当一个AS包含多个IBGP对等体时,路由反射器非常有用。因为IBGP客户只需要和路由反射器建立邻居关系,从而降低了IBGP的连接数量。路由反射器和它的客户合称为一个簇。路由反射是克服IBGP水平分割的重要手段。
RR的反射规则如下:
1.如果路由是从非客户的IBGP邻居学来的,则RR只将它反射给客户
2.如果路由是从客户学来的,RR会将它反射给所有的非客户和客户(除了发起该路由的客户)
3.如果路由是从EBGP邻居学来的,RR会将它反射给所有的非客户和客户
1.ORIGINATOR_ID: 由路由反射器生成,是本AS内路由创造者的路由器ID
2.CLUSTER_ID: 一个AS内的每个簇必须用一个唯一的4个字节的簇ID来标识,如果簇内只有一个RR,则簇ID就是RR的路由器ID。当RR收到一个更新消息的时候,它检查CLUSTER_LIST,如果发现在列表中有自己的簇ID,就知道出现了路由环路。
1.路由反射器
2.层次化的RR
3.BGP联邦
4.BGP团体属性Community
5.过滤私有AS号
6.BGP后门路由
7.BGP路由标记
enable
conf t
no ip do lo
enable pass cisco
line con 0
logg sync
exec-t 0 0
exit
line vty 0 4
pass cisco
logg sync
exit
host
1.路由反射器
-------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
exit
router bgp 100
neighbor 12.1.1.2 remote-as 200
network 11.1.1.0 mask 255.255.255.0
exit
R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
exit
router bgp 200
bgp router-id 22.1.1.1
neighbor 12.1.1.1 remote-as 100
neighbor 33.1.1.1 remote-as 200
neighbor 33.1.1.1 update-source l0
neighbor 33.1.1.1 next-hop-self
exit
R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
network 34.1.1.0 0.0.0.255
exit
router bgp 200
bgp router-id 33.1.1.1
neighbor 22.1.1.1 remote-as 200
neighbor 22.1.1.1 update-source l0
neighbor 22.1.1.1 next-hop-self
neighbor 44.1.1.1 remote-as 200
neighbor 44.1.1.1 update-source l0
neighbor 44.1.1.1 next-hop-self
exit
R4:
int f0/0
ip add 34.1.1.4 255.255.255.0
no shut
exit
int l0
ip add 44.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
network 44.1.1.0 0.0.0.255
exit
router bgp 200
bgp router-id 44.1.1.1
neighbor 33.1.1.1 remote-as 200
neighbor 33.1.1.1 update-source l0
neighbor 33.1.1.1 next-hop-self
exit
----------------------------------------------
R3:
end
show ip bgp
show ip bgp neighbors 44.1.1.1 advertised-routes
conf t
router bgp 200
neighbor 44.1.1.1 route-reflector-client
neighbor 22.1.1.1 route-reflector-client
exit
end
show ip bgp
show ip bgp neighbors 44.1.1.1 advertised-routers
show ip bgp neighbors 44.1.1.1
show ip bgp 11.1.1.0
conf t
R4:
end
show ip bgp 11.1.1.0
conf t
R3:
router bgp 200
bgp cluster-id 3.3.3.3
R4:
end
show ip bgp 11.1.1.0
conf t
2.层次化的RR
-----------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
exit
router bgp 100
neighbor 12.1.1.2 remote-as 200
network 11.1.1.0 mask 255.255.255.0
exit
R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
exit
router bgp 200
bgp router-id 22.1.1.1
neighbor 12.1.1.1 remote-as 100
neighbor 33.1.1.1 remote-as 200
neighbor 33.1.1.1 update-source l0
neighbor 33.1.1.1 next-hop-self
exit
R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
network 34.1.1.0 0.0.0.255
exit
router bgp 200
bgp router-id 33.1.1.1
neighbor 22.1.1.1 remote-as 200
neighbor 22.1.1.1 update-source l0
neighbor 22.1.1.1 next-hop-self
neighbor 44.1.1.1 remote-as 200
neighbor 44.1.1.1 update-source l0
neighbor 44.1.1.1 next-hop-self
exit
R4:
int f0/0
ip add 34.1.1.4 255.255.255.0
no shut
int f1/0
ip add 45.1.1.4 255.255.255.0
no shut
exit
int l0
ip add 44.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
network 44.1.1.0 0.0.0.255
network 45.1.1.0 0.0.0.255
exit
router bgp 200
bgp router-id 44.1.1.1
neighbor 33.1.1.1 remote-as 200
neighbor 33.1.1.1 update-source l0
neighbor 33.1.1.1 next-hop-self
neighbor 55.1.1.1 remote-as 200
neighbor 55.1.1.1 update-source l0
neighbor 55.1.1.1 next-hop-self
exit
R5:
int f0/0
ip add 45.1.1.5 255.255.255.0
no shut
int l0
ip add 55.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 45.1.1.0 0.0.0.255
network 55.1.1.0 0.0.0.255
exit
router bgp 200
bgp router-id 55.1.1.1
neighbor 44.1.1.1 remote-as 200
neighbor 44.1.1.1 update-source l0
neighbor 44.1.1.1 next-hop-self
exit
----------------------------------------------
R3:
router bgp 200
neighbor 44.1.1.1 route-reflector-client
neighbor 22.1.1.1 route-reflector-client
exit
R4:
router bgp 200
neighbor 55.1.1.1 route-reflector-client
exit
3.BGP联邦
IBGP邻居并不把路由信息从一个IBGP邻居传播给另一个IBGP邻居。如果全互联,这将产生一个规模与费用的问题。BGP联邦克服了IBGP引起的规模问题。把AS划分为多个子自治系统。但在联邦内部,仍然需要IBGP的full-mesh,或者在联邦内部使用RR。联邦之间的BGP连接就像一个EBGP对等体,但是他们在交换路由信息的时候,就如在使用IBGP,同时保留了下一跳、度量和本地优先级等属性。
------------------------------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
exit
router bgp 100
bgp router-id 11.1.1.1
neighbor 12.1.1.2 remote-as 200
network 11.1.1.0 mask 255.255.255.0
exit
R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
int f2/0
ip add 27.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 22.1.1.0 0.0.0.255
network 23.1.1.0 0.0.0.255
network 27.1.1.0 0.0.0.255
exit
router bgp 65001
bgp router-id 22.1.1.1
bgp confederation identifier 200
bgp confederation peers 65002
neighbor 12.1.1.1 remote-as 100
neighbor 33.1.1.1 remote-as 65002
neighbor 33.1.1.1 update-source l0
neighbor 33.1.1.1 next-hop-self
neighbor 33.1.1.1 ebgp-multihop
neighbor 77.1.1.1 remote-as 65001
neighbor 77.1.1.1 update-source l0
neighbor 77.1.1.1 next-hop-self
exit
R3:
int f0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
network 34.1.1.0 0.0.0.255
exit
router bgp 65002
bgp router-id 33.1.1.1
bgp confederation identifier 200
bgp confederation peers 65001
neighbor 22.1.1.1 remote-as 65001
neighbor 22.1.1.1 update-source l0
neighbor 22.1.1.1 ebgp-multihop
neighbor 44.1.1.1 remote-as 65002
neighbor 44.1.1.1 update-source l0
exit
R4:
int f0/0
ip add 34.1.1.4 255.255.255.0
no shut
int f1/0
ip add 45.1.1.4 255.255.255.0
no shut
exit
int l0
ip add 44.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 34.1.1.0 0.0.0.255
network 44.1.1.0 0.0.0.255
network 45.1.1.0 0.0.0.255
exit
router bgp 65002
bgp router-id 44.1.1.1
bgp confederation identifier 200
bgp confederation peers 65003
neighbor 33.1.1.1 remote-as 65002
neighbor 33.1.1.1 update-source l0
neighbor 55.1.1.1 remote-as 65003
neighbor 55.1.1.1 update-source l0
neighbor 55.1.1.1 ebgp-multihop
exit
R5:
int f0/0
ip add 45.1.1.5 255.255.255.0
no shut
int f1/0
ip add 56.1.1.5 255.255.255.0
no shut
int l0
ip add 55.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 45.1.1.0 0.0.0.255
network 55.1.1.0 0.0.0.255
network 56.1.1.0 0.0.0.255
exit
router bgp 65003
bgp router-id 55.1.1.1
bgp confederation identifier 200
bgp confederation peers 65002
neighbor 44.1.1.1 remote-as 65002
neighbor 44.1.1.1 update-source l0
neighbor 44.1.1.1 next-hop-self
neighbor 44.1.1.1 ebgp-multihop
neighbor 56.1.1.6 remote-as 300
exit
R6:
int f0/0
ip add 56.1.1.6 255.255.255.0
no shut
int l0
ip add 66.1.1.1 255.255.255.0
exit
router bgp 300
bgp router-id 66.1.1.1
neighbor 56.1.1.5 remote-as 200
exit
R7:
int f0/0
ip add 27.1.1.7 255.255.255.0
no shut
int l0
ip add 77.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 27.1.1.0 0.0.0.255
network 77.1.1.0 0.0.0.255
exit
router bgp 65001
bgp router-id 77.1.1.1
bgp confederation identifier 200
neighbor 22.1.1.1 remote-as 65001
neighbor 22.1.1.1 update-source l0
exit
----------------------------------------------
R2:
router bgp 65001
bgp default local-pre 200
exit
show ip bgp
show ip bgp 11.1.1.0
R3:
show ip bgp
R5:
show ip bgp
R6:
show ip bgp
4.BGP团体属性Community
Community主要用来控制路由的传播范围;
团体属性,也叫做共同体属性,是可选传递属性,可选意味着并不是所有的路由器都能识别这个团体属性;
团体属性类似于tag标记,它允许路由器能够使用一个指示符来标记路由,并且允许其它路由器根据这个标记做出相应的决定,可以简化策略的执行。它是Cisco的一个专有属性,现在在RFC1997中已被标准化;
一条路由可以设置多个团体属性,也就是说可以同时打上多个标记,还可以利用团体属性实现一些扩展的功能,比如在MPLS-VPN中RT属性;
默认情况下团体属性不会传递给邻居,必须有以下命令才行:neighbor 1.1.1.1 send-community;团体属性只会传给指定的邻居,并且只在该邻居上生效
Community值可以自己定义,此外有几个已经定义好的团体属性:
NO_ADVERTISE:携带该值的路由不能公布给EBGP和IBGP邻居
NO_EXPORT:携带该值的路由公布给任何真正的EBGP对等体
LOCAL_AS:携带该值的路由不能公布给任何EBGP对等体,包括联邦内部子系统EBGP对等体
R1:
int l100
ip add 100.1.1.1 255.255.255.0
exit
router bgp 100
network 100.1.1.0 mask 255.255.255.0
exit
ip prefix-list 100.1 permit 100.1.1.0/24
route-map COMMUNITY permit 10
match ip add prefix-list 100.1
set community local-as
exit
route-map COMMUNITY permit 9999
exit
router bgp 100
neighbor 12.1.1.2 route-map COMMUNITY out
neighbor 12.1.1.2 send-community
exit
R2:
show ip bgp 100.1.1.0
R3/R7:
show ip bgp
-------------------------------------------------------
R1:
int l101
ip add 101.1.1.1 255.255.255.0
exit
router bgp 100
network 101.1.1.0 mask 255.255.255.0
exit
ip prefix-list 101.1 permit 101.1.1.0/24
route-map COMMUNITY permit 20
match ip add prefix-list 101.1
set community no-advertise
exit
clear ip bgp * soft out
R2:
show ip bgp 101.1.1.0
R3/R7:
show ip bgp
----------------------------------------------------------
R2:
int l200
ip add 200.1.1.1 255.255.255.0
exit
route-map NO-EXPORT permit 10
set community no-export
exit
router bgp 65001
network 200.1.1.0 mask 255.255.255.0 route-map NO-EXPORT
exit
show ip bgp 200.1.1.0
ip prefix-list 101.1 permit 101.1.1.0/24
route-map COMMUNITY permit 20
match ip add prefix-list 101.1
set community no-advertise
exit
R1/R3/R7:
show ip bgp
5.过滤私有AS号
--------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int l0
ip add 11.1.1.1 255.255.255.0
exit
router bgp 65000
router-id 11.1.1.1
neighbor 12.1.1.2 remote-as 100
network 11.1.1.0 mask 255.255.255.0
exit
R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
int l0
ip add 22.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 22.1.1.0 0.0.0.255
exit
router bgp 100
bgp router-id 22.1.1.1
neighbor 33.1.1.1 remote-as 100
neighbor 33.1.1.1 update-source l0
neighbor 33.1.1.1 next-hop-self
neighbor 12.1.1.1 remote-as 65000
exit
R3:
int f0/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int l0
ip add 33.1.1.1 255.255.255.0
exit
router eigrp 1
no auto-summary
network 23.1.1.0 0.0.0.255
network 33.1.1.0 0.0.0.255
exit
router bgp 100
bgp router-id 33.1.1.1
neighbor 22.1.1.1 remote-as 100
neighbor 22.1.1.1 update-source l0
neighbor 22.1.1.1 next-hop-self
neighbor 34.1.1.4 remote-as 200
exit
R4:
int f0/0
ip add 34.1.1.4 255.255.255.0
no shut
exit
int l0
ip add 44.1.1.1 255.255.255.0
exit
router bgp 200
bgp router-id 44.1.1.1
neighbor 34.1.1.3 remote-as 100
exit
R4:
show ip bgp
R3:
router bgp 100
neighbor 34.1.1.4 remove-private-as
exit
R4:
clear ip bgp * in
show ip bgp
6.BGP后门路由
---------------------------------------------------------------------------------
R1:
int f1/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
int s0/0
ip add 13.1.1.1 255.255.255.0
no shut
exit
router ospf 1
router-id 11.1.1.1
network 12.1.1.0 0.0.0.255 area 0
exit
router bgp 100
bgp router-id 11.1.1.1
neighbor 13.1.1.3 remote-as 300
exit
R2:
int f1/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int s0/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
router ospf 1
router-id 22.1.1.1
network 12.1.1.0 0.0.0.255 area 0
exit
router bgp 200
bgp router-id 22.1.1.1
neighbor 23.1.1.3 remote-as 300
exit
R3:
int s0/0
ip add 13.1.1.3 255.255.255.0
no shut
exit
int s0/1
ip add 23.1.1.3 255.255.255.0
no shut
exit
router bgp 300
bgp router-id 33.1.1.1
neighbor 13.1.1.1 remote-as 100
neighbor 23.1.1.2 remote-as 200
exit
R1:
int l0
ip add 11.1.1.1 255.255.255.0
exit
router ospf 1
network 11.1.1.0 0.0.0.255 area 0
exit
int l0
ip ospf network point-to-point
exit
R2:
show ip route
R1:
router bgp 100
network 11.1.1.0 mask 255.255.255.0
exit
R2:
show ip route
以上表示当11.1.1.0/24这条路由同时从EBGP邻居和OSPF邻居学习到的时候,会选择从BGP邻居学习到的路由,因为EBGP路由的AD值为20.
要想让R2优选从OSPF学习的路由,需要在R2上做BGP后门路由配置。
R2:
router bgp 200
network 11.1.1.0 mask 255.255.255.0 backdoor
exit
show ip route
int f1/0
shutdown
exit
show ip route
7.BGP路由标记
---------------------------------------------------------------------------------
R1:
int f0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
router bgp 100
bgp router-id 11.1.1.1
neighbor 12.1.1.2 remote-as 300
exit
R2:
int f0/0
ip add 12.1.1.2 255.255.255.0
no shut
exit
int f1/0
ip add 23.1.1.2 255.255.255.0
no shut
exit
router ospf 1
router-id 22.1.1.1
network 23.1.1.0 0.0.0.255 area 0
exit
router bgp 300
bgp router-id 22.1.1.1
neighbor 12.1.1.1 remote-as 100
exit
R3:
int f1/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
int f0/0
ip add 34.1.1.3 255.255.255.0
no shut
exit
router ospf 1
router-id 33.1.1.1
network 23.1.1.0 0.0.0.255 area 0
exit
router bgp 300
bgp router-id 33.1.1.1
neighbor 34.1.1.4 remote-as 200
exit
R4:
int f0/0
ip add 34.1.1.4 255.255.255.0
no shut
exit
router bgp 200
bgp router-id 44.1.1.1
neighbor 34.1.1.3 remote-as 300
exit
R1:
int l0
ip add 11.1.1.1 255.255.255.0
exit
router bgp 100
network 11.1.1.0 mask 255.255.255.0
exit
默认情况下R4不能学到此路由,因为R2与R3之间并没有BGP邻居关系,需要在OSPF之间进行重分布才能学到。
R2:
router ospf 1
redistribute bgp 300 subnets
exit
R3:
router bgp 300
redistribute ospf 1 match external 2
exit
R4:
show ip bgp
能够看到11.1.1.0/24这条路由,但是不能看到这条路由的起源AS号100.产生此问题的原因是该路由被R3学到之前已经过了OSPF区域的重发布,而OSPF协议是无法理解AS路径属性的。解决的办法是在R2上从BGP向OSPF发布路由时利用route-map将AS路径属性转为路由标记,这样就可以携带在OSPF路由中,然后在R3上从OSPF发布回BGP时,再次利用route-map,将路由标记转回AS路径属性。
R2:
route-map TAG permit 10
set automatic-tag
exit
router bgp 300
table-map TAG
exit
R3:
route-map TAG permit 10
set as-path tag
exit
router bgp 300
redistribute ospf 1 route-map TAG
exit
R4:
show ip bgp