ISP BGP 试验
试验文档下载 <下载后,把后缀名改为pdf>
http://down.51cto.com/data/2082454
1-BGP选路规则
发生选路的前提: 没有同步问题,下一条且可达!
1-1 MED
MED生成:
1:本地network方式生成的BGP条目,会带上IGP的metric。会传给所有邻居。
2:如果从IBGP邻居学习到一条BGP条目的metric为0或者其他值,缺省不会传给给EBGP邻居,显示为空
3:如果从EBGP邻居学习到的BGP条目的metric值传递给其他IBGP邻居,但不传给EBGP。
4 : 汇总方式生成的BGP条目,metric值为空
5 : 重分布方式生成的BGP条目,metric值为IGP的cost、metric、hop,汇总也会清除。
6:缺省情况下,空的metric当0看待
注意要点: A.只有在通过两条路径得到第一个AS(对等体)是同一个AS时才进行MED比较;任何子自治域的联盟系统都会被忽略。也就是说,只有在AS序列号中第一个AS号码一致时,才进行MED比较;任何联盟AS序列号(AS_CONFED_SEQUENCE)都会被忽略。
B.如果路由器上配置了 bgp always-compare-med,在全部的路径进行MED比较。但是这需要全体AS都同时启用这个功能,否则有可能发生路由环路。
C.如果路由器上配置了bgp bestpath med confed,将对所有只包括AS_CONFED_SEQUENCE的路径进行MED比较(即路径是起源于本地联盟)。
D.如果接收到的路径没有分配MED值,则将此路径分配为0,除非路由器上配置了bgp bestpath med missing-as-worst,将被看作MED值为4,294,967,295的路由将在注入到BGP路由选择表之前被改为4,294,967,294。
在通过前五条选路原则不能选出最优BGP条目的情况下,优选最低MED的BGP路由。
MED值的用途:在两个AS之间有多个BGP连接的情况下,MED值用于影响从相邻AS到本AS的路由选择,即用于影响邻居AS到本AS的流量从哪个接口进来,这是通过向相邻AS的EBGP邻居发送具有不同MED值的路由条目来实现的,但是需要注意选路过程的实现是相邻AS的路由器自身根据13条选路原则独立完成,MED值的的比较是前面的五条选路原则都不能选出最优的情况下才起作用。
只能在相邻的AS传递,一般在OUT方向做,影响入站的流量.
默认情况下R2 应该优选EBGP
<Step1: >R3 out方向做metric
R1#sh ip bgp
BGP table version is 9, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i33.33.33.0/24 12.1.1.2 500 100 0 200 I \\优选metric值小的
* 13.1.1.3 1000 0 200 i
<step2:> 分别在R1R2在in方向让AS path增加
这时,我们再来看下R2的BGP表:
R2#sh ip bgp
BGP table version is 3, local router ID is 23.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i3.3.3.0/24 12.1.1.1 500 100 0 10 200 i
*> 23.1.1.3 1000 0 20 200 i
\\从这边可以看出, 只要AS Path不一样,则metric 比较就失效了,优选了EBGP来的路由
<Step3>:R2(config-router)#bgp always-compare-med \\强制开启metric比较,建议AS内的所有设备都开启
R2#sh ip bgp
BGP table version is 2, local router ID is 23.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i3.3.3.0/24 12.1.1.1 500 100 0 10 200 I \\又开始比较 metric
* 23.1.1.3 1000 0 20 200 i
<Step4:>
我们在R2 上通告一条路由:
R2(config)#router bgp 100
R2(config-router)# net 22.1.1.0 mask 255.255.255.0
R3#sh ip bgp
BGP table version is 3, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 3.3.3.0/24 0.0.0.0 0 32768 i
* 22.1.1.0/24 13.1.1.1 0 100 i
*> 23.1.1.2 0 0 100 i
R3(config-router)#bgp bestpath med missing-as-worst \\默认收到没有分配metric的路由,让metric值改为4294967295
R3#sh ip bgp
BGP table version is 3, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 3.3.3.0/24 0.0.0.0 0 32768 i
* 22.1.1.0/24 13.1.1.1 4294967295 0 100 i
*> 23.1.1.2 0 0 100 i
1-2 优选从更近的BGP邻居学习到的路由
R1#sh run | se bgp
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 22.1.1.1 remote-as 100
neighbor 22.1.1.1 update-source Loopback0
neighbor 22.1.1.1 next-hop-self
neighbor 33.1.1.1 remote-as 200
neighbor 33.1.1.1 ebgp-multihop 255
neighbor 33.1.1.1 update-source Loopback0
no auto-summary
R2#sh run | se bgp
router bgp 100
no synchronization
bgp log-neighbor-changes
network 2.2.2.0 mask 255.255.255.0
neighbor 11.1.1.1 remote-as 100
neighbor 11.1.1.1 update-source Loopback0
neighbor 11.1.1.1 next-hop-self
neighbor 33.1.1.1 remote-as 200
neighbor 33.1.1.1 ebgp-multihop 255
neighbor 33.1.1.1 update-source Loopback0
no auto-summary
R3#sh run | se bgp
router bgp 200
no synchronization
bgp log-neighbor-changes
neighbor test peer-group
neighbor test remote-as 100
neighbor test ebgp-multihop 255
neighbor test update-source Loopback0
neighbor 11.1.1.1 peer-group test
neighbor 22.1.1.1 peer-group test
no auto-summary
R3#sh ip route ospf \\查看到两邻居的距离
22.0.0.0/32 is subnetted, 1 subnets
O 22.1.1.1 [110/2] via 23.1.1.2, 00:18:24, FastEthernet0/1
11.0.0.0/32 is subnetted, 1 subnets
O 11.1.1.1 [110/2] via 13.1.1.1, 00:18:34, FastEthernet0/0
R3#sh ip bgp 2.2.2.2
BGP routing table entry for 2.2.2.0/24, version 3
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
2
100
22.1.1.1 (metric 2) from 22.1.1.1 (22.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external
100
11.1.1.1 (metric 2) from 11.1.1.1 (11.1.1.1)
Origin IGP, localpref 100, valid, external, best \\这里的规则是EBGP谁老谁优先选出来的
我们现在把去往R1 11.1.1.1的metric改大
R1(config)#int lo 0
R1(config-if)#ip ospf cost 110
R3#sh ip bgp 2.2.2.2
BGP routing table entry for 2.2.2.0/24, version 7
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
Advertised to update-groups:
2
100
11.1.1.1 (metric 111) from 11.1.1.1 (11.1.1.1)
Origin IGP, localpref 100, valid, external
100
22.1.1.1 (metric 2) from 22.1.1.1 (22.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external, best
结论: 从此实验也可以得出一个结果。这条选路对EBGP邻居也是生效的,只是我们在用EBGP邻居关系之间很少跑动态路由协议罢了,没有动态路由协议,也就没有了度量值。 当然,对IBGP邻居肯定也是生效的
1-3 优选 EBGP 最老路由
一般情况下,先建立EBGP邻居,意味着先学习到BGP路由条目。但是,在一个路由器有多个EBGP邻居的情况下,对某一条路由而言, 并不一定先从先建立的EBGP邻居学习到。 在使能bgp bestpath compare-routerid命令后,跳过本条选路原则,拥有最小的router-ID的路由的将会被选为最优
一般来说这条选路原则就可以选出最优了EBGP路由条目的走向.
R3#sh ip bgp
R3#sh ip bgp
BGP table version is 2, local router ID is 33.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 2.2.2.0/24 13.1.1.1 0 100 i
*> 23.1.1.2 0 0 100 I \\看summary的时间 优先从R2
R3#sh ip bgp su
R3#sh ip bgp summary
BGP router identifier 33.1.1.1, local AS number 200
BGP table version is 2, main routing table version 2
1 network entries using 132 bytes of memory
2 path entries using 104 bytes of memory
3/1 BGP path/bestpath attribute entries using 504 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 796 total bytes of memory
BGP activity 1/0 prefixes, 2/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
13.1.1.1 4 100 14 14 2 0 0 00:11:34 1
23.1.1.2 4 100 14 14 2 0 0 00:11:26 1
R3(config-router)#nei 13.1.1.1 remote 100 shutdown
R3(config-router)#no nei 13.1.1.1 remote 100 shutdown
R3#sh ip bgp
BGP table version is 3, local router ID is 33.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 2.2.2.0/24 23.1.1.2 0 0 100 i
*> 13.1.1.1 0 100 i
1-4BGP选路综合训练
基本配置请关注我的百度网盘:
http://pan.baidu.com/s/1o65Q90u
R1 上面宣告1.1.1.1/24
R5#sh ip bgp
BGP table version is 2, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i1.1.1.1/32 2.2.2.2 0 100 0 100 i
*>i 2.2.2.2 0 100 0 100 i
R5#sh ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 2
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
Not advertised to any peer
100
2.2.2.2 (metric 3) from 4.4.4.4 (4.4.4.4)
Origin IGP, metric 0, localpref 100, valid, internal
Originator: 2.2.2.2, Cluster list: 4.4.4.4
100
2.2.2.2 (metric 3) from 3.3.3.3 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 2.2.2.2, Cluster list: 3.3.3.3
分析过程:
1)weight值均为0;
2)localpref均为100;
3)不是本地生成的路由;
4)AS-PATH一样长;
5)起源代码都是i;
6)MED值都是0;
7)第7条选路原则不符合,跳过;
8)建立BGP邻居的IGP开销都是一样的。
9)第9条选路原则不符合,跳过;
10)第10条选路原则不符合,跳过;
11)有RR的环境下,此时比较的originator-ID,均为2.2.2.2 <R2是路由1.1.1.1的起源者>; 12)cluster list长度都是1;
13)选择建立邻居用的最小IP地址为优,一个4.4.4.4,一个3.3.3.3 (优选小的)
如果我们把R3的环回口地址改大,33.33.33.33,重新建立起IBGP关系
R3#sh ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 123.1.1.3 YES manual up up
FastEthernet0/1 35.1.1.3 YES manual up up
Loopback0 33.33.33.33 YES manual up up
R5#sh ip bgp
BGP table version is 12, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i1.1.1.1/32 2.2.2.2 0 100 0 100 i
*>i 2.2.2.2 0 100 0 100 i
R5#sh ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 12
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Flag: 0x800
Not advertised to any peer
100
2.2.2.2(下一条跳地址) (metric 3度量值) from 4.4.4.4(BGP router-id) (4.4.4.4 RR ID)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 2.2.2.2, Cluster list: 4.4.4.4
100
2.2.2.2 (metric 3) from 33.33.33.33 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, internal
Originator: 2.2.2.2, Cluster list: 3.3.3.3
2-BGP高级部分
2-1路由发射器
RR 的反射规则如下: (1)如果路由是从非客户的IBGP 邻居学来的,则RR 只将它反射给客户; (2)如果路由是从客户学来的,RR 会将它反射给所有的非客户和客户(除了发起该路 由的客户); (3)如果路由是从EBGP 邻居学来的,RR 会将它反射给所有的非客户和客户。
按试验要求建立好IBGP/EBGP邻居关系
如果在R1宣告1.1.1.1,这条路由,只能能传到R3
R3#sh ip bgp neighbors 2.2.2.2
BGP neighbor is 2.2.2.2, remote AS 200, internal link
BGP version 4, remote router ID 22.1.1.1
BGP state = Established, up for 00:02:06
Last read 00:00:13, last write 00:00:14, hold time is 180, keepalive interval is 60 seconds
….
Route-Reflector Client \\证明R3是R2的RR
R3#sh ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 4
Paths: (1 available, best #1, table default)
Advertised to update-groups:
2
100, (Received from a RR-client) \\重客户端收到的路由条目
2.2.2.2 (metric 1) from 2.2.2.2 (22.1.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
如果配置R3为RR,R2,R4为他的client,此路由将会传递到R4,也不会传到R5,如要配置R5也为R3的client,就需要新增加一条BGP的连接。如果在一个大型的网络当中,有可能一个RR的负担就太重了,这时就可以用到层次化的RR。 如R4是R3的client,但同时也是一个RR,R5为R4的client。
R3(config-router)#nei 2.2.2.2 route-reflector-client
R3(config-router)#nei 4.4.4.4 route-reflector-client
R4(config-router)#nei 3.3.3.3 route-reflector-client
R4(config-router)#nei 5.5.5.5 route-reflector-client
R5#sh ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 2
Paths: (1 available, best #1, table default)
Not advertised to any peer
100
2.2.2.2 (下一条跳) (metric 3度量值) from 4.4.4.4(bgp router-id) (44.1.1.1 RR ID)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 22.1.1.1, Cluster list: 44.1.1.1, 33.1.1.1
2-2BGP联邦
理论简介:IBGP邻居并不把路由信息从一个IBGP邻居传播给另一个IBGP邻居。如果全互联,这将产生一个规模问题与费用问题。BGP联邦克服了IBGP引起的规模问题。把AS划分为多个子自治系统。但在联邦内部,仍然需要IBGP的full-mesh,或者在联邦内部使用RR。联邦之间的BGP连接就像一个EBGP对等体,但是它们交换路由信息的时候,就如在使用IBGP,同时保留了下一跳、度量、本地优先级等属性
具体配置信息我就不show了,可以到百度盘中去下载,直接看效果
我们在R1 上宣告1.1.1.1, R2修改默认的LP值
R1#sh run | se bgp
router bgp 100
no synchronization
bgp router-id 11.1.1.1
bgp log-neighbor-changes
network 1.1.1.1 mask 255.255.255.255
neighbor 12.1.1.2 remote-as 200
no auto-summary
R2(config)#router bgp 65001
R2(config-router)#bgp default local-preference 200
\\下一跳 (由于本试验中都敲了next-hop-self 所以下一跳会有所改变)、度量、本地优先级等属性,不会像一个真正的EBGP邻居关系一样被改变,所以用以上命令改一下local-preference值
R3#sh ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 3
Paths: (1 available, best #1, table default)
Advertised to update-groups:
2
(65001) 100
12.1.1.1 (metric 30720) from 23.1.1.2 (22.1.1.1)
Origin IGP, metric 0, localpref 200, valid, confed-external, best
R5#sh ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 3
Paths: (1 available, best #1, table default)
Advertised to update-groups:
2
(65002 65001) 100
3.3.3.3 (metric 158720) from 45.1.1.4 (44.1.1.1)
Origin IGP, metric 0, localpref 200, valid, confed-external, best
R5#sh ip bgp
BGP table version is 3, local router ID is 55.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 3.3.3.3 0 200 0 (65002 65001) 100 i
从以上输出可以发现,一些属性值被保存了下来,也就是说,联邦之间并不是一个真正的EBGP邻居关系,对属性值的处理是和IBGP邻居关系是一样的。然后将成员AS 加入到AS-PATH 中,并且用括号扩起来,但是并不将它们公布到联邦的范围以外。AS-PATH 中联邦的AS 号用于避免出现路由环路。而一个联邦小AS内部的防环,依然是用IBGP的防环机制。
R6#sh ip bgp
BGP table version is 2, local router ID is 66.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 56.1.1.5 0 200 100 i
//以上的as-path输出表明此条路由经历了二个AS,100和200.也就是说,联邦内部的子AS号,在传给一个真正的EBGP邻居的时候,是会被自动去掉的。联邦内的子AS号相对于外面的EBGP邻居是透明的。
2-3BGP团体属性Community
1.Community 主要用来控制路由的传播范围
2.社团属性,也叫共同体属性,是可选传递属性 ,“可选”:意味着并不是所有的路由器都能识别这个社团属性。
3.社团属性类似于tag标记,它允许路由器能够使用一个指示符来标记路由,并且允许其它路由器根据这个标记做出相应的决定,可以简化策略的执行。它是cisco的一个专有属性,现在在RFC1997中已被标准化。
4.一条路由可以设置多个社团属性,也就是说允许同时打上多个标记,还可以利用社团属性实现一些扩展的功能。比如在MPLS-VPN中的RT属性。
5.情况下社团属性不会传递给邻居,必须有以下命令才行 neighbor 1.1.1.1 send-community 社团属性只会传给指定的邻居,并只在此邻居上起效。 比如上例:就只传给1.1.1.1这一邻居,并只在它上面起效,默认不会再向后传
6.Community值可以自己定义,另外有几个已经定义好的团体属性:
NO_ADVERTISE: 携带该值的路由不能公布给EBGP和 IBGP邻居
NO_EXPORT: 携带该值的路由不能公布给任何真正的EBGP对等体 (联邦内AS的EBGP可以传递)
LOCAL_AS:携带该值的路由不能公告给任何EBGP对等体 (本小AS内部(联邦)传递)
Internet: 可以传递所有IBGP/EBGP邻居
延续用上面的试验
R1(config)#route-map com permit
R1(config-route-map)#mat ip add p 1
R1(config-route-map)#set community local-AS
R1(config-route-map)#exit
R1(config)#router bgp 100
R1(config-router)#neighbor 12.1.1.2 route-map com out
R1(config-router)#nei 12.1.1.2 send-community\\这条命令千万别忘了,重要
R1#clear ip bgp * soft out
R2#sh ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 4
Paths: (1 available, best #1, table default, not advertised outside local AS)
Advertised to update-groups:
3
100
12.1.1.1 from 12.1.1.1 (11.1.1.1)
Origin IGP, metric 0, localpref 200, valid, external, best
Community: local-AS
以上输出表明携带团体“local-AS”属性的条目“1.1.1.1/32”只传递给路由器R7,因为路由器R7 和R2 都在AS 65001 内,并没有传递给路由器R3,由此可见“local-AS”团体属性只能在本小AS 内传递。
R1(config)#route-map com permit 10
R1(config-route-map)#set community ?
<1-4294967295> community number
aa:nn community number in aa:nn format
additive Add to the existing community
internet Internet (well-known community)
local-AS Do not send outside local AS (well-known community)
no-advertise Do not advertise to any peer (well-known community)
no-export Do not export to next AS (well-known community)
none No community attribute
<cr>
R1(config-route-map)#set community no-advertise
R2#sh ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 6
Paths: (1 available, best #1, table default, not advertised to any peer)
Not advertised to any peer
100
12.1.1.1 from 12.1.1.1 (11.1.1.1)
Origin IGP, metric 0, localpref 200, valid, external, best
Community: no-advertise
但R3与R7 并没有收到1.1.1.1/24的路由
由此可见携带“no-advertise”团体属性的条目被收到后,将不通告给任何BGP 对等体。
R1(config-route-map)#set community no-export
R1(config-route-map)#end
R1#clear ip bgp * soft out
同时我们在R2/R3/R4上作邻居 send community \\让属性值传递到R5 上
最后可以发现R2/3/4/5/7都可以学习到1.1.1.1的路由,其R6却学习不到1.1.1.1
R4#sh ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 8
Paths: (1 available, best #1, table default, not advertised to EBGP peer)
Advertised to update-groups:
3
(65001) 100
12.1.1.1 (metric 33280) from 3.3.3.3 (33.1.1.1)
Origin IGP, metric 0, localpref 200, valid, confed-internal, best
Community: no-export
R5#sh ip bgp
BGP table version is 8, local router ID is 55.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 12.1.1.1 0 200 0 (65002 65001) 100 i
R5#sh ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 8
Paths: (1 available, best #1, table default, not advertised to EBGP peer)
Not advertised to any peer
(65002 65001) 100
12.1.1.1 (metric 35840) from 45.1.1.4 (44.1.1.1)
Origin IGP, metric 0, localpref 200, valid, confed-external, best
Community: no-export
由此可见“no-export”团体属性能在联邦的大AS 内传递,如果没有联邦,只能在本AS 内传递。
R5的配置如下:
R5#sh run | se bgp
router bgp 65003
no synchronization
bgp router-id 55.1.1.1
bgp log-neighbor-changes
bgp confederation identifier 200
bgp confederation peers 65002
neighbor 45.1.1.4 remote-as 65002
neighbor 56.1.1.6 remote-as 300
no auto-summary
2-4过滤私有AS号
R3#sh ip bgp
BGP table version is 2, local router ID is 33.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.2/32 13.1.1.1 0 100 65001 I 《如何隐藏掉私有As号》
R1(config-router)#nei 13.1.1.3 remove-private-as
R1(config-router)#do clear ip bgp * soft out
R3#sh ip bgp
BGP table version is 3, local router ID is 33.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.2/32 13.1.1.1 0 100 I <65001已消失>
2-5BGP后门路由
按照试验图配置起来,记得在R3上配个到1.1.1.1的默认路由
需求:R2去往R1的环回口首选高速以太链路。从R3的EBGP学到的低速链路作备份
其实后门路由就是抑制EBGP AD(20)
R2#sh ip route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [20/0] via 23.1.1.3, 00:01:54 \\优选EBGP为20的路由
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
23.0.0.0/24 is subnetted, 1 subnets
C 23.1.1.0 is directly connected, Serial1/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.1.1.0 is directly connected, FastEthernet0/0
如果想让R2优选来自OSPF的路由 \\在R2上宣告该路由的后面加个backdoor
R2(config-router)#network 1.1.1.1 mask 255.255.255.255 backdoor
谁想做BGP的后门路由就应该由谁来宣告这个后门路由
R2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/2] via 12.1.1.1, 00:01:26, FastEthernet0/0
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
23.0.0.0/24 is subnetted, 1 subnets
C 23.1.1.0 is directly connected, Serial1/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.1.1.0 is directly connected, FastEthernet0/0
\\模拟OSPF网络down掉
R2(config)#int f0/0
R2(config-if)#shut
R2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [200/0] via 23.1.1.3, 00:00:42 \\这时R2选EBGP 学习来的1.1.1.1
2.0.0.0/32 is subnetted, 1 subnets
2-6 BGP路由标记
掌握BGP与IGP间重发布的配置;了解如何通过路由标记功能在重发布时保留BGP属性
按照上面条件建立好关系:
R2#sh run | se router bgp
router bgp 300
no synchronization
bgp log-neighbor-changes
neighbor 12.1.1.1 remote-as 100
no auto-summary
R2#sh run | se router ospf
router ospf 110
log-adjacency-changes
redistribute bgp 300 subnets
network 23.1.1.0 0.0.0.255 area 0
R3#sh run | se bgp
router bgp 300
no synchronization
bgp log-neighbor-changes
redistribute ospf 110 match internal external 2 \\注意查看OSPF重分布进BGP的参数
neighbor 34.1.1.4 remote-as 200
no auto-summary
R4#sh ip bgp
BGP table version is 3, local router ID is 34.1.1.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 34.1.1.3 1 0 300 ? \\可以看到ASPATH属性已丢失
*> 23.1.1.0/24 34.1.1.3 0 0 300 ?
解决方法是在R2上从BGP向OSPF发布路由时利用route-map将AS路径属性转为路由标记,这样就可以携带在OSPF路由中,然后在R3上从OSPF发布回BGP的时候,再次利用route-map,将路由标记转回AS路径属性值.
R2(config)#route-map set_tag per 10 (建立一个名为set_tag路由图)
R2(config-route-map)#set automatic-tag(设置自动计算标记值,针对的是AS-PATH属性值)
R2(config-route-map)#router bgp 300
R2(config-router)#table-map set_tag (将刚才设置的set_tag 映射到路由表中,也就是转存一下)
R3(config)#route-map get_tag per 10(建立一个路由图名为get_tag)
R3(config-route-map)#set as-path tag(从路由标记中提取AS-PATH属性还原到BGP路由数据库中)
R3(config-route-map)#router bgp 300
R3(config-router)#red ospf 110 match external 2 internal route-map get_tag(利用重分发匹配外部和内部路由ospf 路由指向route-map转存BGP的AS-PATH属性 )
保留起源属性值可以参考:
http://supercisco.blog.51cto.com/672109/273771/
3-BGP路由控制
3-1过滤BGP路由工具
方法如下:
1.直接调用前缀列表过滤路由,命令:neighbor X.X.X.X prefix-listXX
2.用Distribute-list加前缀或访问控制列表过滤, 针对某个邻居用命令:Neighbor X.X.X.XDistribute-list+前缀/访问列表 或是针对所有邻居用命令:Distribute-list+前缀列表或访问列表
3.用route-map过滤。 命令:neighbor X.X.X.X route-map 每种过滤的方法都可用于二个方向(in/out)。
试验拓扑如下:
Q1:在R1上过滤掉100.1.0.0/24 100.1.1.0/24 100.1.2.0/24 100.1.3.0/24四条路由
3-1-1 使用prefix list
R1(config)#ip prefix-list 1 deny 10.1.0.0/22 ge 24 le 24
R1(config-router)#nei 12.1.1.1 prefix-list 1 in
R1#clear ip bgp * soft in
达到效果
R1#sh ip bgp
BGP table version is 17, local router ID is 11.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 100.1.0.0/26 14.1.1.4 0 0 400 i
*> 100.1.0.0/25 13.1.1.3 0 0 300 i
*> 100.1.1.0/26 14.1.1.4 0 0 400 i
*> 100.1.1.0/25 13.1.1.3 0 0 300 i
*> 100.1.2.0/26 14.1.1.4 0 0 400 i
*> 100.1.2.0/25 13.1.1.3 0 0 300 i
*> 100.1.3.0/26 14.1.1.4 0 0 400 i
*> 100.1.3.0/25 13.1.1.3 0 0 300 i
3-1-2使用distribute-list
Distribute-list + prefix list 或 ACL
R1(config-router)#distribute-list prefix 1 in (这条命令针对所有邻居都生效)
用标准的访问控制列表可以完成吗? 答案是不行的,因为标准的访问控制列表只能去匹配前缀,而不能匹配掩码的长度,这里的12条路由的前缀都是一样的,所以搞不定,但是却是可以用扩展访问控制列表来完成:
R1(config)#access-list 100 deny ip 100.1.0.0 0.0.3.0 host 255.255.255.0
绿色表示前缀,红色表示掩码
R1(config)#router bgp 100
R1(config-router)#nei 12.1.1.2 distribute-list 100 in \\针对某一个邻居做路由过滤
总结:Distribute-list + ACL 可以针对某个邻居来做
3-1-3 使用route-map
Route-map将会是你最佳的选择。我认为,只有当你不方便使用route-map或者route-map将会使你的操作变更复杂的时候,你才应该去选择上面的三种方法,因为,route-map真的很强大。在前面的实验中,我们己经用到了route-map的改变一些属性。当然也可以用来过滤某些路由了,他可以调用前缀列表和访问控制列表。
R1(config)#ip prefix-list 1 per 100.1.0.0/22 ge 24 le 24
R1#sh run | se route-map
neighbor 12.1.1.2 route-map test in
route-map test deny 10
match ip address prefix-list 1
route-map test permit 20
练习:
Q2 : R1 只能接受掩码长度大于或等于26的路由
R1(config)#ip prefix-list 2 permit 0.0.0.0/0 ge 26
R1(config-router)#distribute-list prefix 2 in \\作用在所有邻居上
Q3: R1上拒绝R4的100.1.0.0/26 100.1.1.0/26 100.1.2.0/26 100.1.3.0/26
100.1.0000 0000.0 /26
100.1.0000 0001.0 /26
100.1.0000 0010.0 /26
100.1.0000 0011.0 /26
=====使用prefix-list====
100.1.0.0:
匹配前缀: 1111 1111.1111 1111.1111 1100.0000 0000
掩码: 1111 1111.1111 1111.1111 1111.1100 0000
100.1.0.0 /22 ge 26 le 26
ip prefix-list 3 seq 5 deny 100.1.0.0/22 ge 26 le 26
ip prefix-list 3 seq 20 permit 0.0.0.0/0 le 32
所以控制路由还是锻炼你自己写prefix-list和ACL的能力
请理解以下前缀列表的含义:
ip prefix-list yeslab permit 0.0.0.0/0 ge 32 //任意主机路由
ip prefix-list yeslab permit 128.0.0.0/2 ge 16 //B类超网路由
ip prefix-list yeslab permit 0.0.0.0/0 le 32 //任意路由
ip prefix-list yeslab permit 0.0.0.0/0 //默认路由
ip prefix-list yeslab permit 0.0.0.0/1 le 24 //A类部分子网路由
3-2 AS-path List
先要理解正则表达式
按图配置好:
在R1,R2,R3,R4,R5,R6上分别各自产生一条环回口的BGP的路由
R3#sh ip bgp
BGP table version is 7, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 13.1.1.1 0 0 100 i
*> 2.2.2.0/24 13.1.1.1 0 100 200 i
*> 3.3.3.0/24 0.0.0.0 0 32768 i
*> 4.4.4.0/24 13.1.1.1 0 100 400 i
*> 5.5.5.0/24 13.1.1.1 0 100 200 65001 i
*> 6.6.6.0/24 13.1.1.1 0 100 i
Q1:要求R3只接受起源200AS路由 (起源某个AS的路由)
R3(config)#ip as-path access-list 1 permit _200$
R3(config-router)#neighbor 13.1.1.1 filter-list 1 in
R3#sh ip bgp
BGP table version is 3, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.0/24 13.1.1.1 0 100 200 i
*> 3.3.3.0/24 0.0.0.0 0 32768 i
Q2: 要求R6只接受R1 AS200学过来的路由 (匹配相邻某个AS路由)
R6(config)#ip as-path access-list 1 permit ^200_
R6(config)#router bgp 100
R6(config-router)#nei 16.1.1.1 filter-list 1 in
R6#sh ip bgp
BGP table version is 4, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i2.2.2.0/24 12.1.1.2 0 100 0 200 i
* i5.5.5.0/24 12.1.1.2 0 100 0 200 65001 i
*> 6.6.6.0/24 0.0.0.0 0 32768 i
Q3: R2不向R5发送相邻并起源于AS100的路由
即11.1.1.0/24,66.1.1.0/24二条路由不给R5,别的R3,R4的路由正常传给R5
R2#sh ip bgp
BGP table version is 7, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 12.1.1.1 0 0 100 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*> 3.3.3.0/24 12.1.1.1 0 100 300 i
*> 4.4.4.0/24 12.1.1.1 0 100 400 i
*> 5.5.5.0/24 25.1.1.5 0 0 65001 i
*> 6.6.6.0/24 12.1.1.1 0 100 i
R2(config)#ip as-path access-list 1 permit ^100$
R2(config)#route-map r2 deny
R2(config-route-map)#match as-path 1
R2(config-route-map)#exit
R2(config)#route-map r2 permit 20
R2(config)#router bgp 200
R2(config-router)#nei 25.1.1.5 route-map r2 out
R5#sh ip bgp
BGP table version is 9, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.0/24 25.1.1.2 0 0 200 i
*> 3.3.3.0/24 25.1.1.2 0 200 100 300 i
*> 4.4.4.0/24 25.1.1.2 0 200 100 400 i
Q4:要求R3只接受 AS400 100的路由
R3(config)#ip as-path access-list 1 per _100_400_
Q5: 要求R4 不接受包含私有AS号的路由
R4(config)#ip as-path access-list 1 deny _6451[2-9]_
R4(config)#ip as-path access-list 1 deny _645[2-9][0-9]_
R4(config)#ip as-path access-list 1 deny _64[5-9][0-9][0-9]_
R4(config)#ip as-path access-list 1 deny _65[0-9][0-9][0-9]_
R4(config)#ip as-path access-list 1 permit
3-3 Community Filter
R1(config)#ip bgp-community new-format
R1(config)#router bgp 100
R1(config-router)#net 1.1.1.1 mask 255.255.255.255 route-map 100:1
R1(config-router)#net 2.2.2.2 mask 255.255.255.255 route-map 100:2
R1(config-router)#nei 12.1.1.2 send-community
route-map 100:2 permit 10
set community 100:2
!
route-map 100:1 permit 10
set community 100:1
在R2 上可以看条目:
R2#sh ip bgp community 100:2 \\可以根据community值去看路由条目
BGP table version is 6, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.2/32 12.1.1.1 0 0 100 i
R2如何过滤掉community值为100:2的路由
route-map comm deny 10
match community 1
!
route-map comm permit 20
ip community-list 1 permit 100:2
router bgp 200
no synchronization
bgp router-id 2.2.2.2
bgp log-neighbor-changes
neighbor 12.1.1.1 remote-as 100
neighbor 12.1.1.1 route-map comm in
neighbor 23.1.1.3 remote-as 300
no auto-summary
如何在R2上添加R2自定义的community <上面的配置 no 掉>
R2(config)#route-map comm1 per 10
R2(config-route-map)#match community 1
R2(config-route-map)#set community 200:1 additive
R2(config)#route-map comm1 permit 20
R2(config-route-map)#exit
R2(config)#router bgp 200
R2(config-router)#nei 23.1.1.3 send-comm
R2(config-router)#nei 23.1.1.3 route-map comm1 out
R3#sh ip bgp 2.2.2.2
BGP routing table entry for 2.2.2.2/32, version 17
Paths: (1 available, best #1, table default)
Not advertised to any peer
200 100
23.1.1.2 from 23.1.1.2 (2.2.2.2)
Origin IGP, localpref 100, valid, external, best
Community: 100:2 200:1
那么我们在R3 宣告一条22.1.1.1 带community 值为200:1
R2(config)#route-map 200:1 per 10
R2(config-route-map)#set community 200:1
R2(config-route-map)#exit
R2(config)#router bgp 200
R2(config-router)#net 22.1.1.1 mask 255.255.255.255 route-map 200:1
那么在R3
有1.1.1.1 100:1
有2.2.2.2 100:2 200:1
有22.1.1.1 200:1
想一想,如果我们只去匹配200:1这个属性值,我们能匹配上这二条吗?
去匹配200:1的团体属性,然后修改他的weight值为2012
ip community-list expanded fuyi permit 200:1
route-map fuyi permit 10
match community fuyi
set weight 2012
router bgp 300
no synchronization
bgp log-neighbor-changes
neighbor 23.1.1.2 remote-as 200
neighbor 23.1.1.2 route-map fuyi in
no auto-summary
R3#sh ip bgp
BGP table version is 23, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.2/32 23.1.1.2 2012 200 100 i
*> 22.1.1.1/32 23.1.1.2 0 2012 200 i
证明了:以上表示二条路由都被匹配上了,也就是说,二个团体属性值中,有一个能匹配上就可以了
如果要求匹配上2个团体属性值:
R3(config)#route-map COMM permit 10
R3(config-route-map)#match community 10 20 (先写好community list) exact-match //加上exact-match关键字后,10与20之间就不再是一个或的关系,而是与的关系,也就是说要二个都匹配上才算匹配。
3-4 Policy-list
最后再介绍BGP里面另一个匹配的工具,这个工具的本身不能去匹配一条路由,而是可以把以上用到的所有匹配的工具整合在一起,相当于是模块化的配置。 如下:
R3(config)#ip policy-list yeslab permit //定义一个名字
R3(config-policy-list)#match interface loopback 0
R3(config-policy-list)#match as-path 10
R3(config-policy-list)#match community 10
R3(config-policy-list)#match extcommunity yeslab
R3(config-policy-list)#match metric 10000
R3(config-policy-list)#match ip address 100
R3(config-policy-list)#match tag 10
查看命令:R3#show ip policy-list yeslab
然后再用route-map调用policy-list即可:
R3(config)#route-map POLICY permit 10
R3(config-route-map)#match policy-list yeslab
看看MATCH下面可以跟什么样的条件:
R3(config-route-map)#match ?
as-path Match BGP AS path list
clns CLNS information
community Match BGP community list
extcommunity Match BGP/VPN extended community list
interface Match first hop interface of route
ip IP specific information
ipv6 IPv6 specific information
length Packet length
local-preference Local preference for route
mdt-group Match routes corresponding to MDT group
metric Match metric of route
mpls-label Match routes which have MPLS labels
policy-list Match IP policy list
route-type Match route-type of route
source-protocol Match source-protocol of route
tag Match tag of route
4-BGP 负载均衡
理论简介:根据BGP的选路原则,如果在前面8条都不能选出最优路由的情况下,在BGP进程下使能maximum-paths ibgp X的命令,可以实现等价负载均衡
4-1 IBGP的等价负载均衡
按条件配置好环境
R1(config)#do sh ip bgp 4.4.4.4
BGP routing table entry for 4.4.4.4/32, version 2
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Flag: 0x820
Not advertised to any peer
200
34.1.1.4 (metric 30720) from 3.3.3.3 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, internal
200
24.1.1.4 (metric 30720) from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, valid, internal, best\\选择24.1.1.4的原因是选择11条route-id小.
R1(config)#router bgp 100
R1(config-router)#maximum-paths ibgp 2
R1#sh ip route 4.4.4.4
Routing entry for 4.4.4.4/32
Known via "bgp 100", distance 200, metric 0
Tag 200, type internal
Last update from 24.1.1.4 00:00:14 ago
Routing Descriptor Blocks:
* 34.1.1.4, from 3.3.3.3, 00:01:48 ago
Route metric is 0, traffic share count is 1
AS Hops 1
Route tag 200
24.1.1.4, from 2.2.2.2, 00:00:15 ago
Route metric is 0, traffic share count is 1
AS Hops 1
Route tag 200
R1#sh ip route bgp
4.0.0.0/32 is subnetted, 1 subnets
B 4.4.4.4 [200/0] via 34.1.1.4, 00:02:53
[200/0] via 24.1.1.4, 00:01:19
负载均衡生效是在把BGP条目放进路由表的时候生效,而不是在BGP选路的时候选出两条最优路由。
4-2 EBGP的等价负载均衡
在R1上宣告11.1.1.1, 在R4上配置:
R4(config-router)#maximum-paths 2
4-3 IBGP的非等价负载均衡
R3(config)#router bgp 100
R3(config-router)#bgp dmzlink-bw
R3(config-router)#neighbor 34.1.1.4 dmzlink-bw <获取带宽属性值>
R3(config-router)#nei 1.1.1.1 send-community extended
R2(config)#router bgp 100
R2(config-router)#bgp dmzlink-bw
R2(config-router)#nei 24.1.1.4 dmzlink-bw <获取带宽属性值>
R2(config-router)#neighbor 1.1.1.1
R2(config-router)#neighbor 1.1.1.1 send-community extended
R1(config)#router bgp 100
R1(config-router)#bgp dmzlink-bw
R1(config-router)#maximum-paths ibgp 2 \\注意一定要使能IBGP的负载均衡
R1#sh run | se bgp
router bgp 100
no synchronization
bgp log-neighbor-changes
bgp dmzlink-bw
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
nei 2.2.2.2 next-hop-self
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
nei 3.3.3.3 next-hop-self
maximum-paths ibgp 2
no auto-summary
R3#sh run | se bgp
router bgp 100
no synchronization
bgp log-neighbor-changes
bgp dmzlink-bw
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
nei 1.1.1.1 next-hop-self
neighbor 1.1.1.1 send-community extended
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
nei 2.2.2.2 next-hop-self
neighbor 34.1.1.4 remote-as 200
neighbor 34.1.1.4 dmzlink-bw
no auto-summary
R2#sh run | se bgp
router bgp 100
no synchronization
bgp log-neighbor-changes
bgp dmzlink-bw
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
nei 1.1.1.1 next-hop self
neighbor 1.1.1.1 send-community extended
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
neighbor 24.1.1.4 remote-as 200
neighbor 24.1.1.4 dmzlink-bw
no auto-summary
R1#sh ip route 4.4.4.4
Routing entry for 4.4.4.4/32
Known via "bgp 100", distance 200, metric 0
Tag 200, type internal
Last update from 3.3.3.3 00:01:08 ago
Routing Descriptor Blocks:
3.3.3.3, from 3.3.3.3, 00:01:08 ago
Route metric is 0, traffic share count is 1
AS Hops 1
Route tag 200
* 2.2.2.2, from 2.2.2.2, 00:01:08 ago
Route metric is 0, traffic share count is 60
AS Hops 1
Route tag 200
R1#sh ip bgp 4.4.4.4
BGP routing table entry for 4.4.4.4/32, version 13
Paths: (2 available, best #1, table Default-IP-Routing-Table)
Multipath: iBGP
Not advertised to any peer
200
2.2.2.2 (metric 156160) from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, valid, internal, multipath, best
DMZ-Link Bw 12500 kbytes
200
3.3.3.3 (metric 156160) from 3.3.3.3 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, multipath
DMZ-Link Bw 193 kbytes
4-4 EBGP的非等价负载均衡
还是使用上图:
R4(config)#router bgp 200
R4(config-router)#maximum-paths 2
R4(config-router)#nei 24.1.1.2 dmzlink-bw
R4(config-router)#nei 34.1.1.3 dmzlink-bw
R4(config-router)#bgp dmzlink-bw
试验共享: http://pan.baidu.com/s/1o65Q90u