Skip to main content

 路由器设置 > 新闻资讯 >

BGP的分解实验

2013-09-27 23:41 浏览:

134158341.jpg

1.作业准备:

如图所示先建立R1~R5BGP邻居关系(R6R7会在随后的题目中添加),R2R3底层运行RIPV2,属于AS23,使用环回口10.10.X.X/24建立IBGP邻居关系;R1R4R5运行EIGRP,属于AS145,使用环回口10.10.X.X/24建立IBGP邻居关系,在R3R4之间利用直连接口1.1.34.X/24建立EBGP邻居关系,在R1R2之间利用直连接口1.1.12.X/24建立EBGP邻居关系,所有的BGProuter-ID都是X.X.X.X

 

配置:

R1:

Interfaceloopback0

Ipaddress10.10.1.1255.255.255.0

Interfaces1/0

Ipaddress1.1.12.1255.255.255.0

Noshutdown

Interfacef0/0

Ipaddress1.1.145.1255.255.255.0

Noshutdown

Routereigrp90

Noauto-summary

Network10.10.1.10.0.0.0

Network1.1.145.10.0.0.0

Routerbgp145

Bgprouter-id1.1.1.1

Neighbor1.1.12.2remote-as23

Neighbor10.10.4.4remote-as145

Neighbor10.10.4.4update-sourceloopback0

Neighbor10.10.4.4next-hop-self

Neighbor10.10.5.5remote-as145

Neighbor10.10.5.5update-sourceloopback0

Neighbor10.10.5.5next-hop-self

-----------------------------------------------------------------

 

R2:

Interfaceloopback0

Ipaddress10.10.2.2255.255.255.0

Interfaces1/0

Ipaddress1.1.12.2255.255.255.0

Noshutdown

Interfaces1/1

Ipaddress1.1.23.2255.255.255.0

Noshutdown

Routerrip

Version2

Noauto-summary

Network1.0.0.0

Network10.0.0.0

Routerbgp23

Bgprouter-id2.2.2.2

Neighbor1.1.12.1remote-as145

Neighbor10.10.3.3remote-as23

Neighbor10.10.3.3update-sourceloopback0

--------------------------------------------------------------------

 

R3:

Interfaceloopback0

Ipaddress10.10.3.3255.255.255.0

Interfaces1/0

Ipaddress1.1.34.3255.255.255.0

Noshutdown

Interfaces1/1

Ipaddress1.1.23.3255.255.255.0

Noshutdown

Routerrip

Version2

Noauto-summary

Network1.0.0.0

Network10.0.0.0

Routerbgp23

Bgprouter-id3.3.3.3

Neighbor1.1.34.4remote-as145

Neighbor10.10.2.2remote-as23

Neighbor10.10.2.2update-sourceloopback0

---------------------------------------------------------------------

 

R4:

Interfaceloopback0

Ipaddress10.10.4.4255.255.255.0

Interfaces1/0

Ipaddress1.1.34.4255.255.255.0

Noshutdown

Interfacef0/0

Ipaddress1.1.145.4255.255.255.0

Noshutdown

Routereigrp90

Noauto-summary

Network1.1.145.40.0.0.0

Network10.10.4.40.0.0.0

Routerbgp145

Bgprouter-id4.4.4.4

Neighbor1.1.34.3remote-as23

Neighbor10.10.1.1remote-as145

Neighbor10.10.1.1update-sourceloopback0

Neighbor10.10.1.1next-hop-self

Neighbor10.10.5.5remote-as145

Neighbor10.10.5.5update-sourceloopback0

Neighbor10.10.5.5next-hop-self

---------------------------------------------------------------------------------------------------------------

 

R5:

Interfaceloopback0

Ipaddress10.10.5.5255.255.255.0

Interfacef0/0

Ipaddress1.1.145.5255.255.255.0

Noshutdown

Routereigrp90

Noauto-summary

Network1.1.145.50.0.0.0

Network10.10.5.50.0.0.0

Routerbgp145

Bgprouter-id5.5.5.5

Neighbor10.10.1.1remote-as145

Neighbor10.10.1.1update-sourceloopback0

Neighbor10.10.1.1next-hop-self

Neighbor10.10.4.4remote-as145

Neighbor10.10.4.4update-sourceloopback0

Neighbor10.10.4.4next-hop-self

--------------------------------------------------------------------------------------------------------------

 

2.R2上将1.1.23.0/24宣告进BGP要求在R5BGP表中看到关于1.1.23.0/242条条目,并且来自R1的这条路由能出现在R5的路由表中

 

配置:

R2:

Routerbgp23

Network1.1.23.0mask255.255.255.0

 

现象:

R5:showiproute

1.0.0.0/24issubnetted,2subnets

B1.1.23.0[200/0]via10.10.1.1,00:00:12

C1.1.145.0isdirectlyconnected,FastEthernet0/0

10.0.0.0/24issubnetted,3subnets

D10.10.1.0[90/156160]via1.1.145.1,00:05:27,FastEthernet0/0

D10.10.4.0[90/156160]via1.1.145.4,00:05:30,FastEthernet0/0

C10.10.5.0isdirectlyconnected,Loopback0

----------------------------------------------------------

 

3.在R1上将和R4的邻居关系管理性关闭,修改R1的BGProuter-ID为4.4.4.4,观察R5上的BGP表项,要求使R5上BGP显示为下面所示:次序必须一致(完成以后还原R1BGPRID1.1.1.1

*i1.1.23.0/2410.10.4.40100023i

*>i10.10.1.10100023i

 

配置:

R1:

Routerbgp145

Neighbor10.10.4.4shutdown

Bgprouter-id4.4.4.4

R5:

Clearipbgp10.10.4.4

 

 

现象:

R5:showipbgp

NetworkNextHopMetricLocPrfWeightPath

*i1.1.23.0/2410.10.4.40100023i

*>i10.10.1.10100023i

 

R5:showipbgp1.1.23.0

GProutingtableentryfor1.1.23.0/24,version6

Paths:(2available,best#2,tableDefault-IP-Routing-Table)

Notadvertisedtoanypeer

23

10.10.4.4(metric156160)from10.10.4.4(4.4.4.4)

OriginIGP,metric0,localpref100,valid,internal

23

10.10.1.1(metric156160)from10.10.1.1(4.4.4.4)

OriginIGP,metric0,localpref100,valid,internal,best

 

结论:路由器可以接收来自两个route-id一样的路由器的路由,BGP表中位置在越上面,表示这条路由是最新收到的

 

4.R2上做设置,使得R1上收到这条路由时增加300500这两个AS-PATH,使用前缀列表,route-map的名称为R2-R1-OUT

 

配置:

R2:

Ipprefix-list23permit1.1.23.0/24

Route-mapR2-R1-OUT

Matchipaddressprefix-list23

Setas-pathprepend300500

Route-mapR

Routerbgp23-R-OUTpermit20

Neighbor1.1.12.1route-mapR2-R1-OUTout

 

 

 

现象:

R1:showipbgp

NetworkNextHopMetricLocPrfWeightPath

*1.1.23.0/241.1.12.20023300500i

*>i10.10.4.40100023i

 

需求:还原R2配置,在R1上实现同样需求,route-map的名称为R2-R1-IN;仔细分析这两种方式最终在R1上的显示有何不同,为什么?(完成以后还原配置,删除route-map和前缀列表

 

配置:

R1:

Ipprefix-list23permit1.1.23.0/24

Route-mapR2-R1-IN

Matchipaddressprefix-list23

Setas-pathprepend300500

Route-mapR2-R1-INpermit20

Routerbgp145

Neighbor1.1.12.2route-mapR2-R1-INin

 

现象:

R1:showipbgp

NetworkNextHopMetricLocPrfWeightPath

*1.1.23.0/241.1.12.20030050023i

*>i10.10.4.40100023i

 

结论:在BGP表中的Path项中,位置越是靠左的,表示AS号越是最新添加的,如果在出方向上调用添加AS配置的话,那么顺序将是先添加route-map中增加的AS,然后在传出AS23时再添加AS23,所以结果是23300500,如果是在入方向调用添加AS配置的话,那么顺序将是先收到来自AS23的路由,然后再添加route-map中增加的AS,所以结果是30050023

 

 

5.添加300500这样的AS号是一种不好的方式,请更改使用更合适的方式实现延长AS-PATH的目的。如果在R2上使用了prepend145145145来加长AS-PATH长度的话,那么R1上将收不到这条路由,为什么?通过在R1上配置,使R1能收到这条路由(完成以后还原配置,删除route-map和前缀列表

 

配置:

R1:

Routerbgp145

Neighbor1.1.12.2allowas-in3

R2:

Ipprefix-list23permit1.1.23.0/24

Route-mapR2-R1-OUT

Matchipaddressprefix-list23

Setas-pathprepend145145145

Route-mapR2-R1-OUTpermit20

Routerbgp23

Neighbor1.1.12.1route-mapR2-R1-OUTout

 

 

 

现象:

R1:showipbgp

NetworkNextHopMetricLocPrfWeightPath

*1.1.23.0/241.1.12.20023145145145i

*>i10.10.4.40100023i

 

结论:如果在出方向上增加了路由将要到达的AS号的话,这条路由在还没到达下个AS时就已经带有了下个AS的号了,那么根据EBGP路由防环原则,下个AS将不会收带有本AS号的路由,所以,无论是在出方向或是入方向添加AS号,都应该对已经出现在本路由的路由添加自己的AS

 

 

 

 

6.添加路由器R6,属于AS600,通过直连1.1.26.X/24R2建立eBGP邻居关系,将环回口6.6.6.6/24宣告进BGP;在R2上使用前缀列表匹配6.6.6.0/24,使用R2-R1-OUTroute-mapsetas-pathprependlast-as2,使得R1上看到的AS-PATH长度变长

 

 

 

配置:

R2:

Ipprefix-list6permit6.6.6.0/24

Route-mapR2-R1-OUT

Matchipaddressprefix-list6

Setas-pathprependlast-as2

Route-mapR2-R1-OUTpermit20

Interfaces1/2

Ipaddress1.1.26.2255.255.255.0

Noshutdown

Routerbgp23

Neighbor1.1.26.6remote-as600

Neighbor1.1.12.1route-mapR2-R1-OUTout

 

---------------------------------------------------------------------------------------------

R6:

Interfaceloopback0

Ipaddress6.6.6.6255.255.255.0

Interfaces1/2

Ipaddress1.1.26.6255.255.255.0

Noshutdown

Routerbgp600

Bgprouter-id6.6.6.6

Neighbor1.1.26.2remote-as23

Network6.6.6.0mask255.255.255.0

 

 

 

现象:

R1:showipbgp

NetworkNextHopMetricLocPrfWeightPath

*>1.1.23.0/241.1.12.20023i

*i10.10.4.40100023i

*>i6.6.6.0/2410.10.4.40100023600i

*1.1.12.2023600600600I

 

需求:将R2上的策略删除,将其放在R1上实现同样的需求,仔细观察两者的区别,理解last-as语句的意思

 

 

配置:

R1:

Ipprefix-list6permit6.6.6.0/24

Route-mapR2-R1-IN

Matchipaddressprefix-list6

Setas-pathprependlast-as2

Route-mapR2-R1-INpermit20

Routerbgp145

Neighbor1.1.12.2route-mapR2-R1-INin

 

 

现象:

R1:showipbgp

NetworkNextHopMetricLocPrfWeightPath

*>1.1.23.0/241.1.12.20023i

*i10.10.4.40100023i

*>i6.6.6.0/2410.10.4.40100023600i

*1.1.12.20232323600i

 

结论:无论是出方向还是入方向,增加的AS号都是上个AS的号,默认的添加次数是3

 

7.R1上仅将6.6.6.0/24这一条路由重分布进EIGRP,在R5或者R4上观察EIGRP拓扑表,观察这条从BGP重分布进来的路由有什么特征?总结:当把BGP路由重分布进IGP时会有什么默认行为

 

配置:

R1:

Route-mapRED

Matchipaddressprefix-list6

Routereigrp90

Redistributebgp145metric1000001025511500route-mapRED

 

现象:

R5:showiproute6.6.6.0

Routingentryfor6.6.6.0/24

Knownvia"eigrp90",distance170,metric30720

Tag23,typeexternal

Redistributingviaeigrp90

Lastupdatefrom1.1.145.1onFastEthernet0/0,00:00:28ago

RoutingDescriptorBlocks:

*1.1.145.1,from1.1.145.1,00:00:28ago,viaFastEthernet0/0

Routemetricis30720,trafficsharecountis1

Totaldelayis200microseconds,minimumbandwidthis100000Kbit

Reliability255/255,minimumMTU1500bytes

Loading1/255,Hops1

 

 

结论:向IGP中重分布BGP路由时,默认会带有上个AS号的Tag

 

 

 

8.R4上管理性关闭和R1R5BGP邻居关系;这时应该在R4上可以看到DEX6.6.6.0/24安装在路由表中;shiproute6.6.6.0/24注意这条路由有什么特征?在R2上管理性关闭和R3的邻居关系,让R3不能从R2收到路由;同时在R4上将6.6.6.0/24重分布进BGP,使用一条命令使这条路由可以在R4通告给R3时带上AS-PATH属性23,不允许出现prepend关键词;总结:结合第7题,分析这样操作的意义(还原设置,R1上去掉BGPEIGRP的重分布,R4上去掉EIGRPBGP的重分布,打开所有的邻居管理性关闭,注意这时R3能不能收到这条路由

 

 

配置:

R2:

Routerbgp23

Neighbor10.10.3.3shutdown

R4:

Ipprefix-list6permit6.6.6.0/24

Route-mapD-B

Matchipaddressprefix-list6

Setas-pathtag

Routerbgp145

Neighbor10.10.1.1shutdown

Neighbor10.10.5.5shutdown

Redistributeeigrp90route-mapD-B

 

现象:

R4:showipbgpneighbor1.1.34.3advertised-routes

NetworkNextHopMetricLocPrfWeightPath

*>6.6.6.0/241.1.145.1307203276823?

 

结论:在R4R3发送的6.6.6.0BGP路由时已经带上了AS23,所以根据EBGP防环原则,R3将不会收这条路由,setas-pathtag这条命令的作用是将IGP中路由的TAG值增加到ASPath中,这样可以防止从原始AS中重分布出去的路由,通过不运行BGPIGP区域过渡,再次重分布进原始AS中,从一定程度上防止了路由环路

 

 

9.R2上将10.10.3.0/24这条R路由宣告进BGP,在R2上观察此路由和R2直连的那条1.1.23.0/24有什么不同(下一跳和metric

 

配置:

R2:

Routerbgp23

Network10.10.3.0mask255.255.255.0

 

现象:

R2:showipbgp10.10.3.0

BGProutingtableentryfor10.10.3.0/24,version4

Paths:(1available,best#1,tableDefault-IP-Routing-Table)

Advertisedtononpeer-grouppeers:

1.1.12.11.1.26.610.10.3.3

Local

1.1.23.3from0.0.0.0(2.2.2.2)

OriginIGP,metric1,localpref100,weight32768,valid,sourced,local,best

 

 

R2:showipbgp1.1.23.0

BGProutingtableentryfor1.1.23.0/24,version2

Paths:(1available,best#1,tableDefault-IP-Routing-Table)

Advertisedtononpeer-grouppeers:

1.1.12.11.1.26.610.10.3.3

Local

0.0.0.0from0.0.0.0(2.2.2.2)

OriginIGP,metric0,localpref100,weight32768,valid,sourced,local,best

 

 

 

结论:如果BGP中宣告直连路由,那么下一跳是0.0.0.0metric0,如果BGP中宣告IGP路由,那么下一跳将是IGP中到达这条路由的下一跳,和IGP中到达这条路由的METRIC

 

 

 

10.R1上现在能看到1.1.23.0/24这条路由,BGP优选了来自R2的,在R1上设置,利用origin属性,使R1收到来自R2的这条路由的origin属性变为e,这时R1如何选谁为最优

 

配置:

R1:

Route-mapORI

Matchipaddressprefix-list23

Setoriginegp800

Routerbgp145

Neighbor1.1.12.2route-mapORI

 

现象:

R1:showiproute

NetworkNextHopMetricLocPrfWeightPath

*>i1.1.23.0/2410.10.4.40100023i

*1.1.12.20023e

*i6.6.6.0/2410.10.4.40100023600i

*>1.1.12.2023600i

*>10.10.3.0/241.1.12.21023i

 

需求:再将从R4收来的这条路由origin属性设置为?,此时R1如何选择?(完成后还原所有origincode

 

配置:

R1:

Route-mapORI

Matchipaddressprefix-list23

Setoriginincomplete

 

现象:

R1:showipbgp

NetworkNextHopMetricLocPrfWeightPath

*>i1.1.23.0/2410.10.4.40100023i

*1.1.12.20023?

*i6.6.6.0/2410.10.4.40100023600i

*>1.1.12.2023600i

*>10.10.3.0/241.1.12.21023i

 

结论:起源属性i优于e?setoriginegp后面的数字可以是任意数字

 

11.R1上将所有发出的IBGP路由和收到的EBGP路由的默认local-preference值改为400;在R4上使用R4-R5-OUTroute-map匹配1.1.23.0/24这条路由将local-preference值改为500,使用nei10.10.5.5R4-R5-OUTroute-mapout来完成需求,此时有没有成功?为什么?在R4上操作如何才能实现需求,使R5优选R4作为自己的下一跳去往AS23?(完成后,还原所有local-preference

 

 

配置:

R1:

Routerbgp145

Bgpdefaultlocal-preference400

R4:

Route-mapR4-R5-OUT

Matchipaddressprefix-list23

Setlocal-preference500

Route-mapR4-R5-OUTpermit20

Routerbgp145

Neighbor10.10.5.5route-mapR4-R5-OUTout

 

现象:

R5:showipbgp

NetworkNextHopMetricLocPrfWeightPath

*>i1.1.23.0/2410.10.1.10400023i

*>i6.6.6.0/2410.10.1.10400023600i

*>i10.10.3.0/2410.10.1.11400023i

 

结论:没有成功,因为,在R4上,去往1.1.23.0的下一跳是R1,所以R4收的是R1传来的关于1.1.23.0IBGP路由,根据IBGP水平分割原则,R4将不会把这条路由发给R5,所以R5上只能收到来自R1的关于1.1.23.0的路由

 

需求:在R4上操作如何才能实现需求,使R5优选R4作为自己的下一跳去往AS23?(完成后,还原所有local-preference

 

配置:

R4:

Route-mapR3-R4-IN

Matchipaddressprefix-list23

Setlocal-preference500

Route-mapR3-R4-INpermit20

Routerbgp145

Neighbor1.1.34.3route-mapR3-R4-INin

 

现象:

R5:showipbgp

NetworkNextHopMetricLocPrfWeightPath

*>i1.1.23.0/2410.10.4.40500023i

*>i6.6.6.0/2410.10.1.10400023600i

*>i10.10.3.0/2410.10.1.11400023i

 

结论:在入方向设置local-preference将同时影响自己和自己的下游路由器

 

 

12.R3R2上做设置,利用MED使R5去往1.1.23.0/24网段通过R3

 

配置:

R2:

Ipprefix-list23permit1.1.23.0/24

Route-mapMED

Matchipaddressprefix-list23

Setmetric200

Route-mapMEDpermit20

Routerbgp23

Neighbor1.1.12.1route-mapMEDout

R3:

Ipprefix-list23permit1.1.23.0/24

Route-mapMED

Matchipaddressprefix-list23

Setmetric100

Route-mapMEDpermit20

Routerbgp23

Neighbor1.1.34.4route-mapMEDout

 

现象:

R5:showipbgp

NetworkNextHopMetricLocPrfWeightPath

*>i1.1.23.0/2410.10.4.4100100023i

*i6.6.6.0/2410.10.4.40100023600i

*>i10.10.1.10100023600i

*>i10.10.3.0/2410.10.1.11100023i

 

结论:MED的作用是,告诉其他AS的路由器,通过哪个路由来访问本ASMED越小,路径越优

 

13.如图所示添加R7R7属于BGPAS700,和R5建立直连口eBGP邻居,观察1.1.23.0/24这条路由有没有MED值?为什么?

 

配置:

R5:

Interfaces1/0

Ipaddress1.1.57.5255.255.255.0

Noshutdown

Routerbgp145

Neighbor1.1.57.7remote-as700

R7:

Interfaces1/0

Ipaddress1.1.57.7255.255.255.0

Noshutdown

Routerbgp700

Bgprouter-id7.7.7.7

Neighbor1.1.57.5remote-as145

 

现象:

R7:showipbgp1.1.23.0

BGProutingtableentryfor1.1.23.0/24,version3

Paths:(1available,best#1,tableDefault-IP-Routing-Table)

Notadvertisedtoanypeer

14523

1.1.57.5from1.1.57.5(5.5.5.5)

OriginIGP,localpref100,valid,external,best

 

结论:MED值只在一个AS内生效,不会传到下个AS

需求:如果要求缺失了MED值的这些路由全部设置为最大MED值的话,应该在R7上做什么设置?

配置:

R7:

Routerbgp700

Bgpbestpathmedmissing-as-worse

 

现象:

R7:showipbgp

NetworkNextHopMetricLocPrfWeightPath

*>1.1.23.0/241.1.57.54294967295014523i

*>6.6.6.0/241.1.57.54294967295014523600i

*>10.10.3.0/241.1.57.54294967295014523I

 

结论:真实情况下,如果传入下个AS时没有MED值,MED在下一个AS中会设置成4294967294,并且在bgp表中是可以优化的,如果MED值是4294967295,路由将无法优化,但在模拟器下,传入下个AS时,MED被设置成4294967295,并且路由还是能够优化的