5 permit 10.20.0.0/16
!????????
ip prefix-list p6 seq 5 permit 10.30.0.0/16
!
route-map as65002-out permit 10
?match ip address prefix-list p5
?set metric 1000
!
route-map as65002-out permit 20
?match ip address prefix-list p6
?set metric 2000
!
route-map as65002-out permit 30
?neighbor 10.10.12.2 route-map as65002-out out
?
R6(config)#
ip prefix-list p5 seq 5 permit 10.20.0.0/16
ip prefix-list p6 seq 5 permit 10.30.0.0/16
route-map as65002-out permit 10
?match ip address prefix-list p5
?set metric 2000
!
route-map as65002-out permit 20
?match ip address prefix-list p6
?set metric 1000
!
route-map as65002-out permit 30
!
neighbor 10.10.56.1 route-map as65002-out out
?
R2(config)#
ip prefix-list p3 seq 5 permit 10.13.0.0/16
!
ip prefix-list p4 seq 5 permit 10.14.0.0/16
ip prefix-list p4 seq 10 permit 10.15.0.0/16
!
route-map as65001-out permit 10
?match ip address prefix-list p3
?set metric 1000
!
route-map as65001-out permit 20
?match ip address prefix-list p4
?set metric 2000
!
route-map as65001-out permit 30
neighbor 10.10.12.1 route-map as65001-out out
?
R5(config)#
?
ip prefix-list p3 seq 5 permit 10.13.0.0/16
!
ip prefix-list p4 seq 5 permit 10.14.0.0/16
ip prefix-list p4 seq 10 permit 10.15.0.0/16
!
route-map as65001-out permit 10
?match ip address prefix-list p3 //實驗中因為把P3寫成了3導致med發布錯誤
?set metric 2000
!
route-map as65001-out permit 20
?match ip address prefix-list p4
?set metric 1000
!
neighbor 10.10.56.2 route-map as65001-out out
?
R1#show ip bgp
?? Network????????? Next Hop??????????? Metric LocPrf Weight Path
*> 10.10.0.0/16???? 10.10.12.2???????????????????????????? 0 65001 i
*> 10.13.0.0/16???? 10.10.12.2??????????? 1000???????????? 0 65001 i
* i10.14.0.0/16??? ?10.30.0.5???????????? 2000??? 100????? 0 65001 i
*>????????????????? 10.10.12.2??????????? 2000???????????? 0 65001 i
* i10.15.0.0/16???? 10.30.0.5???????????? 2000??? 100????? 0 65001 i
*>????????????????? 10.10.12.2??????????? 2000???????????? 0 65001 i
* i10.20.0.0/16???? 10.30.0.5??????????????? 0??? 100????? 0 i
*>????????????????? 0.0.0.0????????????????? 0???????? 32768 i
* i10.30.0.0/16???? 10.30.0.5??????????????? 0??? 100????? 0 i
*>????????????????? 0.0.0.0????????????????? 0???????? 32768 i
?? ???查看各設備的BGP表
R1#show ip bgp???
?? Network????????? Next Hop??????????? Metric LocPrf Weight Path
*> 10.10.0.0/16???? 10.10.12.2???????????????????????????? 0 65001 i
*> 10.13.0.0/16???? 10.10.12.2??????????? 1000???????????? 0 65001 i
*>i10.14.0.0/16??? ?10.30.0.5???????????? 1000??? 100????? 0 65001 i
//自己從EBGP鄰居R2處收到的路由MED是2000,而從IBGP鄰居收到的MED值是1000,選擇從IBGP即R6處收到的路由
*???????????????? 10.10.12.2??????????? 2000???????????? 0 65001 i
*>i10.15.0.0/16???? 10.30.0.5???????????? 1000??? 100????? 0 65001 i
*?? ???????????????10.10.12.2??????????? 2000???????????? 0 65001 i
?
R2# show ip bgp
?? Network????????? Next Hop??????????? Metric LocPrf Weight Path
*> 10.20.0.0/16???? 10.10.12.1??????????? 1000???????????? 0 65002 i
* i10.30.0.0/16???? 10.10.0.5????????? ???1000??? 100????? 0 65002 i
*>i???????????????? 10.10.0.5???????????? 1000??? 100????? 0 65002 i
*?????????????????? 10.10.12.1??????????? 2000???????????? 0 65002 i
R5#show ip bgp
*? 10.20.0.0/16???? 10.10.56.2??????????? 2000???????????? 0 65002 i
* i???????????????? 10.10.0.2???????????? 1000??? 100????? 0 65002 i
*>i???????????????? 10.10.0.2???????????? 1000??? 100????? 0 65002 i
*> 10.30.0.0/16???? 10.10.56.2??????????? 1000???????????? 0 65002 i
?
R6# show ip bgp
?? Network????????? Next Hop????? ??????Metric LocPrf Weight Path
*>i10.10.0.0/16???? 10.20.0.1??????????????? 0??? 100????? 0 65001 i
*>i10.13.0.0/16???? 10.20.0.1???????????? 1000??? 100????? 0 65001 i
*???????????????? 10.10.56.1??????????? 2000???????????? 0 65001 i
*> 10.14.0.0/16??? ?10.10.56.1??????????? 1000???????????? 0 65001 i
*> 10.15.0.0/16???? 10.10.56.1??????????? 1000???????????? 0 65001 i
?
R6#trace 10.13.3.1 source e1/1
? 1 10.20.1.1 44 msec 40 msec 32 msec
? 2 10.10.12.2 [AS 65001] 72 msec 144 msec 192 msec
? 3 10.10.1.2 [AS 65001] 172 msec *? 760 msec
?
R6#trace 10.14.4.1 source e1/1
?
? 1 10.10.56.1 [AS 65001] 192 msec 200 msec 24 msec
? 2 10.10.1.9 [AS 65001] 120 msec *? 232 msec
R3#traceroute 10.30.6.1 source e1/1
? 1 10.10.1.6 48 msec
??? 10.10.1.1 56 msec
?? //在這里有個IGP的負載均衡,如果下一跳選擇10.10.1.1,那么就會到達R2,R2從R1收到的關于10.30.0.0/16網段的MED是3000,而從R5收到的該網段的MED是2000,所以會選擇下一跳是R5(10.10.1.14)
10.10.1.6 236 msec
//如果下一跳選擇10.10.1.6 ,那么數據包到達R4,R4上關于10.30.0.0/16網段的路由下一跳是R5<原因:R4通過查找路由表 ,通過BGP顯示下一跳是R5,再通過IGP遞歸查找 <<話說又為什么是R5呢,順便來說一下為什么10.30.0.0/16只有這么一條,怎么就沒有從R2反射過來的MED值較大的放進BGP表中呢?答案是這樣的,因為R2根本就沒有把10.30.0.0/16這個網段傳播出去,因為它從R4那里收到了一條更優的也就是MED值更小的關于該網段的路由,所以無論是經過比較誰最優還是基于IBGP的水平分割,它都不應該把這條路由傳播出去,所以R4的BGP表中只有一條關于該網段的路由>>>
? 2 10.10.1.14 668 msec
??? 10.10.1.10 276 msec
??? 10.10.1.14 388 msec
? 3 10.10.56.2 120 msec 520 msec *
?
達到了要求
?
1.2.8? BGP路由策略部署(方案三:Local_Prefence+MED)
以下思路版權歸spring所有
R1:首先解決別人進來的時候怎么選路問題
在R1上調整MED值,10.20.0.0/16網段的MED 2000,10.30.0.0/16網段的MED 3000 ,然后 應用在neighbor的出方向上<調整好之后發出去供別人比較>
其次解決自己出去的時候怎么選路問題
在R1上調整別人進來時的本地優先級,10.13.0.0/16網段的本地優先級300,10.14.0.0/16和10.15.0.0/16網段的本地優先級200,然后應用在neighbor的in方向上 <你一進來我就該你優先級供我本AS系統比較使用>
在R6上面與R1完全相反的思路配置即可
?
BGP配置
R1:
ip prefix-list p3 seq 5 permit 10.13.0.0/16
ip prefix-list p4 seq 5 permit 10.14.0.0/16
ip prefix-list p4 seq 10 permit 10.15.0.0/16
ip prefix-list p5 seq 5 permit 10.20.0.0/16
ip prefix-list p6 seq 5 permit 10.30.0.0/16
route-map as65001-in permit 10
?match ip address prefix-list p3
?set local-preference 300
route-map as65001-in permit 20
?match ip address prefix-list p4
?set local-preference 200
route-map as65001-in permit 30
route-map as65002-out permit 10
?match ip address prefix-list p5
?set metric 1000
route-map as65002-out permit 20
?match ip address prefix-list p6
?set metric 2000
route-map as65002-out permit 30
router bgp 65002
neighbor 10.10.12.2 route-map as65001-in in
?neighbor 10.10.12.2 route-map as65002-out out
?
R6:
ip prefix-list p3 seq 5 permit 10.13.0.0/16
ip prefix-list p4 seq 5 permit 10.14.0.0/16
ip prefix-list p4 seq 10 permit 10.15.0.0/16
ip prefix-list p5 seq 5 permit 10.20.0.0/16
ip prefix-list p6 seq 5 permit 10.30.0.0/16
route-map as65001-in permit 10
?match ip address prefix-list p3
?set local-preference 200
route-map as65001-in permit 20
?match ip address prefix-list p4
?set local-preference 300
route-map as65001-in permit 30
route-map as65002-out permit 10
?match ip address prefix-list p5
?set metric 2000
route-map as65002-out permit 20
?match ip address prefix-list p6
?set metric 1000
route-map as65002-out permit 30
router bgp 65002
neighbor 10.10.56.1 route-map as65001-in in
?neighbor 10.10.56.1 route-map as65002-out out
?
?
查看各設備的BGP表
R1#show ip bgp
?
?? Network????????? Next Hop??????????? Metric LocPrf Weight Path
* i10.10.0.0/16???? 10.30.0.5??????????????? 0 ???100????? 0 65001 i
*>????????????????? 10.10.12.2???????????????????????????? 0 65001 i
*> 10.13.0.0/16???? 10.10.12.2??????????????????? 300????? 0 65001 i
*>i10.14.0.0/16???? 10.30.0.5??????????????? 0??? 300????? 0 65001 i
*?????????????????? 10.10.12.2??????????????????? 200????? 0 65001 i
*>i10.15.0.0/16???? 10.30.0.5??????????????? 0??? 300????? 0 65001 i
*?????????????????? 10.10.12.2??????????????????? 200????? 0 65001 i
* i10.20.0.0/16???? 10.30.0.5??????????????? 0??? 100????? 0 i
*>?????????? ???????0.0.0.0????????????????? 0???????? 32768 i
* i10.30.0.0/16???? 10.30.0.5??????????????? 0??? 100????? 0 i
*>????????????????? 0.0.0.0????????????????? 0???????? 32768 i
?
R2#show ip bgp
*> 10.20.0.0/16???? 10.10.12.1??????????? 1000???????????? 0 65002 i
* i10.30.0.0/16???? 10.10.0.5???????????? 1000??? 100????? 0 65002 i
*>i???????????????? 10.10.0.5???????????? 1000??? 100????? 0 65002 i
*?????????????????? 10.10.12.1??????????? 2000???????????? 0 65002 i
總結:我本來想看一下R1自己設置的MED,可是我沒看見,卻在R2上看見了,這個實驗現象表明:MED太殘忍了,它對自己人進行各種蹂躪,最后卻把結果發出去給別人使用,自己都看不見,暈~~
R6和R5上面我就不用看了吧,親,大同小異啦
?
為了展示偶的才華,偶覺得traceroute一下紙
R1#traceroute 10.14.4.1 source 10.20.5.1
? 1 10.20.1.2 32 msec 316 msec 56 msec
? 2 10.10.56.1 [AS 65001] 204 msec 148 msec 312 msec
? 3 10.10.1.9 [AS 65001] 632 msec 368 msec 1288 msec
好吧,我決定分析一下這個路徑,告訴你們為什么它這樣走撒
首先呢,R1收到R2發來的10.14.0.0/16網段,自己將其優先級改為了200
然后呢,R1收到R6發來的10.14.0.0/16網段的優先級是300
最后呢,R1選擇由R6發來的路由優先
?
當數據包到達R6之后,R6由要選路了
暈,這個就沒什么可選的啦,只有一條,那就是它的EBGP鄰居發來滴,你若要問我為什么,暈,難道它有其他選擇嗎?R1發來的關于這個網段的路由的優先級是200!!
?
當數據包到R5之后,R5又開始選路啦
也沒什么可選的 就R4了,不解釋
?
R3#traceroute 10.30.6.1 source e1/1
?
Type escape sequence to abort.
Tracing the route to 10.30.6.1
?
? 1 10.10.1.1 64 msec
??? 10.10.1.6 192 msec
??? 10.10.1.1 376 msec
? 2 10.10.1.10 316 msec
??? 10.10.1.14 88 msec
??? 10.10.1.10 32 msec
? 3 10.10.56.2 336 msec *? 700 msec
?
1.2.9 bgp 缺省路由
向鄰居發布缺省路由
R2(config)#router bgp 65001
R2(config-router)#nei 10.10.12.1 default-originate
R1#show ip bgp
*> 0.0.0.0????????? 10.10.12.2?????????????? 0??????????? ?0 65001 i
R1# show ip route
B*?? 0.0.0.0/0 [20/0] via 10.10.12.2, 00:01:08
向全網發布缺省路由
R3(config)#ip route 0.0.0.0 0.0.0.0 null 0
R3(config)#router bgp 65001
R3(config-router)#net 0.0.0.0
R1# show ip route
B*?? 0.0.0.0/0 [20/0] via 10.10.12.2, 00:00:06
R2#show ip route
B*?? 0.0.0.0/0 [200/0] via 10.10.0.3, 00:00:25
R3#show ip route
S*?? 0.0.0.0/0 is directly connected, Null0
R4#show ip route
B*?? 0.0.0.0/0 [200/0] via 10.10.0.3, 00:00:37
R5# show ip route
B*?? 0.0.0.0/0 [200/0] via 10.10.0.3, 00:02:39
R6#show ip route
B*?? 0.0.0.0/0 [20/0] via 10.10.56.1, 00:00:12
?
?
1.3 組網二:BGP路由策略與選路控制(二)
1.3.1 組網需求
1)? AS65001邊界網段發布:R2,R5重發布直連路由至ospf(metric 1000 type 1)
2)? R3,R4發布業務網段至ospf1 area0 (10.13.3.0/24、10.14.4.0/24、10.15.4.0/24)
3)? R1發布AS65002的匯總路由至BGP:10.20.0.0/16
4)? R6發布 AS65003的匯總路由至BGP: ?10.30.0.0/16
5)? R2,R3,R4,R5都運行BGP;R3,R4為同簇RR(簇ID為R3loopback0),R2,R5都分別為R3,R4 的客戶端,且R3與R4之間建立普通的IBGP鄰居
6)? R3,R4發布AS65001的匯總路由至BGP:10.10.0.0/16、10.13.0.0/16、10.14.0.0/16、10.15.0.0/16
7)? BGP配置要求
No synchronization
No auto-summary
Neighbor<IBGP鄰居>update-source loopback0
Neighbor<IBGP鄰居>next-hop-self
?
1.3.2組網拓撲
?
1.3.3????????? ?選路需求
AS 65002(R1)去往其他AS的主路徑走R1—R2;AS 65003 (R6)去往其他AS的主路徑走R6—R5;即 AS65002—AS65003 的鏈路(R1—R6)只用作備份鏈路.
AS 65001 (R2,R3,R4,R5)去往10.20.0.0/16的主路徑走R2—R1
AS 65001? (R2,R3,R4,R5)去往10.30.0.0/16的主路徑走R5—R6
1.3.4????????? 基本連通性測試
1.3.5????????? 1.3.5 BGP配置及調測
BGP配置
查看各設備的BGP鄰居狀態,BGP表,全局路由表
不做任何屬性的配置
R1#show ip bgp
? Network????????? Next Hop??????????? Metric LocPrf Weight Path
*? 10.13.0.0/16???? ????10.20.1.2????????????????????????????? 0 6500365001i
*>????????????????? ???10.10.12.2???????????????????????????? 0 65001 i
//選擇AS_path最大unde路由
R6#show ip bgp
?? Network????????? Next Hop??????????? Metric LocPrf Weight Path
*? 10.14.0.0/16???? 10.20.1.1???????????????????????????? 0 65002 65001 i
*>????????????????? 10.10.56.1? ???????????????????????????0 65001 i
*? 10.15.0.0/16???? 10.20.1.1???????????????????????????? 0 65002 65001 i
*>????????????????? 10.10.56.1??????????????????????????? 0 65001 i
*? 10.20.0.0/16???? 10.10.56.1??????????????????????????? 0 65001 65002 i
*> ?????????????????10.20.1.1??????????????? 0???????????? 0 65002 i
//選擇as_path最短的路由
Network????????? Next Hop??????????? Metric LocPrf Weight Path
*>i10.30.0.0/16???? 10.10.0.5??????????????? 0??? 100????? 0 65003 i
* i???????????????? 10.10.0.5??????????? ????0??? 100????? 0 65003 i
*?????????????????? 10.10.12.1?????????????????????????? 0 65002 65003 i
R5#show ip bgp
Network????????? Next Hop??????????? Metric LocPrf Weight Path
*? 10.20.0.0/16???? 10.10.56.2???????????????????????????? 0 65003 65002 i
* i???????????????? 10.10.0.2??????????????? 0??? 100????? 0 65002 i
*>i???????????????? 10.10.0.2??????????????? 0??? 100????? 0 65002 i
*> 10.30.0.0/16???? 10.10.56.2?????????????? 0???????????? 0 65003 i
//選擇AS_path最短的路由,<R5只選擇了AS號為65002的路由>
//選擇router id最小的BGP鄰居通告的路由<兩個一樣的路由中其中被選擇的那一條是R3反射的路由,所以選擇它>
//BGP只把最優的路由通告給它的鄰居,記憶基于鄰居的水平分割<10.30.0.0/16網段沒有收到其IBGP鄰居R2通告的路由,是因為R2同時收到R6通告給自己的路由,發現自己所擁有的那條路由不是最優的,所以不會通告給R6>
//從IBGP學到的路由不通告給其他的IBGP鄰居<R2是個文明人那,收到了R6發來的最優路由也不說在通告回去,恩,值得表揚>
R3#show ip bgp
*>i10.20.0.0/16 ????10.10.0.2??????????????? 0??? 100????? 0 65002 i
*>i10.30.0.0/16???? 10.10.0.5??????????????? 0??? 100????? 0 65003 i
R4#show ip bgp
*>i10.20.0.0/16???? 10.10.0.2??????????????? 0??? 100????? 0 65002 i
*>i10.30.0.0/16???? 10.10.0.5??????????????? 0??? 100????? 0 65003 i
?
?
由以上可知,在沒有配置任何BGP路由策略的情況下,AS65001已經達到了選路需求
?
?
?
?
1.4? BGP路由策略部署(方案一 :增加AS_PATH長度)?
1) 在R1,R6上,操控AS_path來實現需求
R6將向AS65002通的路由的AS AS_path增加2個長度(即向AS_PATH中增加兩個AS號,一般增加自己的AS號)
R1將向AS65003通的路由的AS AS_path增加2個長度(即向AS_PATH中增加兩個AS號,一般增加自己的AS號)
R1:
route-map add-as permit 10
?set as-path prepend 65002 65002
router bgp 65002
neighbor 10.20.1.2 route-map add-as out
?
R2:
route-map add-as permit 10
?set as-path prepend 65003 65003
router bgp 65003
neighbor 10.20.1.1 route-map add-as out
2) 查看各設備的BGP表
R1#show ip bgp
*> 10.30.0.0/16???? 10.10.12.2???????????????????????????? 0 65001 65003 i
*?????????????????? 10.20.1.2??????????????? 0???????????? 0 65003 65003 65003 i
//選擇了as_path短的路由
R6#show ip bgp
*? 10.20.0.0/16???? 10.20.1.1??????????????? 0????? ???????0 65002 65002 65002 i
*>????????????????? 10.10.56.1???????????????????????????? 0 65001 65002 i
//選擇了as_path短的路由
?
跟蹤測試:
?
?
?
成功!!!!!
1.5 BGP路由策略部署(方案二:local_preference)
1) 在R1,R6上,操控local_preference來實現選路需求
2) 在R1,R6上,將從AS65001收到的路由的local-preference設置為300,從其他AS收到的路由的本地優先級采用默認值
R1:
route-map as65001-in permit 10
?set local-preference 300
router bgp 65002
neighbor 10.10.12.2 route-map as65001-in in
r6:
route-map as65001-in permit 10
?set local-preference 300
router bgp 65003
nei 10.10.56.1 route-m as65001-in
3) 查看各設備的BGP表
R1#show ip bgp
*? 10.10.0.0/16???? 10.20.1.2????????????????????????????? 0 65003 65001 i
*>????????????????? 10.10.12.2??????????????????? 300????? 0 65001 i
*? 10.13.0.0/16???? 10.20.1.2????????????????????????????? 0 65003 65001 i
*>????????????????? 10.10.12.2??????????????????? 300????? 0 65001 i
*? 10.14.0.0/16???? 10.20.1.2????????????????????????????? 0 65003 65001 i
*>????????????????? 10.10.12.2??????????????????? 300????? 0 65001 i
*? 10.15.0.0/16???? 10.20.1.2?????????????? ???????????????0 65003 65001 i
*>????????????????? 10.10.12.2??????????????????? 300????? 0 65001 i
*> 10.20.0.0/16???? 0.0.0.0????????????????? 0???????? 32768 i
*> 10.30.0.0/16???? 10.10.12.2??????????????????? 300????? 0 65001 65003 i
*???????????????? ??10.20.1.2??????????????? 0???????????? 0 65003 i
//從AS65001過來的路由優先級都變為300, 也正因為如此,在去往10.30.0.0/16這條路的時候,不直接走R6的緣故
R6#show ip bgp
?
?? Network????????? Next Hop??????????? Metric LocPrf Weight Path
*? 10.10.0.0/16???? 10.20.1.1???????????????????????????? ?0 65002 65001 i
*>????????????????? 10.10.56.1??????????????????? 300????? 0 65001 i
*? 10.13.0.0/16???? 10.20.1.1????????????????????????????? 0 65002 65001 i
*>????????????????? 10.10.56.1??????????????????? 300????? 0 65001 i
*? 10.14.0.0/16???? 10.20.1.1????????????????????????????? 0 65002 65001 i
*>????????????????? 10.10.56.1??????????????????? 300????? 0 65001 i
*? 10.15.0.0/16???? 10.20.1.1????????????????????????????? 0 65002 65001 i
*>????????????????? 10.10.56.1??????????????????? 300????? 0 65001 i
*? 10.20.0.0/16???? 10.20.1.1??????????????? 0???????????? 0 65002 i
*>????????????????? 10.10.56.1??????????????????? 300????? 0 65001 65002 i
*> 10.30.0.0/16???? 0.0.0.0????????????????? 0???????? 32768 i
跟蹤結果:
?
?
都饒了一大圈兒…..
?
1.5 BGP補充實驗
1.6.1 BGP負載均衡
實驗拓撲就是在下面這個圖上面的R1和R2之間加一條廣域網鏈路,都是S0/2
?
1.6.1 負載均衡組網需求:
?BGP只把最優的路由通告給鄰居,故BGP不能向鄰居通告等價路由
如圖,怎樣實現在R2—R1之間的兩條鏈路上實現負載均衡
1.6.2 解決辦法一:將R2—R1之間的兩條鏈路上進行捆綁,捆綁成一條鏈路使用
以太網鏈路使用手動捆綁或者LACP捆綁,PPP鏈路使用PPP multi-link
1.6.3 解決辦法二:每條鏈路建立一個EBGP鄰居,進行BGP本地負載均衡
R1:
router bgp 65002
neighbor 10.10.12.2 remote-as 65001
neighbor 10.10.12.6 remote-as 65001
maximum-paths 2
R2:
router bgp 65001
neighbor 10.10.12.1 remote-as 65002
neighbor 10.10.12.5 remote-as 65002
?maximum-paths 2
?
?
查看BGP表
R2#show ip bgp
*? 10.20.0.0/16???? 10.10.12.5?????????????? 0???????????? 0 65002 i
*>????????????????? 10.10.12.1?????????????? 0??? 300????? 0 65002 i
*? 10.30.0.0/16???? 10.10.12.5?????????????? 0???????????? 0 65002 i
* i???????????????? 10.10.0.5??????????????? 0??? 300????? 0 65002 i
*>i???????????????? 10.10.0.5??????????????? 0??? 300????? 0 65002 i
*?????????????????? 10.10.12.1?????????????? 0??? 200????? 0 65002 i
?
R1#show ip route
B?????? 10.10.0.0/16 [20/0] via 10.10.12.6, 00:00:04
???????????????????? [20/0] via 10.10.12.2, 00:00:04
B?????? 10.14.0.0/16 [20/0] via 10.10.12.6, 00:00:04
???????????????????? [20/0] via 10.10.12.2, 00:00:04
B?????? 10.15.0.0/16 [20/0] via 10.10.12.6, 00:00:04
???????????????????? [20/0] via 10.10.12.2, 00:00:04
B?????? 10.13.0.0/16 [20/0] via 10.10.12.6, 00:00:04
???????????????????? [20/0] via 10.10.12.2, 00:00:04
R2#??? show ip route
B?????? 10.30.0.0/16 [20/0] via 10.10.12.5, 00:00:37
???????????????????? [20/0] via 10.10.12.1, 00:00:37
B?????? 10.20.0.0/16 [20/0] via 10.10.12.5, 00:00:37
???????????????????? [20/0] via 10.10.12.1, 00:00:37
R6#show ip route
B?????? 10.13.0.0/16 [200/0] via 10.20.0.1, 00:01:46
R6# show ip bgp
*>i10.13.0.0/16???? 10.20.0.1??????????????? 0??? 100????? 0 65001 i
//R1選擇一條最優的通告給R6
?
BGP負載均衡只在本地有效:如果配置了maximum-paths N,BGP可將N相同網段且LP ,AS_PATH,ORIGIN,MEN,WEIGH都完全相同的外部AS路由,形成負載均衡路由安裝到全局路由表;但最終還是會選出其中一條最優的路由通告給鄰居
?
1.6.4 法三:使用loopback來建多跳EBGP鄰居及靜態路由解決負載均衡問題
R1:
ip route 10.10.0.2 255.255.255.255 Serial0/1 10.10.12.2
ip route 10.10.0.2 255.255.255.255 Serial0/2 10.10.12.6
router bgp 65002
neighbor 10.10.0.2 remote-as 65001
?neighbor 10.10.0.2 ebgp-multihop 2
?neighbor 10.10.0.2 update-source Loopback0
R2:
ip route 10.20.0.1 255.255.255.255 Serial0/0 10.10.12.1
ip route 10.20.0.1 255.255.255.255 Serial0/2 10.10.12.5
router bgp 65001
neighbor 10.20.0.1 remote-as 65002
?neighbor 10.20.0.1 ebgp-multihop 2
?neighbor 10.20.0.1 update-source Loopback0
?
?
R2#show ip bgp
*> 10.20.0.0/16???? 10.20.0.1??????????????? 0???????????? 0 65002 i
R2show ip bgp
B?????? 10.20.0.0/16 [20/0] via 10.20.0.1, 00:02:39 //下一跳負載均衡
S?????? 10.20.0.1/32 [1/0] via 10.10.12.5, Serial0/2
???????????????????? [1/0] via 10.10.12.1, Serial0/0
?
R1#show ip bgp
*> 10.13.0.0/16???? 10.10.0.2??????????????????? ??????????0 65001 i
R1#show ip route
B?????? 10.13.0.0/16 [20/0] via 10.10.0.2, 00:03:30 //下一跳負載均衡
S?????? 10.10.0.2/32 [1/0] via 10.10.12.6, Serial0/2
???????????????????? [1/0] via 10.10.12.2, Serial0/1
?
轉載于:https://www.cnblogs.com/understand8/archive/2012/09/07/2674954.html
總結
以上是生活随笔為你收集整理的从实验现象详细分析BGP的路由策略与选路原则的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: android网络编程——HttpGet
- 下一篇: 十进制与二进制八进制十六进制的相互转换