BGP-1
一、IGP和EGP
AS(Autonomous System):由统一管理者去管理的一个范围,比如:联通是一个AS,电信是一个AS
公有AS号:0-64511;私有AS号:64512-65535
工作在同一个AS的为IGP,需要在AS间进行交换的为EGP
IGP(Interior Gateway Protocol):RIP、OSPF、EIGRP(Enhanced Interior Gateway Routing Protocol 即 增强内部网关路由协议)、IS-IS
EGP(Exterior Gateway Protocol):BGP
二、BGP边界网关协议
1.属于路径矢量协议,协商范围不是以路由器为单位,而是以AS为单位
2.应用场景:
a.数据包从一个AS穿越到另一个AS;
b.一个AS连接多个AS时;
c.控制AS间的选路,即路由策略;
3.为何要用BGP
a.便于管理
b.OSPF最大支持1万条路由,IS-IS最大支持2万条路由,现在公网上跑着十几万路由,不能满足需求
c.策略更方便
d.扩展性更高
三、BGP协议特性
1.BGP基于TCP协议,封装在TCP协议中,端口号179
2.BGP只有触发更新,无周期更新
3.周期性发keepalive报文(60s)
4.BGP中存在的表:
a.neighber table (通过open报文),
b.BGP table(转发数据库)
c.IP routing table
5.IBGP AD=200;EBGP AD=20
四、BGP的消息类型
1.open :open报文包含hold time 和BGP route ID
keepalive:通过open建立邻居后,用keepalive维持连接
2.update:路由更新
3.notification:错误发生时
五、IBGP和EBGP
1.peer = neighbor
2.IBGP中建立邻接关系不是必须直连,因为BGP是基于TCP的,无组播地址,只需之间有路由能建立TCP连接即可
此处要理解控制层面和转发层面的关系,A上有条X路由,A发向F,F是能学到路由的,但F往X网段上发数据,发布过去,因为C或者D上无到X的路由
六、水平分割(防环)
1.IBGP水平分割
通过IBGP学习到的路由,不会再传给其他的邻接IBGP
2.EBGP水平分割
EBGP的水平分割是靠AS号去判断,AS1将路由传给AS2时,报文字段中会有AS1的标识,告诉这些路由是从AS1传过来的,AS2将路由传给AS3时,会将AS1&AS2的标识都传给AS3,此时AS3再将路由传给AS1时,AS1会判断不再接收含有本AS号的路由
七、实验
1.IBGP中network的作用:发送hello包,通告路由;而EBGP中是需要:先通过neighbor建立邻居(因为TCP是单播),再通过network宣告路由
2.IBGP建议用环回口建邻居,稳定性强,也就是内部需要运行OSPF
EBGP配置
R4(config)#router bgp 4 R4(config-router)#bgp router-id 4.4.4.4 R4(config-router)#neighbor 24.1.1.2 remote-as 1 R2(config)#router bgp 1 R2(config-router)#bgp router-id 2.2.2.2 R2(config-router)#neighbor 24.1.1.4 remote-as 4
IGBP配置:
R2:
router ospf 110
router-id 2.2.2.2
log-adjacency-changes
network 2.2.2.0 0.0.0.255 area 0
network 12.1.1.0 0.0.0.255 area 0
!
router bgp 1
no synchronization
bgp router-id 2.2.2.2
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 1
neighbor 3.3.3.3 update-source Loopback0 (宣告通过哪个接口发送报文)
neighbor 24.1.1.4 remote-as 4
no auto-summary
R1:
router ospf 110 router-id 1.1.1.1 log-adjacency-changes network 1.1.1.0 0.0.0.255 area 0 network 12.1.1.0 0.0.0.255 area 0 network 13.1.1.0 0.0.0.255 area 0
R3:
router ospf 110
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.0 0.0.0.255 area 0
network 13.1.1.0 0.0.0.255 area 0
!
router bgp 1
no synchronization
bgp router-id 3.3.3.3
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 1
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
注意IBGP配置的不同,这是因为只用neighbor remote-as命令宣告后默认更新报文是发送的路由出口,即到3.3.3.3是宣告的S2/0口,去和回无法按照宣告路径回来,所以需要用到后面的update-source命令
EBGP如果是有两条路径,这时我们就不能在物理口上建邻居,因为一旦一条down后,不能切到另一条上,所以建议还是用环回口建邻居,但EBGP的环回口不能像IBGP一样跑路由协议,这时我们只能手动建立静态路由,
但这里要注意:默认bgp建邻居的TTL值为1,到达后就用完了,为了完成冗余我们需要将TTL值改为>=2
neighbor x.x.x.x ebgp-multihop 2
R3:
ip route 5.5.5.5 255.255.255.255 Serial2/0 router bgp 1 no synchronization bgp router-id 3.3.3.3 bgp log-neighbor-changes neighbor 2.2.2.2 remote-as 1 neighbor 2.2.2.2 update-source Loopback0 neighbor 5.5.5.5 remote-as 5 neighbor 5.5.5.5 ebgp-multihop 255 neighbor 5.5.5.5 update-source Loopback0 no auto-summary
R5:
ip route 3.3.3.3 255.255.255.255 Serial2/1 router bgp 5 no synchronization bgp router-id 5.5.5.5 bgp log-neighbor-changes neighbor 3.3.3.3 remote-as 1 neighbor 3.3.3.3 ebgp-multihop 255 no auto-summary
这样以上配置只是建立了邻接,并没有BGP路由产生
注:network:IGP中的network是指宣告本地的接口,而BGP中的network是将本地路由表中的路由器全部宣告出来
3.宣告BGP路由
R4:
Gateway of last resort is not set 4.0.0.0/24 is subnetted, 1 subnets C 4.4.4.0 is directly connected, Loopback0 24.0.0.0/24 is subnetted, 1 subnets C 24.1.1.0 is directly connected, Serial2/0
此时查看R4路由表中如上图,我们需要将4.4.4.0的路由宣告进BGP
R4:
R4(config)#router bgp 4 R4(config-router)#network 4.4.4.0 mask 255.255.255.0
R4#sh ip bgp BGP table version is 2, local router ID is 4.4.4.4 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 4.4.4.0/24 0.0.0.0 0 32768 i
*代表此BGP路由是可用的,>代表是最优路由
R3#sh ip bgp BGP table version is 1, local router ID is 3.3.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * i4.4.4.0/24 24.1.1.4 0 100 0 4 i
而R3上的BGP路由则没有>,R5直接没收到BGP路由
解决不是最优路由的方法
12.28T以上的版本已经默认关闭同步功能
R2(config-router)#neighbor 3.3.3.3 next-hop-self
此时R3和R5上就都能收到BGP路由了
4.但在R5上ping 4.4.4.4,发现ping不通,这就是路由黑洞,因为R1上无到4.4.4.4的路由
解决方法一种就是R1上也运行IGP,此处有项技术叫peer-group
R1#sh run | b r b router bgp 1 no synchronization bgp router-id 1.1.1.1 bgp log-neighbor-changes neighbor SWC peer-group neighbor SWC remote-as 1 neighbor SWC update-source Loopback0 neighbor 2.2.2.2 peer-group SWC neighbor 3.3.3.3 peer-group SWC no auto-summary
5.最后的全部配置
R1:
interface Loopback0 ip address 1.1.1.1 255.255.255.0 interface Serial2/0 ip address 13.1.1.1 255.255.255.0 serial restart-delay 0 ! interface Serial2/1 ip address 12.1.1.1 255.255.255.0 serial restart-delay 0 router ospf 110 router-id 1.1.1.1 log-adjacency-changes network 1.1.1.0 0.0.0.255 area 0 network 12.1.1.0 0.0.0.255 area 0 network 13.1.1.0 0.0.0.255 area 0 router bgp 1 no synchronization bgp router-id 1.1.1.1 bgp log-neighbor-changes neighbor SWC peer-group neighbor SWC remote-as 1 neighbor SWC update-source Loopback0 neighbor 2.2.2.2 peer-group SWC neighbor 3.3.3.3 peer-group SWC no auto-summary
R2:
interface Loopback0 ip address 2.2.2.2 255.255.255.0 interface Serial2/0 ip address 12.1.1.2 255.255.255.0 serial restart-delay 0 ! interface Serial2/1 ip address 24.1.1.2 255.255.255.0 serial restart-delay 0 router ospf 110 router-id 2.2.2.2 log-adjacency-changes network 2.2.2.0 0.0.0.255 area 0 network 12.1.1.0 0.0.0.255 area 0 ! router bgp 1 no synchronization bgp router-id 2.2.2.2 bgp log-neighbor-changes neighbor 1.1.1.1 remote-as 1 neighbor 1.1.1.1 update-source Loopback0 neighbor 1.1.1.1 next-hop-self neighbor 3.3.3.3 remote-as 1 neighbor 3.3.3.3 update-source Loopback0 neighbor 3.3.3.3 next-hop-self neighbor 24.1.1.4 remote-as 4 no auto-summary
R3:
interface Loopback0 ip address 3.3.3.3 255.255.255.0 interface Serial2/0 ip address 35.1.1.3 255.255.255.0 serial restart-delay 0 ! interface Serial2/1 ip address 13.1.1.3 255.255.255.0 serial restart-delay 0 router ospf 110 router-id 3.3.3.3 log-adjacency-changes network 3.3.3.0 0.0.0.255 area 0 network 13.1.1.0 0.0.0.255 area 0 router bgp 1 no synchronization bgp router-id 3.3.3.3 bgp log-neighbor-changes neighbor 1.1.1.1 remote-as 1 neighbor 1.1.1.1 update-source Loopback0 neighbor 1.1.1.1 next-hop-self neighbor 2.2.2.2 remote-as 1 neighbor 2.2.2.2 update-source Loopback0 neighbor 2.2.2.2 next-hop-self neighbor 5.5.5.5 remote-as 5 neighbor 5.5.5.5 ebgp-multihop 255 neighbor 5.5.5.5 update-source Loopback0 no auto-summary
R4:
interface Loopback0 ip address 4.4.4.4 255.255.255.0 interface Serial2/0 ip address 24.1.1.4 255.255.255.0 serial restart-delay 0 router bgp 4 no synchronization bgp router-id 4.4.4.4 bgp log-neighbor-changes network 4.4.4.0 mask 255.255.255.0 neighbor 24.1.1.2 remote-as 1 no auto-summary
R5:
interface Loopback0 ip address 5.5.5.5 255.255.255.0 interface Serial2/1 ip address 35.1.1.5 255.255.255.0 serial restart-delay 0 router bgp 5 no synchronization bgp router-id 5.5.5.5 bgp log-neighbor-changes network 5.5.5.0 mask 255.255.255.0 neighbor 3.3.3.3 remote-as 1 neighbor 3.3.3.3 ebgp-multihop 255 neighbor 3.3.3.3 update-source Loopback0 no auto-summary