BGP有条件通告的配置和验证 
版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 、作者信息和本声明。否则将追究法律责任。http://cisco.blog.51cto.com/26151/37963 | ||||||
由ITAA zmjjtu 作
BGP有条件通告的配置和验证
BGP有条件通告特性对所通告的路由提供了额外的控制,其依赖于BGP表中存在的其他前缀。
一般地,路由是否通告与存在的不同路径没有必然的联系。BGP有条件通告特性使用了命令neighbor advertise-map中non-exist-map和advertise-map两个关键字依赖路由前缀来追踪路由。如果路由前缀没有出现在命令non-exist-map所指定的外出路由中那么在命令advertise-map中被指定的路由就会通告出去。此特性在多宿主(multihomed)网络中很有作用,如果没有接收到来自其他服务提供商的某些信息(可能是对等体会话失败或只存在局部可达性)那么一些指定的前缀将被通告给其中一个服务提供商。
top图如下:
 在上图中,R103的loopback口用来将192.168.50.0/24通告给R102。默认情况下R102向其两个eBGP对等体R101和R103通告网络128.16.16.0/24。
通过BGP有条件通告特性可以在R102上完成以下两个任务:
① 如果192.168.50.0/24存在于R102的BGP表中,那么不将128.16.16.0/24通告给R101。
② 如果192.168.50.0/24不存在于R102的BGP表中,那么将128.16.16.0/24通告给R101。
配置如下:
1.验证当192.168.50.0/24在R102的BGP表中存在时的情况:
`````````````````````````````````````````````````````````````````````````````````````````````````````````````
查看R102的BGP表
R102# sh ip bgp
BGP table version is 6, local router ID is 128.16.16.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 128.16.16.0/24 0.0.0.0 0 32768 i
*> 130.130.0.0 0.0.0.0 0 32768 i
*> 192.168.50.0 10.10.20.3 0 0 3 i
*> 200.200.200.0 10.10.10.1 0 0 1 i
只要192.168.50.0/24在R102的BGP表中存在那么R102就一定不会向R101通告128.16.16.0/24
R102#sh ip bgp neighbors 10.10.10.1 advertised-routes
BGP table version is 6, local router ID is 128.16.16.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 130.130.0.0 0.0.0.0 0 32768 i
*> 192.168.50.0 10.10.20.3 0 0 3 i
注意没有向邻居10.10.10.1通告128.16.16.0/24
R102#sh ip bgp 128.16.16.0
BGP routing table entry for 128.16.16.0/24, version 5
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to non peer-group peers:
10.10.20.3
Local
0.0.0.0 from 0.0.0.0 (128.16.16.1)
Origin IGP, metric 0, localpref 100, weight 32768, valid, sourced, local, best
没有通告给R101
``````````````````````````````````````````````````````````````````````````````````````````````````````````````
检查R102上有条件通告的情况:
R102#sh ip bgp neighbors 10.10.10.1
BGP neighbor is 10.10.10.1, remote AS 1, external link
BGP version 4, remote router ID 200.200.200.1
BGP state = Established, up for 00:29:26
Last read 00:00:26, hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 2 1
Keepalives: 32 32
Route Refresh: 0 0
Total: 35 34
Default minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
BGP table version 6, neighbor version 6
Index 1, Offset 0, Mask 0x2
Condition-map NON-EXIST, Advertise-map ADVERTISE, status: Withdraw
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 2 1 (Consumes 36 bytes)
Prefixes Total: 2 1
Implicit Withdraw: 0 0
Explicit Withdraw: 0 0
Used as bestpath: n/a 1
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
advertise-map: 1 n/a
Bestpath from this peer: 1 n/a
Total: 2 0
Number of NLRIs in the update sent: max 1, min 0
(以下输出省略)
以上输出显示了有条件通告状态为“withdrawn”,与路由图ADVERTISE相匹配的网络没有向对等体10.10.10.1通告
`````````````````````````````````````````````````````````````````````````````````````````````````````````````````
为了证实和route-map“ADVERTISE”相匹配的路由没有向R101通告,现在来检查R101的BGP表
R101#sh ip bgp 128.16.16.0
% Network not in table
````````````````````````````````````````````````````````````````````````````````````````````````````````````````
2.接下来验证当192.168.50.0/24在R102的BGP表中不存在时的情况:
首先关闭R103上的loopback0使其不再向R102通告192.168.50.0/24
R103(config)#int lo0
R103(config-if)#sh
R103(config-if)#
01:05:13: %LINK-5-CHANGED: Interface Loopback0, changed state to administratively down
`````````````````````````````````````````````````````````````````````````````````````````````````````
查看R102的BGP表验证其没有学到192.168.50.0/24
R102# sh ip bgp
BGP table version is 8, local router ID is 128.16.16.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 128.16.16.0/24 0.0.0.0 0 32768 i
*> 130.130.0.0 0.0.0.0 0 32768 i
*> 200.200.200.0 10.10.10.1 0 0 1 i
BGP表中不存在192.168.50.0/24
````````````````````````````````````````````````````````````````````````````````````````````````````````
查看有条件通告要多长时间才能生效:
R102#debug ip bgp updates
BGP updates debugging is on
01:19:49: BGP(0): 10.10.20.3 rcv UPDATE about 192.168.50.0/24 -- withdrawn
01:19:49: BGP(0): no valid path for 192.168.50.0/24
R102#
01:19:49: BGP(0): nettable_walker 192.168.50.0/24 no best path
R102#
01:20:15: BGP(0): 10.10.20.3 computing updates, afi 0, neighbor version 12, table version 13, starting at 0.0.0.0
01:20:15: BGP(0): 10.10.20.3 update run completed, afi 0, ran for 4ms, neighbor version 12, start version 13, throttled to 13
R102#
01:20:18: BGP(0): 10.10.10.1 computing updates, afi 0, neighbor version 12, table version 13, starting at 0.0.0.0
01:20:18: BGP(0): 10.10.10.1 send unreachable 192.168.50.0/24
01:20:18: BGP(0): 10.10.10.1 send UPDATE 192.168.50.0/24 -- unreachable
01:20:18: BGP(0): 10.10.10.1 1 updates enqueued (average=27, maximum=27)
01:20:18: BGP(0): 10.10.10.1 update run completed, afi 0, ran for 0ms, neighbor version 12, start version 13, throttled to 13
R102#
01:20:28: BPG(0): Condition NON-EXIST changes to Advertise
01:20:28: BGP(0): net 128.16.16.0/24 matches ADV MAP ADVERTISE: bump version to 14
01:20:29: BGP(0): nettable_walker 128.16.16.0/24 route sourced locally
R102#
01:20:42: BGP(0): 10.10.20.3 computing updates, afi 0, neighbor version 13, table version 14, starting at 0.0.0.0
01:20:42: BGP(0): 10.10.20.3 skip UPDATE 128.16.16.0/24 (chgflags: 0x0), next 0.0.0.0, path
01:20:42: BGP(0): 10.10.20.3 update run completed, afi 0, ran for 0ms, neighbor version 13, start version 14, throttled to 14
R102#
01:20:47: BGP(0): 10.10.10.1 computing updates, afi 0, neighbor version 13, table version 14, starting at 0.0.0.0
01:20:47: BGP(0): 10.10.10.1 128.16.16.0/24 matches advertise map ADVERTISE, state: Advertise
01:20:47: BGP(0): 10.10.10.1 send UPDATE (format) 128.16.16.0/24, next 10.10.10.2, metric 0, path
01:20:47: BGP(0): 10.10.10.1 1 updates enqueued (average=52, maximum=52)
01:20:47: BGP(0): 10.10.10.1 update run completed, afi 0, ran for 8ms, neighbor version 13, start version 14, throttled to 14
有条件通告由BGP扫描进程触发,其每60s运行一次。这意味着有条件通告的最大生效时间为60s。有条件通告能很快的起到作用就依赖于追踪路由是否从BGP表中移除。
`````````````````````````````````````````````````````````````````````````````````````````````````````````````````
下面验证R102对邻居10.10.10.1有条件通告的情况:
R102#sh ip bgp neighbors 10.10.10.1
BGP neighbor is 10.10.10.1, remote AS 1, external link
BGP version 4, remote router ID 200.200.200.1
BGP state = Established, up for 01:00:43
Last read 00:00:43, hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 6 1
Keepalives: 63 63
Route Refresh: 0 0
Total: 70 65
Default minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
BGP table version 10, neighbor version 10
Index 1, Offset 0, Mask 0x2
Condition-map NON-EXIST, Advertise-map ADVERTISE, status: Advertise
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 2 1 (Consumes 36 bytes)
Prefixes Total: 4 1
Implicit Withdraw: 0 0
Explicit Withdraw: 2 0
Used as bestpath: n/a 1
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
advertise-map: 1 n/a
Bestpath from this peer: 1 n/a
Total: 2 0
Number of NLRIs in the update sent: max 1, min 0
(以下输出省略)
现在R101的BGP表中有128.16.16.0/24的信息
R101#sh ip bgp
|