注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

乾颐堂_安德(Ender)的博客

学无前后达者为先,此博客是一个有态度网络技术共享平台,共享给大家更多知识和经验

 
 
 

日志

 
 
关于我

Ender“老湿”:双CCIE(R&S CCIE、ISP CCIE),思科认证讲师#34XXX,HCIE v2.0第一人。毕业于东北大学电子商务专业。在原公司及其他企业参与的重点项目和培训有: R&S CCIE专题课 SP CCIE专题课 思科支蜀援川项目 索尼中国(无锡)NP课程 能在这里找到我:QQ群106111081 我的微博:weibo.com/enderjoe

网易考拉推荐

BGP aggregation各种参数分析和演示  

2012-10-30 17:52:43|  分类: BGP视频和文档 |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |

BGP aggregation

Yeslab Ender(安德)制作,更多内容请关注:

http://www.yeslab.net/

http://blog.sina.com.cn/andrew14

BGP aggregation

1、实验目的:了解和掌握BGP聚合。

2、实验拓扑描述

3、实验步骤:

步骤一、建立基本的BGP连接

步骤二、汇总各个参数具体实验

 

 

1、实验目的:了解和掌握BGP聚合。

BGP的路由聚合是一项庞大而重要的任务,www.cidr-report.org公布的一项数据表明,中国某ISP通告的前缀数目总是名列前茅的,这自然会增加设备的负担以及其他一些性能。本实验涉及的内容包括:summary-only(只通告汇总路由)as-set(还原路由AS属性);suppress-map(抑制某些路由);attribute-map(可修改极少的一些属性),advertise-map以及通常的先汇总再通告的情况,route-map的参数,可以用这个参数在汇总之后的路由上增加一些属性比如community

 

2、实验拓扑描述

IP地址说明,比如R2上连接R3的地址为23.1.1.2/24,以此类推2012年10月30日 - ender.joe - Yeslab_Ender的博客

 

3、实验步骤:

步骤一、建立基本的BGP连接

如图所示R1R2建立EBGP邻居关系,AS200内为全互联的full-meshR4R5EBGP邻居关系

这里仅仅给出R4的邻居配置:

router bgp 200

 no synchronization

 bgp log-neighbor-changes

 network 44.1.1.0 mask 255.255.255.0

 redistribute connected route-map CONN---route-map匹配R4R5的直连,重分步到AS200

 neighbor 10.1.1.3 remote-as 200

 neighbor 10.1.1.5 remote-as 300

 neighbor 22.1.1.1 remote-as 200

 neighbor 22.1.1.1 update-source Loopback0

 neighbor 33.1.1.1 remote-as 200

 no auto-summary

我们来查看邻居情况

R4#show ip bgp summary

BGP router identifier 44.1.1.1, local AS number 200

-------------------------------------------------省略部分无关内容--------------------------------------------

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

10.1.1.3        4   200      95     104       61    0    0 01:31:55        0

10.1.1.5        4   300      98     142       61    0    0 01:31:40        1

22.1.1.1        4   200     450     431       61    0    0 01:13:17        2

 

步骤二、汇总各个参数具体实验

R1上增加环回口lo0---3并通告路由,然后观察汇总的路由情况

router bgp 100

 no synchronization

 bgp log-neighbor-changes

 network 1.1.1.0 mask 255.255.255.0

 network 11.1.0.0 mask 255.255.255.0

 network 11.1.1.0 mask 255.255.255.0

 network 11.1.2.0 mask 255.255.255.0

 

下面是一种通用的汇总办法,即先 用静态做一条汇总路由指向null 0,然后在BGP同通告该路由达到汇总的目的

R1(config)#ip route 11.1.0.0 255.255.252.0 null 0

R1(config)#router bgp 100

R1(config-router)#network 11.1.0.0 m 255.255.252.0

 

R1R2上查看路由情况

R1#show ip bgp

BGP table version is 64, local router ID is 11.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.1.0.0/24      0.0.0.0                  0         32768 i

*> 11.1.0.0/22      0.0.0.0                  0         32768 i---R1通告成功汇总路由

*> 11.1.1.0/24      0.0.0.0                  0         32768 i

*> 11.1.2.0/24      0.0.0.0                  0         32768 i

*> 11.1.3.0/24      0.0.0.0                  0         32768 i

 

R2#sh ip bgp

BGP table version is 44, local router ID is 22.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.1.0.0/24      12.1.1.1                 0             0 100 i

*> 11.1.0.0/22      12.1.1.1                 0             0 100 i-R2接收到汇总的路由,同时也收到了明细路由

*> 11.1.1.0/24      12.1.1.1                 0             0 100 i

*> 11.1.2.0/24      12.1.1.1                 0             0 100 i

*> 11.1.3.0/24      12.1.1.1                 0             0 100 i

 

步骤3、使用aggregate命令汇总

去掉之前的汇总

R1(config)#router bgp 100                 

R1(config-router)#no network 11.1.0.0 m 255.255.252.0

R1(config)#no ip route 11.1.0.0 255.255.252.0 null 0

 

只通告汇总之后的路由- summary-only参数

R1(config)#router bgp 100

R1(config-router)#aggregate-address 11.1.0.0 255.255.252.0 summary-only

 

查看R2的情况,它仅仅收到通告后的路由

R2#show ip bgp

BGP table version is 50, local router ID is 22.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.1.0.0/22      12.1.1.1                 0             0 100 i

 

另外一种情况,通告汇总路由,同时抑制某些路由不被通告出去- suppress-map

R1(config)#access-list 1 permit 11.1.2.0 0.0.0.255

R1(config)#route-map Sup

R1(config-route-map)#match ip address 1

R1(config)#router bgp 100

R1(config-router)#aggregate-address 11.1.0.0 255.255.252.0 suppress-map Sup

R1#clear ip bgp *

 

查看R1R2的路由情况

R1#show ip bgp

BGP table version is 11, local router ID is 11.1.3.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.1.0.0/24      0.0.0.0                  0         32768 i

*> 11.1.0.0/22      0.0.0.0                            32768 i

*> 11.1.1.0/24      0.0.0.0                  0         32768 i

s> 11.1.2.0/24      0.0.0.0                  0         32768 i---S代表被抑制,其他路由通告给R2

*> 11.1.3.0/24      0.0.0.0                  0         32768 i

R2上验证了我们预期的结果,没有11.1.2.0/24的路由

R2#show ip bgp

BGP table version is 63, local router ID is 22.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.1.0.0/24      12.1.1.1                 0             0 100 i

*> 11.1.0.0/22      12.1.1.1                 0             0 100 i

*> 11.1.1.0/24      12.1.1.1                 0             0 100 i

*> 11.1.3.0/24      12.1.1.1                 0             0 100 i

 

去掉R1上的汇总,以便我们进行下面的实验

R1(config)#router bgp 100

R1(config-router)#no aggregate-address 11.1.0.0 255.255.252.0 suppress-map Sup

 

步骤3、观察另外两个参数as-setattribute-map

我们在R2上做汇总,这种场景也很合乎逻辑,即某些ISP接收到路由后汇总它们

R2(config)#router bgp 200

R2(config-router)#aggregate-address 11.1.0.0 255.255.252.0 summary-only

 

查看R5以及R1的路由

R5#sh ip bgp

BGP table version is 80, local router ID is 55.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.1.0.0/22      10.1.1.3                               0 200 i

需要说明的是该路由是由R2产生的,且其源自IGP,不再具有其源自AS100的属性。所以我们看到只经过了AS200

 

R1#show ip bgp

BGP table version is 14, local router ID is 11.1.3.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.1.0.0/24      0.0.0.0                  0         32768 i

*> 11.1.0.0/22      12.1.1.2                 0             0 200 i

*> 11.1.1.0/24      0.0.0.0                  0         32768 i

*> 11.1.2.0/24      0.0.0.0                  0         32768 i

*> 11.1.3.0/24      0.0.0.0                  0         32768 i

需要说明的是该路由是由R2产生的,且其源自IGP,不再具有其源自AS100的属性,所以会传回给AS100 R1。对R1而言如果某条明细路由(如11.1.1.0)消失,而出现去往该网段的数据包时,会查找路由11.1.0.0/22而去往了R2

 

如果我们要还原其属性的话,需要在R2上增加as-set的参数

R2(config-router)#aggregate-address 11.1.0.0 255.255.252.0 summary-only as-set

我们预期R1不会接收该路由,因为该路由包含了AS100,依据eBGP的防环机制,R1不会接收,如下所示:

R1#show ip bgp

BGP table version is 15, local router ID is 11.1.3.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.1.0.0/24      0.0.0.0                  0         32768 i

*> 11.1.1.0/24      0.0.0.0                  0         32768 i

*> 11.1.2.0/24      0.0.0.0                  0         32768 i

*> 11.1.3.0/24      0.0.0.0                  0         32768 i

 

我们预期R5会接收该路由,同时R5上看到的AS-path200 100

R5#show ip bgp

BGP table version is 81, local router ID is 55.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.1.0.0/22      10.1.1.3                               0 200 100 i

请自行去掉R2的汇总,以便进行下面的实验

 

我们再来观察attribute-map参数

我们来想象一个场景,AS 100 公告某条路由,同时设置了它的community属性为no-export(不传递给真正的EBGP邻居)。为了方便我们进行下面的实验我们改造一下拓扑:

BGP aggregation各种参数分析和演示 - ender.joe - Yeslab_安德(Ender)的博客
 

 

R1R2AS100R3AS300R5AS400R4AS200

R3上的邻居关系:

R3#sh ip bgp summary

BGP router identifier 33.1.1.1, local AS number 300

 

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

10.1.1.4        4   200      32      44       10    0    0 00:09:47        0

10.1.1.5        4   400      33      45       10    0    0 00:09:46        0

23.1.1.2        4   100      39      43       10    0    0 00:09:46        4

现在我们在R2上做community

R2(config)#route-map No-ADV

R2(config-route-map)#set community no-export

R2(config)#router bgp 100

R2(config-router)#neighbor 23.1.1.3 send-community

R2(config-router)#neighbor 23.1.1.3 route-map No-ADV out

去查看R3的路由,并做汇总

R3(config)#router bgp 300

R3(config-router)#aggregate-address 11.0.0.0 255.0.0.0 as-set summary-only

 

验证:

R3#sh ip bgp

BGP table version is 10, local router ID is 33.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.0.0.0         0.0.0.0                       100  32768 100 i

s> 11.1.0.0/24      23.1.1.2                               0 100 i

s> 11.1.1.0/24      23.1.1.2                               0 100 i

s> 11.1.2.0/24      23.1.1.2                               0 100 i

s> 11.1.3.0/24      23.1.1.2                               0 100 i

R3#sh ip bgp 11.0.0.0

BGP routing table entry for 11.0.0.0/8, version 6

Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to EBGP peer)

  Not advertised to any peer

  100, (aggregated by 300 33.1.1.1)

    0.0.0.0 from 0.0.0.0 (33.1.1.1)

      Origin IGP, localpref 100, weight 32768, valid, aggregated, local, best

      Community: no-export---R3汇总路由之后继承了no-export的属性,那么R4R5将无法收到路由

R4#sh ip bgp

 

R4#

没有路由!

R5#sh ip bgp

 

我们利用attribute-map来修改它的属性,注意此参数只能修改极少的参数,community是其中之一:

R3(config)#route-map ATT permit 10

R3(config-route-map)# set community none----community设置为空

R3(config-router)#aggregate-address 11.1.0.0 255.255.252.0 as-set summary-only attribute-map ATT----汇总为22

验证:

R3#sh ip bgp 11.1.1.0 255.255.252.0

BGP routing table entry for 11.1.0.0/22, version 6

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Flag: 0x820

  Advertised to update-groups:

     1          2        

  100, (aggregated by 300 33.1.1.1)----本地做了汇总同时没有了原来的community

    0.0.0.0 from 0.0.0.0 (33.1.1.1)

      Origin IGP, localpref 100, weight 32768, valid, aggregated, local, best

 

查看R4R5

R4#sh ip bgp

BGP table version is 12, local router ID is 44.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.1.0.0/22      10.1.1.3                 0             0 300 100 i

R5#sh ip bgp

BGP table version is 12, local router ID is 55.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.1.0.0/22      10.1.1.3                 0             0 300 100 i

 

步骤4、观察advertise-map参数

现在R4增加新的环回口11.1.4.1 255.255.255.0,并通告到BGP

R4(config-if)#router bgp 200

R4(config-router)#network 11.1.4.0 m 255.255.255.0

 

R3上做汇总,汇总的范围更大:

R3(config-router)#aggregate-address 11.0.0.0 255.0.0.0 as-set summary-only

来观察R5

R5#sh ip bgp

BGP table version is 16, local router ID is 55.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.0.0.0         10.1.1.3                 0             0 300 {100,200} i--R5上得到了来自AS100AS200的路由,但是这样并不清晰

 

R3指向把AS200的路由通告给R5就需要用到advertise-map

R3(config)#access-list 11 permit 11.1.4.0 0.0.0.255

R3(config)#route-map Select

R3(config-route-map)#match ip address 11

R3(config-route-map)#aggregate-address 11.0.0.0 255.0.0.0 as-set summary-only advertise-map Select

 

R5

R5#sh ip bgp

BGP table version is 19, local router ID is 55.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*> 11.0.0.0         10.1.1.3                 0             0 300 200 i---只来自AS200

R5#sh ip bgp 11.0.0.0

BGP routing table entry for 11.0.0.0/8, version 19

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Flag: 0x820

  Not advertised to any peer

  300 200, (aggregated by 300 33.1.1.1)

    10.1.1.3 from 10.1.1.3 (33.1.1.1)

      Origin IGP, metric 0, localpref 100, valid, external, atomic-aggregate, best

 

关于Aggregation其实还有一个route-map的参数,可以用这个参数在汇总之后的路由上增加一些属性比如community等。不再赘述

实验完成

  评论这张
 
阅读(259)| 评论(0)
推荐 转载

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2017