Technical documentation
发布日期:2022-06-30 浏览次数:2198 来源:杨广成
EI CCNP培训学习教材分享:BGP路由黑洞-路由反射器实验
EI CCNP培训学习相关课程联系WOLFLAB获取免费学习试听视频
接口ip地址请结合课程视频的地址规划,实验拓扑如上图所示:
1、如图所示建立BGP,在R2 R3 R4之间运行OSPF使AS234内部全网互通;在R1和R2之间通过直连接口建立eBGP邻居,在R4 R5之间通过直连接口建立eBGP邻居,在R2和R3、R3和R4之间通过环回口建立iBGP邻居,全部路由器 no synchronization,no auto-summary直连建立邻居。
R1: interface loopback 0 ip address 1.1.1.1 255.255.255.0 interface s1/0 ip address 192.168.12.1 255.255.255.0 router bgp 100 bgp router-id 1.1.1.1 neighbor 192.168.12.2 remote-as 234 | R5: interface loopback 0 ip address 5.5.5.5 255.255.255.0 interface s1/0 ip address 192.168.45.5 255.255.255.0 router bgp 500 bgp router-id 5.5.5.5 neighbor 192.168.45.4 remote-as 234R4: |
R2: interface loopback 0 ip address 2.2.2.2 255.255.255.0 interface s1/0 ip address 192.168.12.2 255.255.255.0 interface Ethernet0/0 ip address 1.1.23.2 255.255.255.0
router ospf 1 router-id 2.2.2.2 network 2.2.2.2 0.0.0.0 area 0 network 1.1.23.2 0.0.0.0 area 0
router bgp 234 bgp router-id 2.2.2.2 neighbor 192.168.12.1 remote-as 100 neighbor 3.3.3.3 remote-as 234 neighbor 3.3.3.3 update-source loopback 0 | R4: interface loopback 0 ip address 4.4.4.4 255.255.255.0 interface Ethernet0/1 ip address 1.1.34.4 255.255.255.0 interface s1/0 ip address 192.168.45.4 255.255.255.0
router ospf 1 router-id 4.4.4.4 network 1.1.34.4 0.0.0.0 area 0 network 4.4.4.4 0.0.0.0 area 0
router bgp 234 bgp router-id 4.4.4.4 neighbor 192.168.45.5 remote-as 500 neighbor 3.3.3.3 remote-as 234 neighbor 3.3.3.3 update-source loopback 0 |
R3: interface loopback 0 ip address 3.3.3.3 255.255.255.0 interface Ethernet0/0 ip address 1.1.23.3 255.255.255.0 interface Ethernet0/1 ip address 1.1.34.3 255.255.255.0 router ospf 1
router-id 3.3.3.3 network 1.1.23.3 0.0.0.0 area 0 network 1.1.34.3 0.0.0.0 area 0 network 3.3.3.3 0.0.0.0 area 0
router bgp 234 bgp router-id 3.3.3.3 neighbor 2.2.2.2 remote-as 234 neighbor 2.2.2.2 update-source loopback 0 neighbor 4.4.4.4 remote-as 234 neighbor 4.4.4.4 update-source loopback 0 |
2、在R1上BGP中宣告1.1.1.0/24和192.168.12.0/24,在R5上BGP宣告5.5.5.0/24和192.168.45.0/24,注意要使这几条路由在R3上可以优化。
R1: router bgp 100 network 192.168.12.0 mask 255.255.255.0 network 1.1.1.0 mask 255.255.255.0 | R5: router bgp 500 network 192.168.45.0 mask 255.255.255.0 network 5.5.5..0 mask 255.255.255.0 |
R2: router bgp 234 neighbor 3.3.3.3 next-hop-self | R4: router bgp 234 neighbor 3.3.3.3 next-hop-self |
3、注意此时R1和R5能否相互看到对端的路由?
解析:R1和R5均看不到对端路由。因为路由传递至R3上,由于IBGP水平分割,从IBGP邻居收到的路由,不会再传递至IBGP邻居。
4、将R2 R3 R4的BGP进程no掉。在R2-R3之间建立AS234内部的联邦AS64523,在R4上建立AS234内部的联邦AS64544,通过建立联邦解决非full-mesh BGP网络中路由传递和数据黑洞问题。
R2: router bgp 64523 bgp router-id 2.2.2.2 neighbor 192.168.12.1 remote-as 100 neighbor 3.3.3.3 remote-as 64523 neighbor 3.3.3.3 update-source Loopback0 neighbor 3.3.3.3 next-hop-self | R3: router bgp 64523 bgp router-id 3.3.3.3 neighbor 2.2.2.2 remote-as 64523 neighbor 2.2.2.2 update-source Loopback0 neighbor 4.4.4.4 remote-as 64544 neighbor 4.4.4.4 ebgp-multihop 255 neighbor 4.4.4.4 update-source Loopback0 | |
R4: router bgp 64544 bgp router-id 4.4.4.4 neighbor 192.168.45.5 remote-as 500 neighbor 3.3.3.3 remote-as 64523 neighbor 3.3.3.3 ebgp-multihop 255 neighbor 3.3.3.3 update-source Loopback0 neighbor 3.3.3.3 next-hop-self //联邦的IBGP和EBGP邻居之间传递路由,下一跳不变。 | ||
R2 R3 R4 BGP进程下: bgp confederation identifier 234 //联邦内的路由器上均需要指出属于哪个大AS | ||
R3: bgp confederation peers 64544 | R4: bgp confederation peers 64523 | |
EI CCNP培训学习关注WOLFLAB |
5、将第4题的BGP进程no掉,还原到第三题的配置部分,在R3上设置路由反射器,将R2作为客户端,观察R1 R5的路由传递情况,在R1和R5上能否ping通对端?
R2: router bgp 234 bgp router-id 2.2.2.2 neighbor 192.168.12.1 remote-as 100 neighbor 3.3.3.3 remote-as 234 neighbor 3.3.3.3 update-source loopback 0 neighbor 3.3.3.3 next-hop-self | R4: router bgp 234 bgp router-id 4.4.4.4 neighbor 192.168.45.5 remote-as 500 neighbor 3.3.3.3 remote-as 234 neighbor 3.3.3.3 update-source loopback 0 neighbor 3.3.3.3 next-hop-self |
R3: router bgp 234 bgp router-id 3.3.3.3 neighbor 2.2.2.2 remote-as 234 neighbor 2.2.2.2 update-source loopback 0 neighbor 4.4.4.4 remote-as 234 neighbor 4.4.4.4 update-source loopback 0 neighbor 2.2.2.2 route-reflector-client //配置R2成为路由反射器的客户端,即R3为路由反射器。 |
6、如果此时将R4也作为R3的客户端,在R4上show ip bgp 1.1.1.0,和R3上看到的这条BGP路由有什么不同?这样的区别意义何在?
R3: router bgp 234 neighbor 4.4.4.4 route-reflector-client |
R3: show ip bgp 1.1.1.0 BGP routing table entry for 1.1.1.0/24, version 8 Paths: (1 available, best #1, table Default-IP-Routing-Table) Advertised to non peer-group peers: 4.4.4.4 100, (Received from a RR-client) 2.2.2.2 (metric 20) from 2.2.2.2 (2.2.2.2) Origin IGP, metric 0, localpref 100, valid, internal, best |
R4: show ip bgp 1.1.1.0 BGP routing table entry for 1.1.1.0/24, version 9 Paths: (1 available, best #1, table Default-IP-Routing-Table) Advertised to non peer-group peers: 192.168.45.5 100 2.2.2.2 (metric 30) from 3.3.3.3 (3.3.3.3) Origin IGP, metric 0, localpref 100, valid, internal, best Originator: 2.2.2.2, Cluster list: 3.3.3.3 |
解析:R4上的路由经过R3路由反射后,路由中就会带有Originator,即为AS234中始发此路由的router-id,Cluster list:3.3.3.3,表明此路由已经经过路由反射器R3,就将路由反射器的router-id存放在Cluster list里面。此时路由再传递至R2或R3上的时候,包含自己的router-id,将拒绝接收这条路由,这样设计的目的在于防止路由反射器FULL-MESH时产生的环路。
7、BGP第三方下一跳问题。如图所示建立运行OSPF,R1-R2之间直连建立EBGP邻居,R2-R3之间直连建立IBGP邻居。在R3上将3.3.3.0/24宣告进BGP,在R1上观察,此条路由下一跳指向哪里?
R1: interface Loopback0 ip address 1.1.1.1 255.255.255.0 interface FastEthernet0/0 ip address 192.168.123.1 255.255.255.0 router ospf 1 router-id 1.1.1.1 network 1.1.1.1 0.0.0.0 area 0 network 192.168.123.1 0.0.0.0 area 0
router bgp 100 bgp router-id 1.1.1.1 neighbor 192.168.123.2 remote-as 23 network 1.1.1.0 mask 255.255.255.0 | R2: interface Loopback0 ip address 2.2.2.2 255.255.255.0 interface FastEthernet0/0 ip address 192.168.123.2 255.255.255.0 router ospf 1 router-id 2.2.2.2 network 2.2.2.2 0.0.0.0 area 0 network 192.168.123.2 0.0.0.0 area 0
router bgp 23 bgp router-id 2.2.2.2 neighbor 192.168.123.1 remote-as 100 neighbor 192.168.123.3 remote-as 23 |
R3: interface Loopback0 ip address 3.3.3.3 255.255.255.0 interface FastEthernet0/0 ip address 192.168.123.3 255.255.255.0
router ospf 1 router-id 3.3.3.3 network 3.3.3.3 0.0.0.0 area 0 network 192.168.123.3 0.0.0.0 area 0
router bgp 23 bgp router-id 3.3.3.3 neighbor 192.168.123.2 remote-as 23 network 3.3.3.0 mask 255.255.255.0 | |
R1: R1#show ip bgp Network Next Hop Metric LocPrf Weight Path *> 1.1.1.0/24 0.0.0.0 0 32768 i *> 3.3.3.0/24 192.168.123.3 0 23 i |
8、如果上题中将R2-R3之间的BGP邻居关系改为用环回口建立,此时R1上观察到的3.3.3.0/24路由的下一跳有没有变化?
R2: router bgp 23 neighbor 3.3.3.3 remote-as 23 neighbor 3.3.3.3 update-source Loopback0 | R3: router bgp 23 neighbor 2.2.2.2 remote-as 23 neighbor 2.2.2.2 update-source Loopback0 |
解析:此时R1上看到的3.3.3.0/24路由的下一跳为192.168.123.3。
9、如果R2-R3之间改回用直连口建邻居,而在R1 R2之间用环回口建立邻居,这时R1观察到的3.3.3.0/24路由的下一跳有没有变化,分析产生上述现象的原因
R2: router bgp 23 neighbor 192.168.23.3 remote-as 23 neighbor 1.1.1.1 remote-as 100 neighbor 1.1.1.1 ebgp-multihop 255 neighbor 1.1.1.1 update-source Loopback0 | R3: router bgp 23 neighbor 192.168.23.2 remote-as 23 |
R1: router bgp 100 neighbor 2.2.2.2 remote-as 23 neighbor 2.2.2.2 ebgp-multihop 255 neighbor 2.2.2.2 update-source Loopback0 | |
R1:show ip bgp Network Next Hop Metric LocPrf Weight Path *> 1.1.1.0/24 0.0.0.0 0 32768 i *> 3.3.3.0/24 2.2.2.2 0 23 i |
解析:BGP的第三方下一跳:收到BGP路由的下一跳(递归完的下一跳)与建邻居的Neighbor地址是在同一网段,保持下一跳地址不变,例如上述实验8和实验9;不在同一网段,则正常改变下一跳,例如上述实验10。实验8和实验9,在R2上看到3.3.3.0/24,下一跳为192.168.123.3,若此时R2通过直连与R1建EBGP邻居,即R2上Neighbor 192.168.123.1 remote-as 100,与建邻居的Neighbor地址属同一网段,下一跳不变。
10、R2-R3之间改回环回口建邻居。并在R1 R2 R3之间开启BGP的认证。
R1: router bgp 100 neighbor 2.2.2.2 password cisco | R2: router bgp 23 neighbor 1.1.1.1 password cisco neighbor 3.3.3.3 password cisco
|
R3: router bgp 23 neighbor 2.2.2.2 password cisco |
EI CCNP培训学习技术提升、考证等可咨询WOLFAB网络实验室