Internet路由结构学习心得一:通告汇聚和具体路由影响AS入流量1
BGP中通过通告汇聚路由、具体路由可以实现多宿主的主备或负载均衡,以下先记录主备形式。
案例一:多链路(主备),多宿主(Multi-Homing)
思路:
针对多链路(主备),采用发布sumary-only的aggregate route;针对单ISP,使用med影响入流量;使用local-pref属性影响出流量。
案例分析:
一、针对出流量,可以使用浮动静态路由直接指向不同的链路;也可以要求ISP发送默认路由,且通过不同的Local-Preference接受并往内部发送主链路的默认路由。注意:这里没有考虑R1接受路由的情况;
二、针对入流量,由于是单ISP,可以采用med影响ISP的eBGP路由选择;
三、可以使用BGP+aggregation的方式。从主、备两条链路发送AS内的网络汇总到ISP,且通过不同的MED,对返回流量进行控制;
具体操作:蓝色部分为本地,×××为ISP;24.0.0.0/24为主链路,35.0.0.0/24为备用链路
一、R1向外发布
二、R2、R3分别与R4、R5建立eBGP连接;
三、不考虑AS-PATH对其他AS的影响,针对BGP公告汇总路由可采用两种方式:使用aggregate-address命令加summary-only参数,或者使用静态路由+network方式。由于aggregate-address可通过as-set保留as-set信息,建议使用aggregate-address和summary-only方式;
四、使用route-map SET_LOCAL_PREF in,修改两个入口Local-Pref值,确保出流量采用主链路;同时使用route-map SET_MED out,修改两个出口的med值,确保入流量采用主链路。
主要配置:(R2、R3配置相似,R4、R5配置相似)
hostname R1
!
interface Loopback0
ip address 1.0.0.1 255.255.255.0
!
interface Loopback1
ip address 1.0.1.1 255.255.255.0
!
interface Loopback2
ip address 1.0.2.1 255.255.255.0
!
interface Loopback3
ip address 1.0.3.1 255.255.255.0
!
interface Serial0/0
description To Gateway R2
ip address 172.16.12.1 255.255.255.0
!
interface Serial0/1
description To Gateway R3
ip address 172.16.13.1 255.255.255.0
!
router eigrp 65001
passive-interface Loopback0
passive-interface Loopback1
passive-interface Loopback2
passive-interface Loopback3
network 1.0.0.0 0.0.3.255
network 172.16.12.1 0.0.0.0
network 172.16.13.1 0.0.0.0
no auto-summary
eigrp router-id 1.1.1.1
!
end
!
interface Loopback0
ip address 1.0.0.1 255.255.255.0
!
interface Loopback1
ip address 1.0.1.1 255.255.255.0
!
interface Loopback2
ip address 1.0.2.1 255.255.255.0
!
interface Loopback3
ip address 1.0.3.1 255.255.255.0
!
interface Serial0/0
description To Gateway R2
ip address 172.16.12.1 255.255.255.0
!
interface Serial0/1
description To Gateway R3
ip address 172.16.13.1 255.255.255.0
!
router eigrp 65001
passive-interface Loopback0
passive-interface Loopback1
passive-interface Loopback2
passive-interface Loopback3
network 1.0.0.0 0.0.3.255
network 172.16.12.1 0.0.0.0
network 172.16.13.1 0.0.0.0
no auto-summary
eigrp router-id 1.1.1.1
!
end
-------------------------------------------
hostname R2
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Serial0/0
ip address 172.16.12.2 255.255.255.0
!
interface Serial0/1
ip address 172.16.23.2 255.255.255.0
!
interface Serial0/2
description To ISP R4
ip address 24.0.0.2 255.255.255.0
!
router eigrp 65001
network 2.2.2.2 0.0.0.0
network 172.16.12.2 0.0.0.0
network 172.16.23.2 0.0.0.0
passive-interface Loopback0
no auto-summary
eigrp router-id 2.2.2.2
!
router bgp 65001
no synchronization
bgp router-id 2.2.2.2
bgp log-neighbor-changes
network 1.0.0.0 mask 255.255.255.0
network 1.0.1.0 mask 255.255.255.0
network 1.0.2.0 mask 255.255.255.0
network 1.0.3.0 mask 255.255.255.0
aggregate-address 1.0.0.0 255.255.252.0 summary-only
neighbor Local_AS peer-group
neighbor Local_AS remote-as 65001
neighbor Local_AS update-source Loopback0
neighbor Local_AS next-hop-self
neighbor REMOTE_1 peer-group
neighbor REMOTE_1 remote-as 1
neighbor REMOTE_1 route-map SET_LOCAL_PREF in
neighbor REMOTE_1 route-map SET_MED out
neighbor 3.3.3.3 peer-group Local_AS
neighbor 24.0.0.4 peer-group REMOTE_1
no auto-summary
!
ip as-path access-list 10 permit ^$
!
ip prefix-list BGP_AGGREGATE seq 5 permit 1.0.0.0/22
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
route-map SET_LOCAL_PREF permit 10
match ip address prefix-list DEFAULT
set local-preference 200
!
route-map SET_LOCAL_PREF permit 20
!
route-map SET_MED permit 10
match ip address prefix-list BGP_AGGREGATE
set metric 200
!
route-map SET_MED permit 20
match as-path 10
!
end
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Serial0/0
ip address 172.16.12.2 255.255.255.0
!
interface Serial0/1
ip address 172.16.23.2 255.255.255.0
!
interface Serial0/2
description To ISP R4
ip address 24.0.0.2 255.255.255.0
!
router eigrp 65001
network 2.2.2.2 0.0.0.0
network 172.16.12.2 0.0.0.0
network 172.16.23.2 0.0.0.0
passive-interface Loopback0
no auto-summary
eigrp router-id 2.2.2.2
!
router bgp 65001
no synchronization
bgp router-id 2.2.2.2
bgp log-neighbor-changes
network 1.0.0.0 mask 255.255.255.0
network 1.0.1.0 mask 255.255.255.0
network 1.0.2.0 mask 255.255.255.0
network 1.0.3.0 mask 255.255.255.0
aggregate-address 1.0.0.0 255.255.252.0 summary-only
neighbor Local_AS peer-group
neighbor Local_AS remote-as 65001
neighbor Local_AS update-source Loopback0
neighbor Local_AS next-hop-self
neighbor REMOTE_1 peer-group
neighbor REMOTE_1 remote-as 1
neighbor REMOTE_1 route-map SET_LOCAL_PREF in
neighbor REMOTE_1 route-map SET_MED out
neighbor 3.3.3.3 peer-group Local_AS
neighbor 24.0.0.4 peer-group REMOTE_1
no auto-summary
!
ip as-path access-list 10 permit ^$
!
ip prefix-list BGP_AGGREGATE seq 5 permit 1.0.0.0/22
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
route-map SET_LOCAL_PREF permit 10
match ip address prefix-list DEFAULT
set local-preference 200
!
route-map SET_LOCAL_PREF permit 20
!
route-map SET_MED permit 10
match ip address prefix-list BGP_AGGREGATE
set metric 200
!
route-map SET_MED permit 20
match as-path 10
!
end
-------------------------------------------------------
hostname R4
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface Serial0/0
ip address 24.0.0.4 255.255.255.0
!
interface Serial0/1
ip address 45.0.0.4 255.255.255.0
!
router bgp 1
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
neighbor REMOTE_65001 peer-group
neighbor REMOTE_65001 remote-as 65001
neighbor REMOTE_65001 default-originate
neighbor LOCAL_AS peer-group
neighbor LOCAL_AS remote-as 1
neighbor LOCAL_AS update-source Loopback0
neighbor LOCAL_AS next-hop-self
neighbor 5.5.5.5 peer-group LOCAL_AS
neighbor 24.0.0.2 peer-group REMOTE_65001
no auto-summary
!
ip route 5.5.5.5 255.255.255.255 Serial0/1
!
end
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface Serial0/0
ip address 24.0.0.4 255.255.255.0
!
interface Serial0/1
ip address 45.0.0.4 255.255.255.0
!
router bgp 1
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
neighbor REMOTE_65001 peer-group
neighbor REMOTE_65001 remote-as 65001
neighbor REMOTE_65001 default-originate
neighbor LOCAL_AS peer-group
neighbor LOCAL_AS remote-as 1
neighbor LOCAL_AS update-source Loopback0
neighbor LOCAL_AS next-hop-self
neighbor 5.5.5.5 peer-group LOCAL_AS
neighbor 24.0.0.2 peer-group REMOTE_65001
no auto-summary
!
ip route 5.5.5.5 255.255.255.255 Serial0/1
!
end
说明:当没有红色字体部分语句时,R4、R5接收所有AS内部路由:
R4#show ip route bgp
1.0.0.0/24 is subnetted, 4 subnets
B 1.0.1.0 [20/2297856] via 24.0.0.2, 00:04:01 //BGP使用EIGRP作为其metric
B 1.0.0.0 [20/2297856] via 24.0.0.2, 00:04:01
B 1.0.3.0 [20/2297856] via 24.0.0.2, 00:04:01
B 1.0.2.0 [20/2297856] via 24.0.0.2, 00:04:01
1.0.0.0/24 is subnetted, 4 subnets
B 1.0.1.0 [20/2297856] via 24.0.0.2, 00:04:01 //BGP使用EIGRP作为其metric
B 1.0.0.0 [20/2297856] via 24.0.0.2, 00:04:01
B 1.0.3.0 [20/2297856] via 24.0.0.2, 00:04:01
B 1.0.2.0 [20/2297856] via 24.0.0.2, 00:04:01
R5#show ip route bgp
1.0.0.0/24 is subnetted, 4 subnets
B 1.0.1.0 [20/2297856] via 35.0.0.3, 00:00:55
B 1.0.0.0 [20/2297856] via 35.0.0.3, 00:00:55
B 1.0.3.0 [20/2297856] via 35.0.0.3, 00:00:55
B 1.0.2.0 [20/2297856] via 35.0.0.3, 00:00:55
1.0.0.0/24 is subnetted, 4 subnets
B 1.0.1.0 [20/2297856] via 35.0.0.3, 00:00:55
B 1.0.0.0 [20/2297856] via 35.0.0.3, 00:00:55
B 1.0.3.0 [20/2297856] via 35.0.0.3, 00:00:55
B 1.0.2.0 [20/2297856] via 35.0.0.3, 00:00:55
采用了aggregate-address summary-only后,所有具体路由均被抑制,并产生atomic-aggregate标记,以表示该路由为汇总路由;
R2#show ip bgp 1.0.0.0 255.255.255.0
BGP routing table entry for 1.0.0.0/24, version 13
Paths: (1 available, best #1, table Default-IP-Routing-Table, Advertisements suppressed by an aggregate.)
Not advertised to any peer
Local
172.16.12.1 from 0.0.0.0 (2.2.2.2)
Origin IGP, metric 2297856, localpref 100, weight 32768, valid, sourced, local, best
BGP routing table entry for 1.0.0.0/24, version 13
Paths: (1 available, best #1, table Default-IP-Routing-Table, Advertisements suppressed by an aggregate.)
Not advertised to any peer
Local
172.16.12.1 from 0.0.0.0 (2.2.2.2)
Origin IGP, metric 2297856, localpref 100, weight 32768, valid, sourced, local, best
R2#show ip bgp 1.0.0.0 255.255.252.0
BGP routing table entry for 1.0.0.0/22, version 12
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
1 2
Local, (aggregated by 65001 3.3.3.3)
3.3.3.3 (metric 2297856) from 3.3.3.3 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, atomic-aggregate
Local, (aggregated by 65001 2.2.2.2)
0.0.0.0 from 0.0.0.0 (2.2.2.2)
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, atomic-aggregate, best
BGP routing table entry for 1.0.0.0/22, version 12
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
1 2
Local, (aggregated by 65001 3.3.3.3)
3.3.3.3 (metric 2297856) from 3.3.3.3 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, atomic-aggregate
Local, (aggregated by 65001 2.2.2.2)
0.0.0.0 from 0.0.0.0 (2.2.2.2)
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, atomic-aggregate, best
ISP端R4、R5的路由表减少了路由数目:
R4#show ip route bgp
1.0.0.0/22 is subnetted, 1 subnets
B 1.0.0.0 [20/0] via 24.0.0.2, 00:01:13 ////BGP使用Connected作为其metric
1.0.0.0/22 is subnetted, 1 subnets
B 1.0.0.0 [20/0] via 24.0.0.2, 00:01:13 ////BGP使用Connected作为其metric
R5#show ip route bgp
1.0.0.0/22 is subnetted, 1 subnets
B 1.0.0.0 [20/0] via 35.0.0.3, 00:00:51
1.0.0.0/22 is subnetted, 1 subnets
B 1.0.0.0 [20/0] via 35.0.0.3, 00:00:51
虽然成功减少了ISP路由表的大小,但是这里并没有实现主备链路的功能,所有R5接收到的数据包仍旧通过eBGP转发到R3,我们的目的是所有数据包都往R2发送。因此我们使用绿色字体的配置修改从ISP发送过来默认路由的local-pref值,使本地所有出流量发送至R2;使用蓝色字体的配置修改发送到ISP汇总路由的MED值,使其选择R2为本地目的地的下一跳。
R4#show ip bgp
Network Next Hop Metric LocPrf Weight Path
*> 1.0.0.0/22 24.0.0.2 200 0 65001 i
Network Next Hop Metric LocPrf Weight Path
*> 1.0.0.0/22 24.0.0.2 200 0 65001 i
show ip bgp
Network Next Hop Metric LocPrf Weight Path
*>i1.0.0.0/22 4.4.4.4 200 100 0 65001 i
* 35.0.0.3 300 0 65001 i
Network Next Hop Metric LocPrf Weight Path
*>i1.0.0.0/22 4.4.4.4 200 100 0 65001 i
* 35.0.0.3 300 0 65001 i
案例总结:采用多链路(主备)形式作为出口的,可使所有出口通告同样的汇聚路由,并修改MED属性使外部路由器选择最优路由。
转载于:https://blog.51cto.com/golehuang/226708