BGP選路13條原則全實戰,一條條幫你梳理支撐整個互聯網的選路原則
11.7.1 BGP選路原則理論
BGP不是簡單的通過metric來選路最優的路由
所有的路徑屬性歸為一下四類:
? 周知強制屬性
? 周知自選屬性
? 可選傳遞性屬性
? 可選非傳遞屬性
以上屬性分為兩類,首先,周知屬性,即所有BGP實現都必須能識別這些屬性;其次是可選屬性,即並不要求bgp實現支持這些屬性
如果可選屬性是傳遞的,那麽bgp進程應該接收該屬性中包含的路徑(即使不支持),並將路徑傳遞給鄰居
如果可選屬性是非傳遞的,那麽無法識別該屬性的bgp進程忽略update消息中包含的屬性,並不傳遞給鄰居
從記憶和應用角度來講通常我們不會把過多的精力放到以上四類屬性的分類。恰恰我們將采用一種“邪惡”的角度去記憶BGP的13條選路原則:
分別對應的英文單詞為:
1、W(world) Weight
2、L(love)local preference,本地優先級
3、O(organization)Sourced,本地起源
4、A(asia)AS-PATH
5、O(Office)Origin,起源代碼
6、M,MED,多出口分離器
7、E,EBGP優於IBGP
8、M,到達更新源的metric小的下一跳
9、L,負載均衡
10、O,建立時間更久的EBGP鄰居
11、R,更小的RID
12、C,更短的Cluster-list
13、優選來自用最低地址建立BGP 連接的鄰居的路由條目
最重要的,下一跳可達是選路的前提條件
11.7.2 BGP選路實驗拓撲描述
IP地址說明,比如R2上連接R3的地址為23.1.1.2/24,以此類推。用到的環回口如下:11.1.1.1/32
圖11-11 BGP選路原則拓撲
11.7.3 BGP選路原則實驗步驟
1、基本配置
在AS100內已經完成igp,本例采用eigrp(請勿采用OSPF,否則會影響後邊的配置)。基本配置省略,完成eigrp鄰居即可(請勿通告R1和R3的直連以及R2和R3的直連)。給出R1和R2的基本配置
R1:
router eigrp 90
network 11.1.1.1 0.0.0.0
network 12.1.1.1 0.0.0.0
no auto-summary
R2:
router eigrp 90
network 12.1.1.2 0.0.0.0
no auto-summary
驗證:
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 90
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 12.1.1.2 Fa0/0 11 00:12:19 104 624 0 7
基本的BGP配置已經完成
R1:
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 13.1.1.3 remote-as 200
neighbor 22.1.1.1 remote-as 100
neighbor 22.1.1.1 update-source Loopback0
neighbor 22.1.1.1 next-hop-self
no auto-summary
R2:
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 11.1.1.1 remote-as 100
neighbor 11.1.1.1 update-source Loopback0
neighbor 11.1.1.1 next-hop-self
neighbor 23.1.1.3 remote-as 200
no auto-summary
R3:
router bgp 200
no synchronization
bgp log-neighbor-changes
network 3.3.3.3 mask 255.255.255.255---需要說明的是,R3通告了環回口0和環回口1(3.3.3.3)
network 33.1.1.1 mask 255.255.255.255
neighbor 13.1.1.1 remote-as 100
neighbor 23.1.1.2 remote-as 100
no auto-summary
驗證:
R1#show ip bgp summary ---驗證鄰居狀態
BGP router identifier 11.1.1.1, local AS number 100
BGP table version is 3, main routing table version 3
2 network entries using 264 bytes of memory
4 path entries using 208 bytes of memory
3/1 BGP path/bestpath attribute entries using 444 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 972 total bytes of memory
BGP activity 2/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
13.1.1.3 4 200 6 5 3 0 0 00:02:18 2
22.1.1.1 4 100 6 6 3 0 0 00:02:26 2
R1#show ip bgp ---驗證收到的路由
BGP table version is 3, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 0 200 i
- i 22.1.1.1 0 100 0 200 i
*> 33.1.1.1/32 13.1.1.3 0 0 200 i -
i 22.1.1.1 0 100 0 200 i
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [20/0] via 13.1.1.3, 00:07:00
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [20/0] via 13.1.1.3, 00:07:002、使用weight值來幹預bgp選路
BGP優選有最大Weight的BGP條目,weight是Cisco私有的參數,路由器配置了weight後只在本地生效。 缺省情況下,通過本路由器宣告、重分布或者匯總的路由的weight為32768,從BGP鄰居學習到的路由的weight為0
首先我們針對鄰居,修改來自鄰居的所有路由的權重值,增大來自R2的所有路由,使得R1優選R2作為下一跳
R1(config-router)#neighbor 22.1.1.1 weight 1
驗證:
R1#show ip bgp
BGP table version is 5, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- 3.3.3.3/32 13.1.1.3 0 0 200 i
*>i 22.1.1.1 0 100 1 200 i -
33.1.1.1/32 13.1.1.3 0 0 200 i
>i 22.1.1.1 0 100 1 200 i
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:01:01
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [200/0] via 22.1.1.1, 00:01:01
所有路由都選擇了R2作為下一跳
但這種效果是針對所有路由的,如果想明細的來幹預選路,我們需要用到route-map這個工具。如下例
R1:
ip prefix-list 1 seq 5 permit 3.3.3.3/32---匹配3.3.3.3的路由
route-map Weight permit 10
match ip address prefix-list 1
set weight 2---針對該路由配置權重值為2,即優於來自R2的路由。請註意該route-map是存在問題的,我們後邊觀察
router bgp 100
neighbor 13.1.1.3 route-map Weight in---在入方向調用route-map.需要說明的是如果在out方向調用,無效,而且會報錯
驗證:
R1#clear ip bgp so---一定記得重新刷新BGP的屬性,尤其是ebgp由於更新時間更長,越需要如此
R1#show ip bgp
BGP table version is 6, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 2 200 i -
i 22.1.1.1 0 100 1 200 i
>i33.1.1.1/32 22.1.1.1 0 100 1 200 i
3.3.3.3的路由由於權重值為2已經優選R3
但是,我們發現33.1.1.1的路由只有一個下一跳
這是我們前邊提到的問題。Route-map不僅僅可以設置bgp的屬性,當匹配了前綴列表或者ACL的時候一定要考慮其他的路由是否還需要收取。比如我們的配置,R1還需要收取來自R3的其他路由條目(3.3.3.3)
我們來做修改:
R1(config)#route-map Weight permit 20---只需要增加一個序列號,行為是permit,那麽匹配條件為任意
驗證:
R1#show ip bgp
BGP table version is 6, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 2 200 i - i 22.1.1.1 0 100 1 200 i
-
33.1.1.1/32 13.1.1.3 0 0 200 i
*>i 22.1.1.1 0 100 1 200 i
該路由也可以從R3得到,這樣會具備一定的冗余性,當R2失效,還可以選擇R3作為下一跳。同時該路由33.1.1.1依舊優選R2
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:14:39
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [20/0] via 13.1.1.3, 00:10:23
查看路由可知,兩條路由具備一定的冗余3、修改本地優先級幹預路由選擇
BGP條目的缺省local preference值為100. local preference值在IBGP鄰居之間傳遞,在EBGP鄰居之間不能傳遞,對於從EBGP鄰居學習到的BGP條目,local preference值為100,這個值可以通過命令bgp default local-preference修改
可以修改從IBGP鄰居和EBGP鄰居學習來的BGP條目的local preference值.可以修改發給IBGP 鄰居的 BGP 條目的local preference 值
請自行去掉之前的權重值的配置
本部分針對R1的小需求:33.1.1.1選擇R2作為下一跳;3.3.3.3選擇R3作為下一跳
第一步,我們可以在R2配置默認的權重值大於100,該權重值會更新給ibgp鄰居,那麽此時R1將把所有路由的下一跳指向R2
R2(config-router)#bgp default local-preference 101
驗證:
R1#show ip bgp
BGP table version is 10, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- 3.3.3.3/32 13.1.1.3 0 0 200 i
*>i 22.1.1.1 0 101 0 200 i - 33.1.1.1/32 13.1.1.3 0 0 200 i
*>i 22.1.1.1 0 101 0 200 i
如上驗證,來自22.1.1.1的本地優先級都改為了101,並且優選R2.需要說明的是來自13.1.1.3的路由因為是ebgp所以並不顯示為100,但是存在該值的,如下驗證:
R1#show ip bgp 33.1.1.1
BGP routing table entry for 33.1.1.1/32, version 10
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x940
Advertised to update-groups:
2
200
13.1.1.3 from 13.1.1.3 (33.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external
200
22.1.1.1 (metric 156160) from 22.1.1.1 (22.1.1.1)
Origin IGP, metric 0, localpref 101, valid, internal, best
第二步,針對3.3.3.3的路由通過route-map配置本地優先級大於101,則優選R3
ip prefix-list 1 seq 5 permit 3.3.3.3/32
!
route-map Localpre permit 10
match ip address prefix-list 1
set local-preference 102---設置本地優先級,同時不要忘記其他路由的處理
route-map Localpre permit 20
!
router bgp 100
neighbor 13.1.1.3 route-map Localpre in---在bgp中調用route-map
驗證:
R1#show ip bgp
BGP table version is 11, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 102 0 200 i
-
33.1.1.1/32 13.1.1.3 0 0 200 i
*>i 22.1.1.1 0 101 0 200 i
3.3.3.3的路由本地優先級已經改為102.
需要說明的是該路由屬性會更新給R2,那麽R2會選擇R1作為下一跳,將導致R2不在把該路由更新回給r1,所以R1只看到一個下一跳
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:06:35
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [20/0] via 13.1.1.3, 00:02:174、在前兩條原則不能優選時,優選本地產生的路由
本地起源路由的方式有很多中,比如通告、匯聚以及重分布等等。但是為了排除本地生成的路由默認權重為32768這個前提,我們需要在產生路由時把weight設置為0
在R1和R2演示該情況。請自行去掉之前本地優先級的配置
R2的環回口22.1.1.1在本地通告是weight設置為0
route-map Conn permit 10
set weight 0---在route-map中設置權重值為0
!
router bgp 100
network 22.1.1.1 mask 255.255.255.255 route-map Conn---通告路由時調用
該路由通告到了igp中,那麽R1會通過eigrp得到,此時只要得到路由就可以在bgp中通告
router bgp 100
network 22.1.1.1 m 255.255.255.255
驗證R2的情況:
R2#show ip bgp
BGP table version is 11, local router ID is 22.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*>i3.3.3.3/32 11.1.1.1 0 102 0 200 i - 23.1.1.3 0 0 200 i
- I 22.1.1.1/32 11.1.1.1 156160 100 0 i
*> 0.0.0.0 0 0 i -
i33.1.1.1/32 11.1.1.1 0 100 0 200 i
*> 23.1.1.3 0 0 200 i
R2#show ip bgp 22.1.1.1
BGP routing table entry for 22.1.1.1/32, version 13
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x800
Advertised to update-groups:
1 2
Local
11.1.1.1 (metric 156160) from 11.1.1.1 (11.1.1.1)
Origin IGP, metric 156160, localpref 100, valid, internal
Local
0.0.0.0 from 0.0.0.0 (22.1.1.1)
Origin IGP, metric 0, localpref 100, valid, sourced, local, best
22.1.1.1這條路由R2既從R1得到,也在本地產生。前兩條原則權重值都為0,本地優先級都為100,那麽R2優選了本地產生的路由5、在前三條原則不能優選時,通過AS-PATH幹預選路
在配置此步驟之前,請去掉之前的配置
此部分小需求:R1,去往33.1.1.1選擇R2作為下一跳;3.3.3.3選擇R3作為下一跳
對於AS-path這個屬性,通常不能減少AS的長度(除非移除私有的AS號碼),因為這樣會幹擾到選路以及不能得到路由經過的路徑,但是可以在本地增加AS-path的長度
access-list 33 permit 33.1.1.1---用ACL匹配路由
!
route-map ASPATH permit 10
match ip address 33
set as-path prepend 200 200---增加AS的長度,而且是增加到原本的AS之前
route-map ASPATH permit 20---因為匹配了ACL,而且其他路由還要從R3收取,所以要做此操作
!
router bgp 100
neighbor 13.1.1.3 route-map ASPATH in---在bgp中針對鄰居調用在in方向
驗證:
R1#show ip bgp
BGP table version is 5, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 22.1.1.1 0 100 0 200 i
> 13.1.1.3 0 0 200 i
> 22.1.1.1/32 12.1.1.2 156160 32768 i
*>i33.1.1.1/32 22.1.1.1 0 100 0 200 i -
13.1.1.3 0 0 200 200 200
來自R3的AS-path變長了,所以不再優選該設備
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:03:39
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [20/0] via 13.1.1.3, 00:50:10
實驗效果已經完成
在此處我們還有一條隱含命令可以用於忽略掉BGP的AS-PATH的選路原則
router bgp 100
no synchronization
bgp log-neighbor-changes
bgp bestpath as-path ignore
此時不會通過第四條原則來選路
驗證:
R1#show ip bgp
BGP table version is 4, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 0 200 i - i 22.1.1.1 0 100 0 200 i
> 22.1.1.1/32 12.1.1.2 156160 32768 i
> 33.1.1.1/32 13.1.1.3 0 0 200 200 200 i -
i 22.1.1.1 0 100 0 200 i
即使來自13.1.1.3的路由AS-PATH更長也不會選擇它6、前四條原則無法優選路由時,通過起源代碼幹預選路
當一條路由生成時會攜帶一個起源的code,i---igp(通告、aggregate),e---egp(已經不存在),?---incomplete(重分布產生的路由)。優選順序是i優於e由於?.需要說明的是e已經不在使用,但是ios保留了該code
小需求:33.1.1.1選擇R2作為下一跳
access-list 33 permit 33.1.1.1---用ACL匹配路由
!
route-map ORIGIN permit 10
match ip address 33
set origin incomplete---在route-map中設置起源代碼為?
route-map ORIGIN permit 20
!
router bgp 100
neighbor 13.1.1.3 route-map ORIGIN in---bgp中針對鄰居調用
驗證:
R1#show ip bgp
BGP table version is 5, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 0 200 i - i 22.1.1.1 0 100 0 200 i
*> 22.1.1.1/32 12.1.1.2 156160 32768 i -
33.1.1.1/32 13.1.1.3 0 0 200 ?
*>i 22.1.1.1 0 100 0 200 i
來自R3的路由起源代碼變為?,前邊的選路選擇此時無效,而來自R2的起源代碼為I,所以優選了R2作為下一跳
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:01:24
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [20/0] via 13.1.1.3, 00:12:367、前五條原則無法優選路由時,通過MED進行幹預
在兩個AS 之間有多個EBGP 連接的情況下,MED 值用於影響從相鄰AS 到本AS 的路由選擇,即用於影響鄰居AS 到本AS 的流量從哪個接口進來,這是通過向相鄰AS的EBGP 鄰居發送具有不同MED 值的路由條目來實現的
請去掉之前幹預選路的配置
R3上針對33.1.1.1的路由通告給R1 MED為31,通告給R2 MED為32.那麽此時R1把metric通告給R2.R2會優選來自R1的路由(因為metric小於來自R3的mtric32)
access-list 33 permit 33.1.1.1
!
route-map 32 permit 10
match ip address 33
set metric 32
route-map 32 permit 20---不要忘記還要通告其他路由給R1,否則不會通告
!
route-map 31 permit 10
match ip address 33
set metric 31
route-map 31 permit 20
!
router bgp 200
no synchronization
bgp log-neighbor-changes
network 3.3.3.3 mask 255.255.255.255
network 33.1.1.1 mask 255.255.255.255
neighbor 13.1.1.1 remote-as 100
neighbor 13.1.1.1 route-map 31 out
neighbor 23.1.1.2 remote-as 100
neighbor 23.1.1.2 route-map 32 out---針對鄰居調用
no auto-summary
驗證:
R1#show ip bgp
BGP table version is 7, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 0 200 i -
i 22.1.1.1 0 100 0 200 i
> 22.1.1.1/32 12.1.1.2 156160 32768 i
> 33.1.1.1/32 13.1.1.3 31 0 200 i
R2#show ip bgp
BGP table version is 10, local router ID is 22.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 11.1.1.1 0 100 0 200 i
> 23.1.1.3 0 0 200 i
r>i22.1.1.1/32 11.1.1.1 156160 100 0 i
>i33.1.1.1/32 11.1.1.1 31 100 0 200 i -
23.1.1.3 32 0 200 i
R2#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/31] via 11.1.1.1, 00:03:59
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [20/0] via 23.1.1.3, 01:22:30
R2上針對不同路由具有不同的下一跳8、前六條原則無法優選路由時,來自EBGP的路由優選來自IBGP的路由
請去掉之前的MED配置
默認情況下R1和R2就是根據此條原則優選了來自R3的ebgp路由
R1#show ip bgp
BGP table version is 8, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 0 200 i - i 22.1.1.1 0 100 0 200 i
*> 22.1.1.1/32 12.1.1.2 156160 32768 i -
i33.1.1.1/32 22.1.1.1 0 100 0 200 i
> 13.1.1.3 0 0 200 i
R2#show ip bgp
BGP table version is 12, local router ID is 22.1.1.1
Status codes: s suppressed, d damped, h history, valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 11.1.1.1 0 100 0 200 i
*> 23.1.1.3 0 0 200 i
r>i22.1.1.1/32 11.1.1.1 156160 100 0 i -
i33.1.1.1/32 11.1.1.1 0 100 0 200 i
> 23.1.1.3 0 0 200 i
比如:
R1#show ip bgp 33.1.1.1
BGP routing table entry for 33.1.1.1/32, version 8
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x10960
Advertised to update-groups:
1
200
22.1.1.1 (metric 156160) from 22.1.1.1 (22.1.1.1)
Origin IGP, metric 0, localpref 100, valid, internal
200
13.1.1.3 from 13.1.1.3 (33.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external, best
默認情況下權重值為0,本地優先級都為100,都不是本地起源的路由,AS-PATH都是200,沒有配置MED,那麽此時ebgp優於iBGP
但是不得不說的是,並不是因為AD的原因(ebgp的AD為20,ibgp為200)
比如我們在R1做如下操作,以修改AD
R1(config-router)#distance bgp 200 20 20
第一個200為ebgp的AD,第一個20為來自ebgp的路由,第二個20為本地產生的路由的AD,默認等於ibgp的路由
為了加速收斂,可以
R1#clear ip bgp
驗證:
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 13.1.1.3, 00:00:11
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [200/0] via 13.1.1.3, 00:00:11
ebgp管理變為200,但請再查看下面命令,依舊優選ebgp路由
R1#show ip bgp
BGP table version is 4, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 0 200 i - i 22.1.1.1 0 100 0 200 i
> 22.1.1.1/32 12.1.1.2 156160 32768 i
> 33.1.1.1/32 13.1.1.3 0 0 200 i - i 22.1.1.1 0 100 0 200 i
請註意,我們幾乎沒有理由修改BGP的管理距離。請自行去掉distance命令9、前七條原則無法優選路由時,優選到達bgp下一跳(更新源)的metric較小的設備
圖11-12 BGP選錄原則續
從本步驟開始我們將使用圖11-12的邏輯拓撲
通過eigrp在AS 100完成底層,然後建立R4和R1以及R4和R1的鄰居關系。R4的f0/0地址為12.1.1.4,其他地址依舊采用老規矩
給出R1的基本配置:
Router bgp 100
neighbor 44.1.1.1 remote-as 100
neighbor 44.1.1.1 update-source Loopback0
neighbor 44.1.1.1 next-hop-self]
驗證鄰居關系:
R1#show ip bgp summary
BGP router identifier 11.1.1.1, local AS number 100
BGP table version is 6, main routing table version 6
4 network entries using 528 bytes of memory
6 path entries using 312 bytes of memory
5/3 BGP path/bestpath attribute entries using 740 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 3 (at peak 3) using 96 bytes of memory
BGP using 1700 total bytes of memory
BGP activity 10/6 prefixes, 17/11 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
13.1.1.3 4 200 169 175 6 0 0 00:43:23 2
22.1.1.1 4 100 150 222 6 0 0 00:43:24 2
44.1.1.1 4 100 4 5 6 0 0 00:00:38 1
查看R4的bgp路由
R4#show ip bgp
BGP table version is 6, local router ID is 44.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 22.1.1.1 0 100 0 200 i
*>i 11.1.1.1 0 100 0 200 i
r>i22.1.1.1/32 11.1.1.1 156160 100 0 i -
i33.1.1.1/32 22.1.1.1 0 100 0 200 i
>i 11.1.1.1 0 100 0 200 i
在BGP表中都選擇了R1作為下一跳
此時在igp路由表中,去往更新源11.1.1.1和22.1.1.1的metric相同。而根據前邊的選路原則是無法優選的。我們可以更改metric來達到幹預路由的目的
R4:
access-list 1 permit 11.1.1.1
!
router eigrp 90
offset-list 1 in 1 FastEthernet0/0---在入方向針對11.1.1.1的路由增加metric 1
驗證:
R4#show ip route eigrp
55.0.0.0/32 is subnetted, 1 subnets
D 55.1.1.1 [90/156160] via 45.1.1.5, 00:07:32, FastEthernet1/0
66.0.0.0/32 is subnetted, 1 subnets
D 66.1.1.1 [90/156160] via 46.1.1.6, 00:07:32, FastEthernet0/1
22.0.0.0/32 is subnetted, 1 subnets
D 22.1.1.1 [90/156160] via 12.1.1.2, 00:07:34, FastEthernet0/0
56.0.0.0/24 is subnetted, 1 subnets
D 56.1.1.0 [90/30720] via 46.1.1.6, 00:07:32, FastEthernet0/1
[90/30720] via 45.1.1.5, 00:07:32, FastEthernet1/0
11.0.0.0/32 is subnetted, 1 subnets
D 11.1.1.1 [90/156161] via 12.1.1.1, 00:01:08, FastEthernet0/0
R4到達下一跳11.1.1.1的metric大於去往22.1.1.1的metric
R4#show ip bgp
BGP table version is 8, local router ID is 44.1.1.1
Status codes: s suppressed, d damped, h history, valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*>i3.3.3.3/32 22.1.1.1 0 100 0 200 i - i 11.1.1.1 0 100 0 200 i
r>i22.1.1.1/32 11.1.1.1 156160 100 0 i
*>i33.1.1.1/32 22.1.1.1 0 100 0 200 i -
i 11.1.1.1 0 100 0 200 i
R4#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:01:42
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [200/0] via 22.1.1.1, 00:01:42
此時bgp已經優選了去往下一跳較小的設備
實驗完成,請去掉對eigrp的修改10、前八條原則無法優選路由時,可以使能bgp的負載均衡
Bgp的負載均衡分為ibgp的負載和ebgp的負載
比如33.1.1.1這條路由,我們分析:在R4上,默認情況下權重值為0,本地優先級都為100,都不是本地起源的路由,AS-PATH都是200,沒有配置MED,都是來自R1和R2的ibgp路由,此時metric也相同。就可以使能負載
R4(config-router)#maximum-paths ibgp 2
R4#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:00:12
[200/0] via 11.1.1.1, 00:02:23
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [200/0] via 22.1.1.1, 00:00:12
[200/0] via 11.1.1.1, 00:02:23
路由表負載,但是bgp表永遠只有一個最優:
R4#show ip bgp
BGP table version is 12, local router ID is 44.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 22.1.1.1 0 100 0 200 i
*>i 11.1.1.1 0 100 0 200 i
r>i22.1.1.1/32 11.1.1.1 156160 100 0 i - i33.1.1.1/32 22.1.1.1 0 100 0 200 i
*>i 11.1.1.1 0 100 0 200 i
接下來在R4通告其環回口44.1.1.1
那麽在R3也可以實現針對ebgp的負載(請自行分析前邊的選路原則)
R3(config-router)#maximum-paths 2
R3#show ip route bgp
22.0.0.0/32 is subnetted, 1 subnets
B 22.1.1.1 [20/0] via 23.1.1.2, 01:12:56
44.0.0.0/32 is subnetted, 1 subnets
B 44.1.1.1 [20/0] via 23.1.1.2, 00:00:14
[20/0] via 13.1.1.1, 00:30:39
請自行去掉負載的配置
11、前九條原則無法優選路由時,優選建立時間更久的ebgp鄰居的路由
Bgp認為建立時間越久越可靠。當從多個鄰居學到路由時,優選的路由會放到較下的一行,同時會優選
驗證:
R3#show ip bgp
BGP table version is 4, local router ID is 33.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
- 22.1.1.1/32 13.1.1.1 156160 0 100 i
*> 23.1.1.2 0 100 i - 44.1.1.1/32 13.1.1.1 0 100 i
*> 23.1.1.2 0 100 i
該路由優選了R2,那麽R2放到較下一行
R3#show ip bgp summary
BGP router identifier 33.1.1.1, local AS number 200
BGP table version is 6, main routing table version 6
4 network entries using 528 bytes of memory
6 path entries using 312 bytes of memory
4/2 BGP path/bestpath attribute entries using 592 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 1488 total bytes of memory
BGP activity 8/4 prefixes, 18/12 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
13.1.1.1 4 100 237 239 6 0 0 00:03:24 2
23.1.1.2 4 100 200 217 6 0 0 00:03:51 2
驗證時間,同R2建立的時間更久一些
R3#clear ip bgp 23.1.1.2---清掉和R2的鄰居關系
R3#show ip bgp
BGP table version is 9, local router ID is 33.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
> 3.3.3.3/32 0.0.0.0 0 32768 i
> 22.1.1.1/32 23.1.1.2 0 100 i
- 13.1.1.1 156160 0 100 i
*> 33.1.1.1/32 0.0.0.0 0 32768 i -
44.1.1.1/32 23.1.1.2 0 100 i
*> 13.1.1.1 0 100 i
此時優選了R1,而且放到較下一行12、前十條選錄原則無法優選路由時,優選router-id較小的設備
請去掉之前的選路的配置
查看R4
R4#show ip bgp
BGP table version is 20, local router ID is 44.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 22.1.1.1 0 100 0 200 i
*>i 11.1.1.1 0 100 0 200 i
r>i22.1.1.1/32 11.1.1.1 156160 100 0 i -
i33.1.1.1/32 22.1.1.1 0 100 0 200 i
>i 11.1.1.1 0 100 0 200 i
> 44.1.1.1/32 0.0.0.0 0 32768 i
3.3.3.3和33.1.1.1的路由都優選R1作為下一跳就是依據了RID,因為此時R1的RID較小。
R4#show ip bgp neighbors
BGP neighbor is 11.1.1.1, remote AS 100, internal link
BGP version 4, remote router ID 11.1.1.1
R4# show ip bgp neighbors 22.1.1.1
BGP neighbor is 22.1.1.1, remote AS 100, internal link
BGP version 4, remote router ID 22.1.1.1
我們該讓路由優選R2作為出口
R1(config)#router bgp 100
R1(config-router)#bgp router-id 22.1.1.2---RID大於R2的RID
驗證:
R4#show ip bgp
BGP table version is 23, local router ID is 44.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 11.1.1.1 0 100 0 200 i
*>i 22.1.1.1 0 100 0 200 i -
i33.1.1.1/32 11.1.1.1 0 100 0 200 i
>i 22.1.1.1 0 100 0 200 i
> 44.1.1.1/32 0.0.0.0 0 32768 i
現在優選R2作為下一跳13、優選擁有最短的cluster-list長度的路由
當一個路由器從多個RR收到相同BGP路由進行最優路徑選擇時,優選擁有最短的cluster-list長度的
RR關系: R4 為RR,client 分別為R1、R2、R5、R6;配置R6 為RR,client 為R5
R4:
router bgp 100
no synchronization
bgp log-neighbor-changes
network 44.1.1.1 mask 255.255.255.255
neighbor 11.1.1.1 remote-as 100
neighbor 11.1.1.1 update-source Loopback0
neighbor 22.1.1.1 remote-as 100
neighbor 22.1.1.1 update-source Loopback0
neighbor 55.1.1.1 remote-as 100
neighbor 55.1.1.1 update-source Loopback0
neighbor 55.1.1.1 route-reflector-client
neighbor 66.1.1.1 remote-as 100
neighbor 66.1.1.1 update-source Loopback0
neighbor 66.1.1.1 route-reflector-client
R5:
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 44.1.1.1 remote-as 100
neighbor 44.1.1.1 update-source Loopback0
neighbor 66.1.1.1 remote-as 100
neighbor 66.1.1.1 update-source Loopback0
no auto-summary
R6:
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 44.1.1.1 remote-as 100
neighbor 44.1.1.1 update-source Loopback0
neighbor 55.1.1.1 remote-as 100
neighbor 55.1.1.1 update-source Loopback0
neighbor 55.1.1.1 route-reflector-client
no auto-summary
驗證:
R5#show ip bgp
BGP table version is 27, local router ID is 55.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 22.1.1.1 0 100 0 200 i
*>i 22.1.1.1 0 100 0 200 i
r i22.1.1.1/32 11.1.1.1 156160 100 0 i
r>i 11.1.1.1 156160 100 0 i - i33.1.1.1/32 22.1.1.1 0 100 0 200 i
*>i 22.1.1.1 0 100 0 200 i
r i44.1.1.1/32 44.1.1.1 0 100 0 i
r>i 44.1.1.1 0 100 0 i
R5#show ip bgp 3.3.3.3
BGP routing table entry for 3.3.3.3/32, version 23
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Not advertised to any peer
200
22.1.1.1 (metric 158720) from 66.1.1.1 (66.1.1.1)
Origin IGP, metric 0, localpref 100, valid, internal
Originator: 22.1.1.1, Cluster list: 66.1.1.1, 44.1.1.1
200
22.1.1.1 (metric 158720) from 44.1.1.1 (44.1.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 22.1.1.1, Cluster list: 44.1.1.1
查看明細路由可以看到R5選擇了R4作為下一跳,而沒有選擇簇ID較長的R6。
R5#show ip cef 3.3.3.3 detail
3.3.3.3/32, epoch 0
recursive via 22.1.1.1
nexthop 45.1.1.4 FastEthernet0/0
最後一條選路原則:
優選來自用最低地址建立BGP 連接的鄰居的路由條目。註意這個地址是建立鄰居用的IP 地址, 不是接口IP 地址。
實驗完成
BGP選路13條原則全實戰,一條條幫你梳理支撐整個互聯網的選路原則