路由协议_Bgp

、 BGP FUNDAMENTALS e With the exception of the neighbor ebgp-multihop router configuration command, the commands for configuring EBGP&IBGP are the same Within as AS, BGP peers don't need to be directly connected router bgp command enables a bgP routing process and assigns to it a AS number e neighbor remote-as command adds an entry to the bGP neighbor table specifying that the peer identified by a particular ip address belongs to the specified aS for EBGP, neighbor IP address is usually the Ip address directly connected for IBGP, neighbor IP address can be the IP address of any of the router' s interfaces e To verify that bgP peers are up, use the show ip bgp neighbor, if it doesnt show that state=established, then the peers are not up the remote router Id is the highest ip address or highest loopback interface on that router. the table version number increments by new e clear ip bgp to reset the bgp session after make a configuration change INTERNAL BGP 当 BGP speaker收到同一个AS域中其他的 BGP speaker发来的路由信息时 该 BGP speaker只通过EBGP向外部的 BGP speaker发送收到的信息,所以在同 AS域中必须fu1 I meshed loopback interface 当使用某一物理端口作为 neighbor remote-as中的地址时,若该端口不能使 用,则两个路由器将不能连通。使用 loopback interface就没有这一顾虑。 router bgp 100 neighbor 190. 225. 22. 2 remote-as 100 neighbor 190. 225 22.2 update-source loopback 0 neighbor update- source是指明用于连接的是 loopback端口,而不是物 理端口 由于 EBGP peers之间通常是端对端互连的,必须依赖物理端口的连接,因 此较少使用1 borba EXTERNAL BGP ip multihop: 当两个 BGP speaker之间不能直接连接时使用,这时可通过两者的 loopback 端口互连,并使用 neighbor ebgp-multihop,但在配置中必须加上静态路由或起 IGP,以保证两者能互通 loopback interface 0 ip addi ress router bgp 100

一、BGP FUNDAMENTALS ⚫ With the exception of the neighbor ebgp-multihop router configuration command,the commands for configuring EBGP&IBGP are the same. ⚫ Within as AS,BGP peers don't need to be directly connected ⚫ router bgp command enables a BGP routing process and assigns to it a AS number ⚫ neighbor remote-as command adds an entry to the BGP neighbor table specifying that the peer identified by a particular IP address belongs to the specified AS. for EBGP ,neighbor IP address is usually the IP address directly connected. for IBGP, neighbor IP address can be the IP address of any of the router's interfaces. ⚫ To verify that BGP peers are up,use the show ip bgp neighbor, if it doesn't show that state=established,then the peers are not up. the remote router ID is the highest ip address or highest loopback interface on that router. the table version number increments by new incoming information ⚫ clear ip bgp to reset the bgp session after make a configuration change INTERNAL BGP 当 BGP speaker 收到同一个 AS 域中其他的 BGP speaker 发来的路由信息时， 该 BGP speaker 只通过 EBGP 向外部的 BGP speaker 发送收到的信息，所以在同 一 AS 域中必须 full meshed loopback interface: 当使用某一物理端口作为 neighbor remote-as 中的地址时，若该端口不能使 用，则两个路由器将不能连通。使用 loopback interface 就没有这一顾虑。 router bgp 100 neighbor 190.225.22.2 remote-as 100 neighbor 190.225.22.2 update-source loopback 0 neighbor update-source 是指明用于连接的是 loopback 端口，而不是物 理端口。 由于 EBGP peers 之间通常是端对端互连的，必须依赖物理端口的连接，因 此较少使用 loopback EXTERNAL BGP ip multihop: 当两个 BGP speaker 之间不能直接连接时使用，这时可通过两者的 loopback 端口互连，并使用 neighbor ebgp-multihop,但在配置中必须加上静态路由或起 IGP，以保证两者能互通。 !Router A loopback interface 0 ip address 129.213.1.1 ! router bgp 100

neighbor 180. 225.11.I remote-as 300 neighbor 180. 225 I1 I ebgp-multihop neighbor 180. 225. I1 I update-source loopback 0 ! oute loopback interface 0 ip address 180, 225 11.1 router bgp 300 neighbor 129 213.1.I remote-as 100 neighbor 129. 213.1. I ebgp-multihop neighbor 129 213.1. I update-source loopback 0 EBGP LOAD BALANCING 当两个AS之间通过多条链路连接时,使用 neighbor ebgp-multihop,使BGP 同时使用这多条链路,可以实现 load balancing i router A interface loopback 0 ip address I50.l0.1.1255.255.25.0 router bgp 100 neighbor 160. 10.1 . I remote-as 200 neighbor 160. 10. 1. I ebgp-multihop neighbor 160. 10.1. I update-source loopback 0 network 150.10.0.0 ip route I60.1O.0.0255.255.0.01.l.1.2 ip route l60.10.0.0255.255.0.02.2.2.2 7 router B interface loopback 0 ip address I60.0.1.1255.255.25.0 router bgp 200 neighbor 150 10.1.1 remote-as 100 neighbor 150. 10.1. I ebgp-multihop neighbor 150. 10. I I update-source loopback 0 network 160.10.0.0 ip route 150.l0.0.0255.255.0.01.1.l.1 Ip route150.10.0.0255.25.0.02.2.2.1 sYNchroNIzation (no synchronization) BGP同步规则规定如果一个AS域为另一个AS域提供传输服务时,则只有在 该AS域中所有的路由器都通过IGP学到一条路由信息时,才将这条信息广播出去 不使用同步,传输可快速一些,但可能引起数据包丢失。只有符合下列条件时可

neighbor 180.225.11.1 remote-as 300 neighbor 180.225.11.1 ebgp-multihop neighbor 180.225.11.1 update-source loopback 0 !Router B loopback interface 0 ip address 180.225.11.1 ! router bgp 300 neighbor 129.213.1.1 remote-as 100 neighbor 129.213.1.1 ebgp-multihop neighbor 129.213.1.1 update-source loopback 0 EBGP LOAD BALANCING 当两个 AS 之间通过多条链路连接时，使用 neighbor ebgp-multihop，使 BGP 同时使用这多条链路，可以实现 load balancing ！router A interface loopback 0 ip address 150.10.1.1 255.255.255.0 ! router bgp 100 neighbor 160.10.1.1 remote-as 200 neighbor 160.10.1.1 ebgp-multihop neighbor 160.10.1.1 update-source loopback 0 network 150.10.0.0 ! ip route 160.10.0.0 255.255.0.0 1.1.1.2 ip route 160.10.0.0 255.255.0.0 2.2.2.2 ! router B interface loopback 0 ip address 160.10.1.1 255.255.255.0 ! router bgp 200 neighbor 150.10.1.1 remote-as 100 neighbor 150.10.1.1 ebgp-multihop neighbor 150.10.1.1 update-source loopback 0 network 160.10.0.0 ! ip route 150.10.0.0 255.255.0.0 1.1.1.1 ip route 150.10.0.0 255.255.0.0 2.2.2.1 SYNCHRONIZATION (no synchronization) BGP 同步规则规定如果一个 AS 域为另一个 AS 域提供传输服务时，则只有在 该AS域中所有的路由器都通过IGP学到一条路由信息时，才将这条信息广播出去。 不使用同步，传输可快速一些，但可能引起数据包丢失。只有符合下列条件时可

不使用同步:1、该AS不为其他两个AS提供通道2、该AS域内都走BGP。 二、BGP& Route maps outer map与BGP一起使用时可控制路由信息,并可定义路由再分配的条件 route-map map-tag [permit deny] [sequence-number]l, map-tag RE route-map 的标识号, sequence- number是每一个 route map条件的标识号。 BGP使用 route-map时,从最小的 sequence- number开始对应 Match用于定义一些必须符合的条件,set是定义当符合 match中的条件时 所采取的一些动作。如: match ip address 1.1.1.1 set metric 例: route A与 route b走RIP, route A与 route c走BGP。 Route a对从 170.10.0.0来的路由设 metric为2,其他为5: router A router rip rk3.0.0.0 network 2.0.0.0 network 150.10.0.0 passive-interface serial 0 redistribute bgp 100 route-map setmetric neighbor 2.2.2. 3 remote-as network 50.10.0 0 metric permit 10 atch ip-address I route-map setmetric permit set metric 5 access-list I permit 170. 10.0.00.0.255.255 若在 router C上对170.10.0.0的 outgoing包设 community attribute为 30 /router C outer bgp 300 network 170.10.0.0 neighbor 2.2. 2 2 remote-as 100 neighbor 2.2.2.2 route-map setcommunity out route-map setcommunity permit 10 ddress l

不使用同步：1、该 AS 不为其他两个 AS 提供通道 2、 该 AS 域内都走 BGP。 二、BGP & Route Maps router map 与 BGP 一起使用时可控制路由信息，并可定义路由再分配的条件： route-map map-tag [[permit|deny]|[sequence-number]], map-tag是route-map 的标识号，sequence-number 是每一个 route map 条件的标识号。 BGP 使用 route-map 时，从最小的 sequence-number 开始对应。 Match 用于定义一些必须符合的条件，set 是定义当符合 match 中的条件时 所采取的一些动作。如： route-map mymap permit 10 match ip address 1.1.1.1 set metric 5 例：route A 与 route B 走 RIP，route A 与 route C 走 BGP。Route A 对从 170.10.0.0 来的路由设 metric 为 2,其他为 5: !router A router rip network 3.0.0.0 network 2.0.0.0 network 150.10.0.0 passive-interface serial 0 redistribute bgp 100 route-map setmetric ! router bgp 100 neighbor 2.2.2.3 remote-as 300 network 150.10.0.0 ! route-map setmetric permit 10 match ip-address 1 set metric 2 ! route-map setmetric permit 20 set metric 5 ! access-list 1 permit 170.10.0.0 0.0.255.255 若在 router C 上对 170.10.0.0 的 outgoing 包设 community attribute 为 300: !router C router bgp 300 network 170.10.0.0 neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 route-map setcommunity out ! route-map setcommunity permit 10 match ip address 1

set community 300 access-list I permit 0.0.0.0 255. 255. 255. 255 Advertising Networks BGP通过三种方法对外广播其AS内的路由信息:重分配静态路由、重分配动 态路由、用 network命令。 redistributing static routes router bgp 200 neighbor l.1.1. I remote-as 300 redistribute static ip route 175.220.0.00.0.255.255mull0 edistribute dynamic routes 有些IGP路由是通过BGP学到的,因此需用 access list阻止这些路由被再 分配回BGP router router eigrp 10 network175.220.0.0 redistribute bgp 200 redistributed connected default-metric 1000 100 250 1500 router bgp 200 neighbor I.1.1. I remote-as 300 neighbor 2.2.2.2 remote-as 200 neighbor 1.1.1 .I distribute-list I out redistribute eigrp 10 access-list I permit 175. 220. 0.00.0.255.255 通常应避免将BGP再分配入IGP,因为这样会导致太多的路由注入AS中。 use the network command 在BGP中使用 network命令定义AS的起始处,而在IGP中, network命令则 指定起IGP的端口。 router c router bgp 200 neighbor I.I.1.I remote-as 300 network175.220.0.0 BGP Decicion Algori thm As path Attribute 当有更新信息通过AS时,BGP将在前面加上自己的AS号。 Origin attribute 路由的 Origin属性有以下三种

set community 300 ! access-list 1 permit 0.0.0.0 255.255.255.255 Advertising Networks BGP 通过三种方法对外广播其 AS 内的路由信息:重分配静态路由、重分配动 态路由、用 network 命令。 redistributing static routes !router c router bgp 200 neighbor 1.1.1.1 remote-as 300 redistribute static ! ip route 175.220.0.0 0.0.255.255 null 0 redistribute dynamic routes 有些 IGP 路由是通过 BGP 学到的，因此需用 access list 阻止这些路由被再 分配回 BGP。 ！router c router eigrp 10 network 175.220.0.0 redistribute bgp 200 redistributed connected default-metric 1000 100 250 100 1500 ! router bgp 200 neighbor 1.1.1.1 remote-as 300 neighbor 2.2.2.2 remote-as 200 neighbor 1.1.1.1 distribute-list 1 out redistribute eigrp 10 ! access-list 1 permit 175.220.0.0 0.0.255.255 通常应避免将 BGP 再分配入 IGP，因为这样会导致太多的路由注入 AS 中。 use the network command 在 BGP 中使用 network 命令定义 AS 的起始处，而在 IGP 中，network 命令则 指定起 IGP 的端口。 ！router c router bgp 200 neighbor 1.1.1.1 remote-as 300 network 175.220.0.0 三、BGP Decicion Algorithm AS_path Attribute 当有更新信息通过 AS 时，BGP 将在前面加上自己的 AS 号。 Origin Attribute 路由的 Origin 属性有以下三种：

IGP-路由起源于同一AS域内,用 show ip bgp时由I代表 EGP-路由通过 Exterior Gateway Protocol学得,用 show ip bgp时由 代表。 Incomplete--路由起源未知或通过其他方式学得,用?表示 1. External BGP peering 例 Router a in asio interface ethernet 5/0 222.222.10.2255.255.255.24 router bgp 100 network220.220.8.0mask255.255.255 neighbor 222. 222. 10. l remote-as 101 neighbor 222. 222. 10.1 distribute-list 180 in neighbor 222. 222. 10. 1 distribute-list 181 out Router b in ashol interface ethernet 1/0/0 ip address222.222.10.1255.255.255.240 network220.220.16.0mask255.255.240.0 neighbor 222. 222. 10. 2 remote-as 100 neighbor 222. 222 10.2 distribute-list 150 in neighbor 222. 222 10.2 distribute-list 151 out 2. stable iBGP peering (peering to loopback address peer with loopback address iBGP session is not dependent on a single interface loopback interface does not go down ever 例 router a. interface loopback 0 ip address215.10.7.1255.255.255.255 ter bgp 100 network220.220.1.0 igbor 215 10.7.2 remote-as 100 neighbor 215 10.7.2 update-source loopback 0 neighbor 215. 10. 7.3 remote-as 100 nel

IGP---路由起源于同一 AS 域内，用 show ip bgp 时由 I 代表 EGP---路由通过 Exterior Gateway Protocol 学得，用 show ip bgp 时由 e 代表。 Incomplete---路由起源未知或通过其他方式学得，用？表示 1. External BGP peering 例: Router A in AS100 interface ethernet 5/0 ip address 222.222.10.2 255.255.255.240 router bgp 100 network 220.220.8.0 mask 255.255.255.0 neighbor 222.222.10.1 remote-as 101 neighbor 222.222.10.1 distribute-list 180 in neighbor 222.222.10.1 distribute-list 181 out Router B in AS101 interface ethernet 1/0/0 ip address 222.222.10.1 255.255.255.240 router bgp 101 network 220.220.16.0 mask 255.255.240.0 neighbor 222.222.10.2 remote-as 100 neighbor 222.222.10.2 distribute-list 150 in neighbor 222.222.10.2 distribute-list 151 out 2. stable iBGP peering(peering to loopback address) .peer with loopback address .iBGP session is not dependent on a single interface .loopback interface does not go down ever 例: router A: interface loopback 0 ip address 215.10.7.1 255.255.255.255 router bgp 100 network 220.220.1.0 neighbor 215.10.7.2 remote-as 100 neighbor 215.10.7.2 update-source loopback 0 neighbor 215.10.7.3 remote-as 100 neighbor 215.10.7.3 update-source loopback 0

router B interface loopback 0 ip address215.10.7.2255.255.255.255 router bgp 10 net 220.220.5.0 nel 215.10.7.1 remote-as100 neighbor 215. 10. 7. l update-source loopback 0 neighbor 215. 10. 7.3 remote-as 100 neighbor 215 10.7.3 update-source loopback 0 3. local preference default:100选用 local preference高的路由 local to as used to influence BGP path selection path with highest local preference selection 例 outer bgp 400 neighbor 220.5. 1. I remote-as 300 neighbor 220. 5. 1. I route-map local-pref in route-map local-pref permit 10 match ip address 1 set local preference 800 access-list l permit 160. 10.0.0. 0. 255. 255 access-list l deny any autonomous- system200定义AS号 router bgp 100 network200.200.4.0mask255.255.252.0 neighbor 200. 200. 7. 224 remote-as 100 neighbor 200. 200. 7. 224 update-source loopback 0 sh ip bgp summar no router bgp 100

router B: interface loopback 0 ip address 215.10.7.2 255.255.255.255 router bgp 100 network 220.220.5.0 neighbor 215.10.7.1 remote-as 100 neighbor 215.10.7.1 update-source loopback 0 neighbor 215.10.7.3 remote-as 100 neighbor 215.10.7.3 update-source loopback 0 3. local preference . default: 100 选用 local preference 高的路由 .local to AS . used to influence BGP path selection .path with highest local preference selection 例: router bgp 400 neighbor 220.5.1.1 remote-as 300 neighbor 220.5.1.1 route-map local-pref in route-map local-pref permit 10 match ip address 1 set local preference 800 access-list 1 permit 160.10.0.0 0.0.255.255 access-list 1 deny any Example: autonomous-system 200 定义 AS 号 router bgp 100 network 200.200.4.0 mask 255.255.252.0 neighbor 200.200.7.224 remote-as 100 neighbor 200.200.7.224 update-source loopback 0 sh ip bgp summary sh ip bgp no router bgp 100