BGP选路原则实验
11.7.1 BGP选路原则理论
BGP不是简单的通过metric来选路最优的路由
所有的路径属性归为一下四类:
? 周知强制属性
? 周知自选属性
? 可选传递性属性
? 可选非传递属性
以上属性分为两类,首先,周知属性,即所有BGP实现都必须能识别这些属性;其次是可选属性,即并不要求bgp实现支持这些属性
如果可选属性是传递的,那么bgp进程应该接收该属性中包含的路径(即使不支持),并将路径传递给邻居
如果可选属性是非传递的,那么无法识别该属性的bgp进程忽略update消息中包含的属性,并不传递给邻居
从记忆和应用角度来讲通常我们不会把过多的精力放到以上四类属性的分类。恰恰我们将采用一种“邪恶”的角度去记忆BGP的13条选路原则:
世界恋爱组织亚洲办公室;纪念碑;半兽人
分别对应的英文单词为:
1、W(world) Weight
2、L(love)local preference,本地优先级
3、O(organization)Sourced,本地起源
4、A(asia)AS-PATH
5、O(Office)Origin,起源代码
6、M,MED,多出口分离器
7、E,EBGP优于IBGP
8、M,到达更新源的metric小的下一跳
9、L,负载均衡
10、O,建立时间更久的EBGP邻居
11、R,更小的RID
12、C,更短的Cluster-list
13、优选来自用最低地址建立BGP 连接的邻居的路由条目
最重要的,下一跳可达是选路的前提条件
11.7.2 BGP选路实验拓扑描述
IP地址说明,比如R2上连接R3的地址为23.1.1.2/24,以此类推。用到的环回口如下:11.1.1.1/32
图11-11 BGP选路原则拓扑
11.7.3 BGP选路原则实验步骤
1、基本配置
在AS100内已经完成igp,本例采用eigrp(请勿采用OSPF,否则会影响后边的配置)。基本配置省略,完成eigrp邻居即可(请勿通告R1和R3的直连以及R2和R3的直连)。给出R1和R2的基本配置
R1:
router eigrp 90
network 11.1.1.1 0.0.0.0
network 12.1.1.1 0.0.0.0
no auto-summary
R2:
router eigrp 90
network 12.1.1.2 0.0.0.0
network 22.1.1.1 0.0.0.0
no auto-summary
验证:
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 90
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 12.1.1.2 Fa0/0 11 00:12:19 104 624 0 7
基本的BGP配置已经完成
R1:
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 13.1.1.3 remote-as 200
neighbor 22.1.1.1 remote-as 100
neighbor 22.1.1.1 update-source Loopback0
neighbor 22.1.1.1 next-hop-self
no auto-summary
R2:
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 11.1.1.1 remote-as 100
neighbor 11.1.1.1 update-source Loopback0
neighbor 11.1.1.1 next-hop-self
neighbor 23.1.1.3 remote-as 200
no auto-summary
R3:
router bgp 200
no synchronization
bgp log-neighbor-changes
network 3.3.3.3 mask 255.255.255.255---需要说明的是,R3通告了环回口0和环回口1(3.3.3.3)
network 33.1.1.1 mask 255.255.255.255
neighbor 13.1.1.1 remote-as 100
neighbor 23.1.1.2 remote-as 100
no auto-summary
验证:
R1#show ip bgp summary ---验证邻居状态
BGP router identifier 11.1.1.1, local AS number 100
BGP table version is 3, main routing table version 3
2 network entries using 264 bytes of memory
4 path entries using 208 bytes of memory
3/1 BGP path/bestpath attribute entries using 444 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 972 total bytes of memory
BGP activity 2/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
13.1.1.3 4 200 6 5 3 0 0 00:02:18 2
22.1.1.1 4 100 6 6 3 0 0 00:02:26 2
R1#show ip bgp ---验证收到的路由
BGP table version is 3, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 0 200 i
- i 22.1.1.1 0 100 0 200 i
*> 33.1.1.1/32 13.1.1.3 0 0 200 i - i 22.1.1.1 0 100 0 200 i
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [20/0] via 13.1.1.3, 00:07:00
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [20/0] via 13.1.1.3, 00:07:00
2、使用weight值来干预bgp选路
BGP优选有最大Weight的BGP条目,weight是Cisco私有的参数,路由器配置了weight后只在本地生效。 缺省情况下,通过本路由器宣告、重分布或者汇总的路由的weight为32768,从BGP邻居学习到的路由的weight为0
首先我们针对邻居,修改来自邻居的所有路由的权重值,增大来自R2的所有路由,使得R1优选R2作为下一跳
R1(config-router)#neighbor 22.1.1.1 weight 1
验证:
R1#show ip bgp
BGP table version is 5, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- 3.3.3.3/32 13.1.1.3 0 0 200 i
*>i 22.1.1.1 0 100 1 200 i - 33.1.1.1/32 13.1.1.3 0 0 200 i
>i 22.1.1.1 0 100 1 200 i
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:01:01
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [200/0] via 22.1.1.1, 00:01:01
所有路由都选择了R2作为下一跳
但这种效果是针对所有路由的,如果想明细的来干预选路,我们需要用到route-map这个工具。如下例
R1:
ip prefix-list 1 seq 5 permit 3.3.3.3/32---匹配3.3.3.3的路由
route-map Weight permit 10
match ip address prefix-list 1
set weight 2---针对该路由配置权重值为2,即优于来自R2的路由。请注意该route-map是存在问题的,我们后边观察
router bgp 100
neighbor 13.1.1.3 route-map Weight in---在入方向调用route-map.需要说明的是如果在out方向调用,无效,而且会报错
验证:
R1#clear ip bgp so---一定记得重新刷新BGP的属性,尤其是ebgp由于更新时间更长,越需要如此
R1#show ip bgp
BGP table version is 6, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 2 200 i - i 22.1.1.1 0 100 1 200 i
>i33.1.1.1/32 22.1.1.1 0 100 1 200 i
3.3.3.3的路由由于权重值为2已经优选R3
但是,我们发现33.1.1.1的路由只有一个下一跳
这是我们前边提到的问题。Route-map不仅仅可以设置bgp的属性,当匹配了前缀列表或者ACL的时候一定要考虑其他的路由是否还需要收取。比如我们的配置,R1还需要收取来自R3的其他路由条目(3.3.3.3)
我们来做修改:
R1(config)#route-map Weight permit 20---只需要增加一个序列号,行为是permit,那么匹配条件为任意
验证:
R1#show ip bgp
BGP table version is 6, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 2 200 i - i 22.1.1.1 0 100 1 200 i
- 33.1.1.1/32 13.1.1.3 0 0 200 i
*>i 22.1.1.1 0 100 1 200 i
该路由也可以从R3得到,这样会具备一定的冗余性,当R2失效,还可以选择R3作为下一跳。同时该路由33.1.1.1依旧优选R2
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:14:39
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [20/0] via 13.1.1.3, 00:10:23
查看路由可知,两条路由具备一定的冗余
3、修改本地优先级干预路由选择
BGP条目的缺省local preference值为100. local preference值在IBGP邻居之间传递,在EBGP邻居之间不能传递,对于从EBGP邻居学习到的BGP条目,local preference值为100,这个值可以通过命令bgp default local-preference修改
可以修改从IBGP邻居和EBGP邻居学习来的BGP条目的local preference值.可以修改发给IBGP 邻居的 BGP 条目的local preference 值
请自行去掉之前的权重值的配置
本部分针对R1的小需求:33.1.1.1选择R2作为下一跳;3.3.3.3选择R3作为下一跳
第一步,我们可以在R2配置默认的权重值大于100,该权重值会更新给ibgp邻居,那么此时R1将把所有路由的下一跳指向R2
R2(config-router)#bgp default local-preference 101
验证:
R1#show ip bgp
BGP table version is 10, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- 3.3.3.3/32 13.1.1.3 0 0 200 i
*>i 22.1.1.1 0 101 0 200 i - 33.1.1.1/32 13.1.1.3 0 0 200 i
*>i 22.1.1.1 0 101 0 200 i
如上验证,来自22.1.1.1的本地优先级都改为了101,并且优选R2.需要说明的是来自13.1.1.3的路由因为是ebgp所以并不显示为100,但是存在该值的,如下验证:
R1#show ip bgp 33.1.1.1
BGP routing table entry for 33.1.1.1/32, version 10
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x940
Advertised to update-groups:
2
200
13.1.1.3 from 13.1.1.3 (33.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external
200
22.1.1.1 (metric 156160) from 22.1.1.1 (22.1.1.1)
Origin IGP, metric 0, localpref 101, valid, internal, best
第二步,针对3.3.3.3的路由通过route-map配置本地优先级大于101,则优选R3
ip prefix-list 1 seq 5 permit 3.3.3.3/32
!
route-map Localpre permit 10
match ip address prefix-list 1
set local-preference 102---设置本地优先级,同时不要忘记其他路由的处理
route-map Localpre permit 20
!
router bgp 100
neighbor 13.1.1.3 route-map Localpre in---在bgp中调用route-map
验证:
R1#show ip bgp
BGP table version is 11, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 102 0 200 i
- 33.1.1.1/32 13.1.1.3 0 0 200 i
*>i 22.1.1.1 0 101 0 200 i
3.3.3.3的路由本地优先级已经改为102.
需要说明的是该路由属性会更新给R2,那么R2会选择R1作为下一跳,将导致R2不在把该路由更新回给r1,所以R1只看到一个下一跳
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:06:35
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [20/0] via 13.1.1.3, 00:02:174、在前两条原则不能优选时,优选本地产生的路由
本地起源路由的方式有很多中,比如通告、汇聚以及重分布等等。但是为了排除本地生成的路由默认权重为32768这个前提,我们需要在产生路由时把weight设置为0
在R1和R2演示该情况。请自行去掉之前本地优先级的配置
R2的环回口22.1.1.1在本地通告是weight设置为0
route-map Conn permit 10
set weight 0---在route-map中设置权重值为0
!
router bgp 100
network 22.1.1.1 mask 255.255.255.255 route-map Conn---通告路由时调用
该路由通告到了igp中,那么R1会通过eigrp得到,此时只要得到路由就可以在bgp中通告
router bgp 100
network 22.1.1.1 m 255.255.255.255
验证R2的情况:
R2#show ip bgp
BGP table version is 11, local router ID is 22.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*>i3.3.3.3/32 11.1.1.1 0 102 0 200 i - 23.1.1.3 0 0 200 i
- I 22.1.1.1/32 11.1.1.1 156160 100 0 i
*> 0.0.0.0 0 0 i - i33.1.1.1/32 11.1.1.1 0 100 0 200 i
*> 23.1.1.3 0 0 200 i
R2#show ip bgp 22.1.1.1
BGP routing table entry for 22.1.1.1/32, version 13
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x800
Advertised to update-groups:
1 2
Local
11.1.1.1 (metric 156160) from 11.1.1.1 (11.1.1.1)
Origin IGP, metric 156160, localpref 100, valid, internal
Local
0.0.0.0 from 0.0.0.0 (22.1.1.1)
Origin IGP, metric 0, localpref 100, valid, sourced, local, best
22.1.1.1这条路由R2既从R1得到,也在本地产生。前两条原则权重值都为0,本地优先级都为100,那么R2优选了本地产生的路由
5、在前三条原则不能优选时,通过AS-PATH干预选路
在配置此步骤之前,请去掉之前的配置
此部分小需求:R1,去往33.1.1.1选择R2作为下一跳;3.3.3.3选择R3作为下一跳
对于AS-path这个属性,通常不能减少AS的长度(除非移除私有的AS号码),因为这样会干扰到选路以及不能得到路由经过的路径,但是可以在本地增加AS-path的长度
access-list 33 permit 33.1.1.1---用ACL匹配路由
!
route-map ASPATH permit 10
match ip address 33
set as-path prepend 200 200---增加AS的长度,而且是增加到原本的AS之前
route-map ASPATH permit 20---因为匹配了ACL,而且其他路由还要从R3收取,所以要做此操作
!
router bgp 100
neighbor 13.1.1.3 route-map ASPATH in---在bgp中针对邻居调用在in方向
验证:
R1#show ip bgp
BGP table version is 5, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 22.1.1.1 0 100 0 200 i
> 13.1.1.3 0 0 200 i
> 22.1.1.1/32 12.1.1.2 156160 32768 i
*>i33.1.1.1/32 22.1.1.1 0 100 0 200 i - 13.1.1.3 0 0 200 200 200
来自R3的AS-path变长了,所以不再优选该设备
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:03:39
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [20/0] via 13.1.1.3, 00:50:10
实验效果已经完成
在此处我们还有一条隐含命令可以用于忽略掉BGP的AS-PATH的选路原则
router bgp 100
no synchronization
bgp log-neighbor-changes
bgp bestpath as-path ignore
此时不会通过第四条原则来选路
验证:
R1#show ip bgp
BGP table version is 4, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 0 200 i - i 22.1.1.1 0 100 0 200 i
> 22.1.1.1/32 12.1.1.2 156160 32768 i
> 33.1.1.1/32 13.1.1.3 0 0 200 200 200 i - i 22.1.1.1 0 100 0 200 i
即使来自13.1.1.3的路由AS-PATH更长也不会选择它
6、前四条原则无法优选路由时,通过起源代码干预选路
当一条路由生成时会携带一个起源的code,i---igp(通告、aggregate),e---egp(已经不存在),?---incomplete(重分布产生的路由)。优选顺序是i优于e由于?.需要说明的是e已经不在使用,但是ios保留了该code
小需求:33.1.1.1选择R2作为下一跳
access-list 33 permit 33.1.1.1---用ACL匹配路由
!
route-map ORIGIN permit 10
match ip address 33
set origin incomplete---在route-map中设置起源代码为?
route-map ORIGIN permit 20
!
router bgp 100
neighbor 13.1.1.3 route-map ORIGIN in---bgp中针对邻居调用
验证:
R1#show ip bgp
BGP table version is 5, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 0 200 i - i 22.1.1.1 0 100 0 200 i
*> 22.1.1.1/32 12.1.1.2 156160 32768 i - 33.1.1.1/32 13.1.1.3 0 0 200 ?
*>i 22.1.1.1 0 100 0 200 i
来自R3的路由起源代码变为?,前边的选路选择此时无效,而来自R2的起源代码为I,所以优选了R2作为下一跳
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:01:24
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [20/0] via 13.1.1.3, 00:12:36
7、前五条原则无法优选路由时,通过MED进行干预
在两个AS 之间有多个EBGP 连接的情况下,MED 值用于影响从相邻AS 到本AS 的路由选择,即用于影响邻居AS 到本AS 的流量从哪个接口进来,这是通过向相邻AS的EBGP 邻居发送具有不同MED 值的路由条目来实现的
请去掉之前干预选路的配置
R3上针对33.1.1.1的路由通告给R1 MED为31,通告给R2 MED为32.那么此时R1把metric通告给R2.R2会优选来自R1的路由(因为metric小于来自R3的mtric32)
access-list 33 permit 33.1.1.1
!
route-map 32 permit 10
match ip address 33
set metric 32
route-map 32 permit 20---不要忘记还要通告其他路由给R1,否则不会通告
!
route-map 31 permit 10
match ip address 33
set metric 31
route-map 31 permit 20
!
router bgp 200
no synchronization
bgp log-neighbor-changes
network 3.3.3.3 mask 255.255.255.255
network 33.1.1.1 mask 255.255.255.255
neighbor 13.1.1.1 remote-as 100
neighbor 13.1.1.1 route-map 31 out
neighbor 23.1.1.2 remote-as 100
neighbor 23.1.1.2 route-map 32 out---针对邻居调用
no auto-summary
验证:
R1#show ip bgp
BGP table version is 7, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 0 200 i - i 22.1.1.1 0 100 0 200 i
> 22.1.1.1/32 12.1.1.2 156160 32768 i
> 33.1.1.1/32 13.1.1.3 31 0 200 i
R2#show ip bgp
BGP table version is 10, local router ID is 22.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 11.1.1.1 0 100 0 200 i
> 23.1.1.3 0 0 200 i
r>i22.1.1.1/32 11.1.1.1 156160 100 0 i
>i33.1.1.1/32 11.1.1.1 31 100 0 200 i - 23.1.1.3 32 0 200 i
R2#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/31] via 11.1.1.1, 00:03:59
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [20/0] via 23.1.1.3, 01:22:30
R2上针对不同路由具有不同的下一跳
8、前六条原则无法优选路由时,来自EBGP的路由优选来自IBGP的路由
请去掉之前的MED配置
默认情况下R1和R2就是根据此条原则优选了来自R3的ebgp路由
R1#show ip bgp
BGP table version is 8, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 0 200 i - i 22.1.1.1 0 100 0 200 i
*> 22.1.1.1/32 12.1.1.2 156160 32768 i - i33.1.1.1/32 22.1.1.1 0 100 0 200 i
> 13.1.1.3 0 0 200 i
R2#show ip bgp
BGP table version is 12, local router ID is 22.1.1.1
Status codes: s suppressed, d damped, h history, valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 11.1.1.1 0 100 0 200 i
*> 23.1.1.3 0 0 200 i
r>i22.1.1.1/32 11.1.1.1 156160 100 0 i - i33.1.1.1/32 11.1.1.1 0 100 0 200 i
> 23.1.1.3 0 0 200 i
比如:
R1#show ip bgp 33.1.1.1
BGP routing table entry for 33.1.1.1/32, version 8
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x10960
Advertised to update-groups:
1
200
22.1.1.1 (metric 156160) from 22.1.1.1 (22.1.1.1)
Origin IGP, metric 0, localpref 100, valid, internal
200
13.1.1.3 from 13.1.1.3 (33.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external, best
默认情况下权重值为0,本地优先级都为100,都不是本地起源的路由,AS-PATH都是200,没有配置MED,那么此时ebgp优于iBGP
但是不得不说的是,并不是因为AD的原因(ebgp的AD为20,ibgp为200)
比如我们在R1做如下操作,以修改AD
R1(config-router)#distance bgp 200 20 20
第一个200为ebgp的AD,第一个20为来自ebgp的路由,第二个20为本地产生的路由的AD,默认等于ibgp的路由
为了加速收敛,可以
R1#clear ip bgp
验证:
R1#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 13.1.1.3, 00:00:11
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [200/0] via 13.1.1.3, 00:00:11
ebgp管理变为200,但请再查看下面命令,依旧优选ebgp路由
R1#show ip bgp
BGP table version is 4, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 13.1.1.3 0 0 200 i - i 22.1.1.1 0 100 0 200 i
> 22.1.1.1/32 12.1.1.2 156160 32768 i
> 33.1.1.1/32 13.1.1.3 0 0 200 i - i 22.1.1.1 0 100 0 200 i
请注意,我们几乎没有理由修改BGP的管理距离。请自行去掉distance命令
9、前七条原则无法优选路由时,优选到达bgp下一跳(更新源)的metric较小的设备
图11-12 BGP选录原则续
从本步骤开始我们将使用图11-12的逻辑拓扑
通过eigrp在AS 100完成底层,然后建立R4和R1以及R4和R1的邻居关系。R4的f0/0地址为12.1.1.4,其他地址依旧采用老规矩
给出R1的基本配置:
Router bgp 100
neighbor 44.1.1.1 remote-as 100
neighbor 44.1.1.1 update-source Loopback0
neighbor 44.1.1.1 next-hop-self]
验证邻居关系:
R1#show ip bgp summary
BGP router identifier 11.1.1.1, local AS number 100
BGP table version is 6, main routing table version 6
4 network entries using 528 bytes of memory
6 path entries using 312 bytes of memory
5/3 BGP path/bestpath attribute entries using 740 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 3 (at peak 3) using 96 bytes of memory
BGP using 1700 total bytes of memory
BGP activity 10/6 prefixes, 17/11 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
13.1.1.3 4 200 169 175 6 0 0 00:43:23 2
22.1.1.1 4 100 150 222 6 0 0 00:43:24 2
44.1.1.1 4 100 4 5 6 0 0 00:00:38 1
查看R4的bgp路由
R4#show ip bgp
BGP table version is 6, local router ID is 44.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 22.1.1.1 0 100 0 200 i
*>i 11.1.1.1 0 100 0 200 i
r>i22.1.1.1/32 11.1.1.1 156160 100 0 i - i33.1.1.1/32 22.1.1.1 0 100 0 200 i
>i 11.1.1.1 0 100 0 200 i
在BGP表中都选择了R1作为下一跳
此时在igp路由表中,去往更新源11.1.1.1和22.1.1.1的metric相同。而根据前边的选路原则是无法优选的。我们可以更改metric来达到干预路由的目的
R4:
access-list 1 permit 11.1.1.1
!
router eigrp 90
offset-list 1 in 1 FastEthernet0/0---在入方向针对11.1.1.1的路由增加metric 1
验证:
R4#show ip route eigrp
55.0.0.0/32 is subnetted, 1 subnets
D 55.1.1.1 [90/156160] via 45.1.1.5, 00:07:32, FastEthernet1/0
66.0.0.0/32 is subnetted, 1 subnets
D 66.1.1.1 [90/156160] via 46.1.1.6, 00:07:32, FastEthernet0/1
22.0.0.0/32 is subnetted, 1 subnets
D 22.1.1.1 [90/156160] via 12.1.1.2, 00:07:34, FastEthernet0/0
56.0.0.0/24 is subnetted, 1 subnets
D 56.1.1.0 [90/30720] via 46.1.1.6, 00:07:32, FastEthernet0/1
[90/30720] via 45.1.1.5, 00:07:32, FastEthernet1/0
11.0.0.0/32 is subnetted, 1 subnets
D 11.1.1.1 [90/156161] via 12.1.1.1, 00:01:08, FastEthernet0/0
R4到达下一跳11.1.1.1的metric大于去往22.1.1.1的metric
R4#show ip bgp
BGP table version is 8, local router ID is 44.1.1.1
Status codes: s suppressed, d damped, h history, valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*>i3.3.3.3/32 22.1.1.1 0 100 0 200 i - i 11.1.1.1 0 100 0 200 i
r>i22.1.1.1/32 11.1.1.1 156160 100 0 i
*>i33.1.1.1/32 22.1.1.1 0 100 0 200 i - i 11.1.1.1 0 100 0 200 i
R4#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:01:42
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [200/0] via 22.1.1.1, 00:01:42
此时bgp已经优选了去往下一跳较小的设备
实验完成,请去掉对eigrp的修改
10、前八条原则无法优选路由时,可以使能bgp的负载均衡
Bgp的负载均衡分为ibgp的负载和ebgp的负载
比如33.1.1.1这条路由,我们分析:在R4上,默认情况下权重值为0,本地优先级都为100,都不是本地起源的路由,AS-PATH都是200,没有配置MED,都是来自R1和R2的ibgp路由,此时metric也相同。就可以使能负载
R4(config-router)#maximum-paths ibgp 2
R4#show ip route bgp
33.0.0.0/32 is subnetted, 1 subnets
B 33.1.1.1 [200/0] via 22.1.1.1, 00:00:12
[200/0] via 11.1.1.1, 00:02:23
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [200/0] via 22.1.1.1, 00:00:12
[200/0] via 11.1.1.1, 00:02:23
路由表负载,但是bgp表永远只有一个最优:
R4#show ip bgp
BGP table version is 12, local router ID is 44.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 22.1.1.1 0 100 0 200 i
*>i 11.1.1.1 0 100 0 200 i
r>i22.1.1.1/32 11.1.1.1 156160 100 0 i - i33.1.1.1/32 22.1.1.1 0 100 0 200 i
*>i 11.1.1.1 0 100 0 200 i
接下来在R4通告其环回口44.1.1.1
那么在R3也可以实现针对ebgp的负载(请自行分析前边的选路原则)
R3(config-router)#maximum-paths 2
R3#show ip route bgp
22.0.0.0/32 is subnetted, 1 subnets
B 22.1.1.1 [20/0] via 23.1.1.2, 01:12:56
44.0.0.0/32 is subnetted, 1 subnets
B 44.1.1.1 [20/0] via 23.1.1.2, 00:00:14
[20/0] via 13.1.1.1, 00:30:39
请自行去掉负载的配置
11、前九条原则无法优选路由时,优选建立时间更久的ebgp邻居的路由
Bgp认为建立时间越久越可靠。当从多个邻居学到路由时,优选的路由会放到较下的一行,同时会优选
验证:
R3#show ip bgp
BGP table version is 4, local router ID is 33.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
- 22.1.1.1/32 13.1.1.1 156160 0 100 i
*> 23.1.1.2 0 100 i - 44.1.1.1/32 13.1.1.1 0 100 i
*> 23.1.1.2 0 100 i
该路由优选了R2,那么R2放到较下一行
R3#show ip bgp summary
BGP router identifier 33.1.1.1, local AS number 200
BGP table version is 6, main routing table version 6
4 network entries using 528 bytes of memory
6 path entries using 312 bytes of memory
4/2 BGP path/bestpath attribute entries using 592 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 1488 total bytes of memory
BGP activity 8/4 prefixes, 18/12 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
13.1.1.1 4 100 237 239 6 0 0 00:03:24 2
23.1.1.2 4 100 200 217 6 0 0 00:03:51 2
验证时间,同R2建立的时间更久一些
R3#clear ip bgp 23.1.1.2---清掉和R2的邻居关系
R3#show ip bgp
BGP table version is 9, local router ID is 33.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
> 3.3.3.3/32 0.0.0.0 0 32768 i
> 22.1.1.1/32 23.1.1.2 0 100 i
- 13.1.1.1 156160 0 100 i
*> 33.1.1.1/32 0.0.0.0 0 32768 i - 44.1.1.1/32 23.1.1.2 0 100 i
*> 13.1.1.1 0 100 i
此时优选了R1,而且放到较下一行
12、前十条选录原则无法优选路由时,优选router-id较小的设备
请去掉之前的选路的配置
查看R4
R4#show ip bgp
BGP table version is 20, local router ID is 44.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 22.1.1.1 0 100 0 200 i
*>i 11.1.1.1 0 100 0 200 i
r>i22.1.1.1/32 11.1.1.1 156160 100 0 i - i33.1.1.1/32 22.1.1.1 0 100 0 200 i
>i 11.1.1.1 0 100 0 200 i
> 44.1.1.1/32 0.0.0.0 0 32768 i
3.3.3.3和33.1.1.1的路由都优选R1作为下一跳就是依据了RID,因为此时R1的RID较小。
R4#show ip bgp neighbors
BGP neighbor is 11.1.1.1, remote AS 100, internal link
BGP version 4, remote router ID 11.1.1.1
R4# show ip bgp neighbors 22.1.1.1
BGP neighbor is 22.1.1.1, remote AS 100, internal link
BGP version 4, remote router ID 22.1.1.1
我们该让路由优选R2作为出口
R1(config)#router bgp 100
R1(config-router)#bgp router-id 22.1.1.2---RID大于R2的RID
验证:
R4#show ip bgp
BGP table version is 23, local router ID is 44.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 11.1.1.1 0 100 0 200 i
*>i 22.1.1.1 0 100 0 200 i - i33.1.1.1/32 11.1.1.1 0 100 0 200 i
>i 22.1.1.1 0 100 0 200 i
> 44.1.1.1/32 0.0.0.0 0 32768 i
现在优选R2作为下一跳
13、优选拥有最短的cluster-list长度的路由
当一个路由器从多个RR收到相同BGP路由进行最优路径选择时,优选拥有最短的cluster-list长度的
RR关系: R4 为RR,client 分别为R1、R2、R5、R6;配置R6 为RR,client 为R5
R4:
router bgp 100
no synchronization
bgp log-neighbor-changes
network 44.1.1.1 mask 255.255.255.255
neighbor 11.1.1.1 remote-as 100
neighbor 11.1.1.1 update-source Loopback0
neighbor 22.1.1.1 remote-as 100
neighbor 22.1.1.1 update-source Loopback0
neighbor 55.1.1.1 remote-as 100
neighbor 55.1.1.1 update-source Loopback0
neighbor 55.1.1.1 route-reflector-client
neighbor 66.1.1.1 remote-as 100
neighbor 66.1.1.1 update-source Loopback0
neighbor 66.1.1.1 route-reflector-client
R5:
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 44.1.1.1 remote-as 100
neighbor 44.1.1.1 update-source Loopback0
neighbor 66.1.1.1 remote-as 100
neighbor 66.1.1.1 update-source Loopback0
no auto-summary
R6:
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 44.1.1.1 remote-as 100
neighbor 44.1.1.1 update-source Loopback0
neighbor 55.1.1.1 remote-as 100
neighbor 55.1.1.1 update-source Loopback0
neighbor 55.1.1.1 route-reflector-client
no auto-summary
验证:
R5#show ip bgp
BGP table version is 27, local router ID is 55.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
- i3.3.3.3/32 22.1.1.1 0 100 0 200 i
*>i 22.1.1.1 0 100 0 200 i
r i22.1.1.1/32 11.1.1.1 156160 100 0 i
r>i 11.1.1.1 156160 100 0 i - i33.1.1.1/32 22.1.1.1 0 100 0 200 i
*>i 22.1.1.1 0 100 0 200 i
r i44.1.1.1/32 44.1.1.1 0 100 0 i
r>i 44.1.1.1 0 100 0 i
R5#show ip bgp 3.3.3.3
BGP routing table entry for 3.3.3.3/32, version 23
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Not advertised to any peer
200
22.1.1.1 (metric 158720) from 66.1.1.1 (66.1.1.1)
Origin IGP, metric 0, localpref 100, valid, internal
Originator: 22.1.1.1, Cluster list: 66.1.1.1, 44.1.1.1
200
22.1.1.1 (metric 158720) from 44.1.1.1 (44.1.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 22.1.1.1, Cluster list: 44.1.1.1
查看明细路由可以看到R5选择了R4作为下一跳,而没有选择簇ID较长的R6。
R5#show ip cef 3.3.3.3 detail
3.3.3.3/32, epoch 0
recursive via 22.1.1.1
nexthop 45.1.1.4 FastEthernet0/0
最后一条选路原则:
优选来自用最低地址建立BGP 连接的邻居的路由条目。注意这个地址是建立邻居用的IP 地址, 不是接口IP 地址。
实验完成
原文地址:https://blog.51cto.com/enderjoe/2362252