BGP2
来源:互联网 发布:linux free m 详解 编辑:程序博客网 时间:2024/06/18 18:37
Example:Next Hop on a Multiaccess Network
BGPState s
r RIB-failure, S Stale, m multipath, bbackup-path, f RT-Filter, x best-external, a additional-path, cRIB-compressed,
Network Next Hop MetricLocPrf Weight Path *> 2.2.2.0/24 0.0.0.0 0 32768 i
r RIB-failure, S Stale, m multipath, bbackup-path, f RT-Filter, x best-external, a additional-path, cRIB-compressed,
Network Next Hop MetricLocPrf Weight Path *> 2.2.2.0/24 12.1.1.2 0 0 2 i
r RIB-failure, S Stale, m multipath, bbackup-path, f RT-Filter, x best-external, a additional-path, cRIB-compressed,
Network Next Hop MetricLocPrf Weight Path *> 1.1.1.0/24 0.0.0.0 0 32768 ? *> 2.2.2.0/24 12.1.1.2 0 0 2 i *> 3.3.3.0/24 134.1.1.3 1 32768? *> 134.1.1.0/24 0.0.0.0 0 32768? *> 200.1.16.0 12.1.1.2 0 0 2i *> 200.1.16.0/22 12.1.1.2 0 0 2i *> 200.1.17.0 12.1.1.2 0 0 2i *> 200.1.18.0 12.1.1.2 0 0 2i *> 200.1.19.0 12.1.1.2 0 0 2i
r RIB-failure, S Stale, m multipath, bbackup-path, f RT-Filter, x best-external, a additional-path, cRIB-compressed,
Network Next Hop MetricLocPrf Weight Path *> 1.1.1.0/24 12.1.1.1 0 0 1 ? *> 2.2.2.0/24 0.0.0.0 0 32768 i *> 3.3.3.0/24 12.1.1.1 1 0 1 ? *> 134.1.1.0/24 12.1.1.1 0 0 1 ? s> 200.1.16.0 0.0.0.0 0 32768 i *> 200.1.16.0/22 0.0.0.0 32768i s> 200.1.17.0 0.0.0.0 0 32768 i s> 200.1.18.0 0.0.0.0 0 32768 i s> 200.1.19.0 0.0.0.0 0 32768 i r RIB-failure, S Stale, m multipath, bbackup-path, f RT-Filter, x best-external, a additional-path, cRIB-compressed,
Network Next Hop MetricLocPrf Weight Path *> 1.1.1.0/24 0.0.0.0 0 32768 ? *> 2.2.2.0/24 12.1.1.2 0 0 2 i *> 3.3.3.0/24 134.1.1.3 1 32768? *> 134.1.1.0/24 0.0.0.0 0 32768? *> 200.1.16.0/22 12.1.1.2 0 0 2i
match ip address prefix-list 1
r RIB-failure, S Stale, m multipath, bbackup-path, f RT-Filter, x best-external, a additional-path, cRIB-compressed,
Network Next Hop MetricLocPrf Weight Path *> 1.1.1.0/24 12.1.1.1 0 0 1 ? *> 2.2.2.0/24 0.0.0.0 0 32768 i *> 3.3.3.0/24 12.1.1.1 1 0 1 ? *> 134.1.1.0/24 12.1.1.1 0 0 1 ? s> 200.1.16.0 0.0.0.0 0 32768 i *> 200.1.16.0/22 0.0.0.0 32768 i s> 200.1.17.0 0.0.0.0 0 32768 i *> 200.1.18.0 0.0.0.0 0 32768 i *> 200.1.19.0 0.0.0.0 0 32768 i
r RIB-failure, S Stale, m multipath, bbackup-path, f RT-Filter, x best-external, a additional-path, cRIB-compressed,
Network Next Hop MetricLocPrf Weight Path *> 1.1.1.0/24 0.0.0.0 0 32768 ? *> 2.2.2.0/24 12.1.1.2 0 0 2 i *> 3.3.3.0/24 134.1.1.3 1 32768? *> 134.1.1.0/24 0.0.0.0 0 32768? *> 200.1.16.0/22 12.1.1.2 0 0 2i *> 200.1.18.0 12.1.1.2 0 0 2i *> 200.1.19.0 12.1.1.2 0 0 2i
r RIB-failure, S Stale, m multipath, bbackup-path, f RT-Filter, x best-external, a additional-path, cRIB-compressed,
Network Next Hop MetricLocPrf Weight Path *> 1.1.1.0/24 0.0.0.0 0 32768 ? *> 2.2.2.0/24 12.1.1.2 0 0 2 i *> 3.3.3.0/24 134.1.1.3 1 32768? *> 134.1.1.0/24 0.0.0.0 0 32768? s> 200.1.16.0 12.1.1.2 0 0 2 i *> 200.1.16.0/22 0.0.0.0 32768i s> 200.1.17.0 12.1.1.2 0 0 2 i s> 200.1.18.0 12.1.1.2 0 0 2 i s> 200.1.19.0 12.1.1.2 0 0 2 i
r RIB-failure, S Stale, m multipath, bbackup-path, f RT-Filter, x best-external, a additional-path, cRIB-compressed,
Network Next Hop MetricLocPrf Weight Path *> 1.1.1.0/24 12.1.1.1 0 0 1 ? *> 2.2.2.0/24 0.0.0.0 0 32768 i *> 3.3.3.0/24 12.1.1.1 1 0 1 ? *> 134.1.1.0/24 12.1.1.1 0 0 1 ? *> 200.1.16.0 0.0.0.0 0 32768 i *> 200.1.16.0/22 12.1.1.1 0 0 1i *> 200.1.17.0 0.0.0.0 0 32768 i *> 200.1.18.0 0.0.0.0 0 32768 i *> 200.1.19.0 0.0.0.0 0 32768 i
R1(router -config)aggregate-address200.1.16.0 255.255.252.0 as-set summary-only r RIB-failure, S Stale, m multipath, bbackup-path, f RT-Filter, x best-external, a additional-path, cRIB-compressed,
Network Next Hop MetricLocPrf Weight Path *> 1.1.1.0/24 0.0.0.0 0 32768 ? *> 2.2.2.0/24 12.1.1.2 0 0 2 i *> 3.3.3.0/24 134.1.1.3 1 32768? *> 134.1.1.0/24 0.0.0.0 0 32768? s> 200.1.16.0 12.1.1.2 0 0 2 i *> 200.1.16.0/22 0.0.0.0 100 32768 2 i s> 200.1.17.0 12.1.1.2 0 0 2 i s> 200.1.18.0 12.1.1.2 0 0 2 i s> 200.1.19.0 12.1.1.2 0 0 2 i
--- Well-known versus optional ---Mandatory versus discretionary ---Transitive versus nontransitive ---Partial ---Are propagated to other neighbors
The following takes place in a multiaccess netowrk:
*Router B advertises
network 172.30.0.0 to
router A in EBGP with
a next hop of 10.10.10.2,
not 10.10.10.1.This avoids an unnecessary hop.
*BGP is being efficient by
informing AS 64520 of the
best entry point into AS 65000
for network 172.30.0.0
*Router B i AS 65000 also advertises to AS 64520 that
the best entry point for each network in AS 64600 is the
next hop of router C because that is the best pathto
move through AS 65000 to AS 64600
ICMP重定向
接口特性
When establishing a BGp session,BGP goes through the followingstates:
1.Idle:Router is searching routing table to see whether aroute exists to reach the neighbor.
2.Connect:Router found a route to the neighbor and hascompleted the three-way TCP handshake.
3.Open sent:Open message sent,with the parameters for the BGPsession.
4.Open confirm:Router received agreement on the parameters forestablishing session.
----- Alternatively,router goes into active state if noresponse to ipen message.
5.Established:Peering is established;routing begins.
BGP Established and Idle States
*Idle:The router in this state cannot find the address ofthe
neighbor in the routing table.Check for an IGPproblem,Is
the neighbor announcing the route?
* established:the established state is the proper
state for BGP operations.In the output of the show ipbgp
summary command,if the state column has a number,then
the route is IN the established state.The number is how manyroute have been learned from this
neighbor.
BGP Active State Troubleshooting
Active:The router has sent an open packet and is waiting for aresponse.The state may cycle between active and idle.The neighbormay not know how to get back to this router because of thefollowing reasons:
BGP Active State Troubleshooting
Active:The router has sent an open packet and is waiting for aresponse.The state may cycle between active and idle.The neighbormay not know how to get back to this router because of thefollowing reasons:
- Neighbor does not a route to the source IP address of the BGPopen packet generated by this router.
- Neighbor is peering with the wrong address.
- Neighbor does not have a neighbor statement for thisrouter.
- AS number is misconfiguration.
BGP Neighbor Authentication
Router(config-router)#
neighbor (ip-address | peer-group-name) passwordstring
- BGP authentication uses MD5.
- Configure a key (passwork);router generates a message digest,orhash,of the key and the message.
- Message digest is sent;key is not sent.
- Router generates and checks the MD5 digest of every segmentsent on the TCP connection.Router authenticates the source of eachrouting update packet that it receives.
R1#show ip bgp rib-failure
ri= router informationbase
IGP AD
BGP
ri= router informationbase
Clearing the BGPSession
- When policies such as access lists or attributes arechanged,the change takes effect immediately,and the next time thata prefix of path is advertised or received,the new policy isused,It can take a long time for the policy to be applied to allnetworks.
- You must trigger an update to ensure that the policy isimmediately applied to all affected prefixes and paths.
- Ways to trigger an update
--Hard reset
--Soft reset
--Route refresh
Hard reset of BGPSessions
router#
clear ip bgp *
- Reset all BGP connections with this router
- Entire BGP forwarding table is discarded.
- BGP session makes the transition from established to idle;
- everything must be relearned.
router#
clear ip bgp [neighbor-address]
- Reset only a single neighbor.
- BGP session makes the transition from established toidle;everything from this neighbor must be relearned.
- Less sever than clear ip bgp *.
Soft ResetOutbound
Router#
clear ip bgp {*| neighbor-address} [soft out]
Routers learned from this neighbor are not lost
This router resends all BGP information to the neighborwithout resetting the connection.
The connection remains established.
This option is highly recommended when you are changingoutbound policy.
The soft out option does not help if you are changing inboundpolicy.
Inbound Soft Reset
Router(config-router)#
- neighbor [ip address] soft-reconfiguration inbound
- This router stores all updates from this neighbor in case theinbound policy is changed.
- The commend is memory-intensive.
Router #
clear ip bgp {*|neighbor-address } softin
- Uses the stored information to generate new inboundupdates
R2#show ip bgp neighbors 12.1.1.1advertised-routes
BGP table version is 2, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, >best, i - internal,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Total number of prefixes 1
R1#show ip bgp neighbors 12.1.1.2received-routes
% Inbound soft reconfiguration not enabled on 12.1.1.2
R1(config-router)#neighbor 12.1.1.2 soft-reconfigurationinbound
R1#show ip bgp neighbors 12.1.1.2received-routes
BGP table version is 2, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, >best, i - internal,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Total number of prefixes 1
debug ip bgp updates Command
Router#debug ip bgp updates
Network BoundarySummarization
Router(config-router)#
no auto-summary
BGP ,RIPv1 and RIPv2,IGRP,and EIGRP perform network boundarysummarization by default.
BGP,RIPv2,and EIGRP can disable network boundarysummarization.
CiDR has forced thi IANA to begin using class A addresses,like64.0.0.0,in a classless manner.
If you are assigned a portion of a class A,B,or C address,theno auto-summary command needs
to be implemented under the BGP process or you risk claimingownership of the whole lass A,B,or Caddress.
总结
auto summary any ->bgp 不携带原有的下一跳,和metric
no auto-summary any ->bgp拾原有的下一跳,和metric
CIDR and AggregateAddresses
- With BGP4,routes can be aggregated by any AS on any BGProuter.
- BGP4 is classless,supports VLSM and longest match routing,andcarries a network mask for each network in the update.
1、 手工写静路由NULL0
network 汇总路由
R2(config)# ip route 200.1.16.0 255.255.252.0 null 0
R2(config-router)#network 200.1.16.0 mask 255.255.252.0
Configuring BGP for AggregateAddressing
Router(config-router)#
aggregate-address ip-address mask [summary-only]
[as-set]
- Creates an aggregate(summary)entry in te BGP table
- Uses the summary-only option to advertise only the summary andnot the specific routes
- Adds the as-set option to include a list of all the autonomoussystem numbers that the more specific routes have passedthrough
- Recommended method of summarization forBGP
- Null static route not needed,BGP null route automaticallygenerated
R2(config-router)#aggregate-address 200.1.16.0255.255.252.0
R1#show ip bgp
BGP table version is 18, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, >best, i - internal,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
R2(config-router)#aggregate-address 200.1.16.0 255.255.252.0summary-only
R2#show ip bgp
BGP table version is 22, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, >best, i - internal,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
R1#show ip bgp
BGP table version is 22, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, >best, i - internal,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
抑止200.1.16.0 200.1.17.0,允许200.1.16.0/22 200.1.18.0 200.119.0通过。
R2(config-router) aggregate-address 200.1.16.0 255.255.252.0summary-only suppress-map SUP
R2(config)#ip prefix-list 1 permit 200.1.16.0/x ge y lez
len < ge-value <= le-value
x
200.1.16.0/24
200.1.17.0/24
ip prefix-list 1 permit 200.1.16.0/23 ge 24 le 24
1 ip prefix-list 1 seq 5 permit200.1.16.0/23 ge 24 le 24
2 route-map SUP permit 10
3 aggregate-address 200.1.16.0 255.255.252.0 summary-onlysuppress-map SUP
R2#show ip bgp
BGP table version is 12, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, >best, i - internal,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
R1#show ip bgp
BGP table version is 24, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, >best, i - internal,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
R1(config-router)#aggregate-address 200.1.16.0 255.255.252.0summary-only
在R1上做agg存在一个问题
如下:r1上生成一条200.1.16.0/22,并且没有标识从R2上收到的,r1会将此路由宣告到r2上
R1#show ip bgp
BGP table version is 32, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, >best, i - internal,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
R2#show ip
*Jun 1 14:10:03.506: %SYS-5-CONFIG_I:Configured from console by console
R2#show ip bgp
BGP table version is 16, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, >best, i - internal,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
R1#show ip bgp
BGP table version is 33, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, >best, i - internal,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
BGP PathAttributes
- BGP metrics are called path attributes.
- Characteristics of path attributes include:
Well-KnownAttributes
Well-Known attributes
--Must be recognized by all compliant BGPimplementations
Well-known mandatory attributes
--Must be present in all update messages
Well-know discretionary attributes
--May be present in update messages
BGP Attributes
BGP attributes include the following:
- AS path *
- Next-hot *
- Origin *
- Local preference
- MED
- Others
* Well-known mandatory attribute(公认,必须遵守)
Origin Attribute
- IGP(i)
--network command
- EBGP(e)
--Redistributed from BGP
- Incomplete(?)
--Redistributed from IGP or static
The origin attribute informs all autonomous systems in theinternetwork how the prefixes were introduced into BGP.
The origin attribute is well-known,mandatory.
修改属性一般方法
R1(config)# ip prefix-list 2 permit 2.2.2.2/24
R1(config)#router-map o
R1(config-route-map)match ip addressprefix-list 2
R1(config)#router bgp 1
R1(config-router)neighbor 12.1.1.2 route-map oin
R1(config)route-map o permit 20
Route Selection DecisionProcess
Consider only(synchronized)routes with no AS loops and a validnext hop,and then:
1、 Prefer highest weight (local to router).
2、Prefer highest local preference(global within AS).
3、Prefer route originated by the local router (next hop =0.0.0.0).
4 、Prefer shortest AS path.
5、Prefer lowest origin code(IGP
6 、Prefer lowest MED(exchannged between autonomoussystems).
7、Prefer EBGP path over IBGP paht.
8、Prefer the path through the closest iGP neighbor.
9、Prefer oldest route for EBGP paths.
10、Prefer the path with the lowest neighbor BGP routerID.
阅读全文
0 0
- BGP2
- BGP2
- EtherPeek NX
- Android 实现悬浮的几种方式(二)HeaderView显示隐藏
- USG6000v 通过静态IPv4 …
- BGP2
- httpd 2.4.25 php5.6.30…
- BGP2
- 帆软报表通过FR.showDialog打开对话框
- ubuntu httpd 开启 server-status
- Python往MySQL存储图片
- apache 2.4.25 关闭列出目录
- 第3章数据和C
- H3C路由器配置
- MyBatis框架环境搭建以及配置
- ubuntu停止httpd服务
