CCNP-31 BGP 1 
版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 、作者信息和本声明。否则将追究法律责任。http://loveme23.blog.51cto.com/7891/53577 |
CCNP-31 BGP 1实验拓扑: 实验要求:R1属于AS 65500中的一台路由器,R2-4属于AS 65000中的路由器,在AS 65000中使用的事OSPF路由协议,R1与R2配置成为EBGP PEER,R2与R4之间配置成为IBGP PEER。
试验目的:掌握基本的EBGP和IBGP的配置和传递路由需要的条件,能够使用show和debug来解决简单的问题。试验配置:
R1:
R1(config)#int f0/0
R1(config-if)#ip add
R1(config-if)#no shu
R1(config-if)#exit
R1(config)#int f1/0
R1(config-if)#exit
R1(config)#int f1/0
R1(config-if)#ip add 172.16.1.1 255.255.255.0
R1(config-if)#no shu
R1(config-if)#no keepalive
R1(config-if)#exit
R2:
R2(config)#int f0/0
R2(config-if)#ip add
R2(config-if)#no shu
R2(config-if)#exit
R2(config)#int f1/0
R2(config-if)#ip add 192.1.1.1 255.255.255.0
R2(config-if)#no shu
R2(config-if)#exit
R2(config)#int loop0
R2(config-if)#ip add
R2(config-if)#exit
R2(config)#int loop1
R2(config-if)#ip add 172.16.2.1 255.255.255.0
R2(config-if)#no shu
R2(config-if)#exit
R2(config)#router ospf 100
R2(config-router)#router-id
R2(config-router)#network
R2(config-router)#exit
R3:
R3(config)#int f1/0
R3(config-if)#ip add 192.1.1.2 255.255.255.0
R3(config-if)#no shu
R3(config-if)#exit
R3(config)#int f0/0
R3(config-if)#ip add 193.1.1.1 255.255.255.0
R3(config-if)#no shu
R3(config-if)#exit
R3(config)#int loop0
R3(config-if)#ip add
R3(config-if)#exit
R3(config)#router ospf 100
R3(config-router)#router-id
R3(config-router)#network
R3(config-router)#exit
R4:
R4(config)#int f0/0
R4(config-if)#ip add 193.1.1.2 255.255.255.0
R4(config-if)#no shu
R4(config-if)#exit
R4(config)#int f1/0
R4(config-if)#ip add 172.16.3.1 255.255.255.0
R4(config-if)#no shu
R4(config-if)#no keepalive
R4(config-if)#exit
R4(config)#int loop0
R4(config-if)#ip add
R4(config-if)#exit
R4(config)#router ospf 100
R4(config-router)#router-id
R4(config-router)#network
R4(config-router)#exit
基本的链路层和OSPF配置完成了,上面用红色标记的部分是因为那个接口没有连接任何设备,我们用它来模拟内部网络,如果与接口没有活动的连接,那么接口就会down掉,使用no
keepalive命令来取消检测活动连接,使之一直保持在UP状态。
下面我们开始BGP的配置,如下:
R1(config)#int loop0
R1(config-if)#ip add
R1(config-if)#exit
R1(config)#router bgp
65500 //65500为AS号
R1(config-router)#neighbor
R1(config-router)#network
172.16.1.0 mask 255.255.255.0 //宣告网段
R2(config)#router bgp
65000
R2(config-router)#neighbor
R2(config-router)#neighbor
R2(config-router)#neighbor
R2(config-router)#network
192.1.1.0
R2(config-router)#network
172.16.2.0 mask 255.255.255.0
R4(config)#router bgp
65000
R4(config-router)#neighbor
R4(config-router)#neighbor
R4(config-router)#network
172.16.3.0 mask 255.255.255.0
R4(config-router)#network
193.1.1.0
R4(config-router)#exit
BGP的配置和其他路由协议差不多,也需要在全局模式下使用router bgp xxx命令,只不过后面的数字表示的是AS号,BGP的邻居需要管理员人工指定,并且要表明邻居所在的AS,在EBGP PEER情况下,neighbor后面的ip地址一般为直连的对端接口的IP地址,这是因为BGP有一个一跳的属性限制,可以修改,不过不建议这样做,不过在IBGP
PEER的配置中,neighbor后面的ip地址的要求就没有这么严格了,只要可达的IP地址都可以,在这里我们一般使用LOOPBACK接口的IP地址作为更新源,因为loopback接口有一个永远不会down的特性,并且在多条路经的时候,用loopback地址作为更新源地址可以实现冗余(BGP不能实现负载均衡,他只选择最优的路径写入路由表!),update-source
loopback 0指明更新源为loopback口,这条命令需要在使用loopback接口作为更新源的对等体路由器都要配置!
最后使用network命令宣告需要发布的路由,这里BGPv4支持VLSM与CIDR,所以BGP在更新一条路有的时候需要写出掩码,默认的是主网络的掩码,可以使用mask选项来配置掩码。
BGP和EIGRP,OSPF,ISIS一样都有三张表,邻居表,BGP路由表和IP路由表,下面我们来看看BGP的邻居表:
R2#show ip bgp neighbors
BGP neighbor is
BGP
version 4, remote router ID
BGP
state = Established, up for 00:03:56 //邻居状态Established
Last read 00:00:55, last write 00:00:55, hold time is 180, keepalive
interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 2 2
Keepalives: 6 6
Route Refresh: 0 0
Total: 9 9
Default minimum time between advertisement runs is 0 seconds
For
address family: IPv4 Unicast
BGP
table version 8, neighbor version 8/0
Output queue size : 0
Index 2, Offset 0, Mask 0x4
2
update-group member
Sent Rcvd
Prefix activity:
---- ----
Prefixes Current:
3 2 (Consumes 104 bytes)
Prefixes Total:
3 2
Implicit Withdraw:
0 0
Explicit Withdraw:
0 0
Used as bestpath:
n/a 2
Used as multipath:
n/a 0
Outbound Inbound
Local Policy Denied Prefixes:
-------- -------
Bestpath from this peer:
2 n/a
Total:
2 0
Number of NLRIs in the update sent: max 2, min 1
Connections established 1; dropped 0
Last reset never
Connection state is ESTAB, I/O status: 1,
unread input bytes: 0
Connection is ECN Disabled, Mininum
incoming TTL 0, Outgoing TTL 255
Local host:
Foreign host:
Enqueued packets for retransmit: 0, input:
0 mis-ordered: 0 (0 bytes)
Event Timers (current time is 0xF62D8):
Timer Starts Wakeups Next
Retrans 6 0 0x0
TimeWait 0 0 0x0
AckHold 7 6 0x0
SendWnd 0 0 0x0
KeepAlive 0 0 0x0
GiveUp 0 0 0x0
PmtuAger 0 0 0x0
DeadWait 0
0 0x0
iss: 4085729406 snduna: 4085729684 sndnxt: 4085729684 sndwnd:
16107
irs:
975868670 rcvnxt: 975868940
rcvwnd: 16115 delrcvwnd:
269
SRTT: 178 ms, RTTO: 1209 ms, RTV: 1031 ms,
KRTT: 0 ms
minRTT: 212 ms, maxRTT: 428 ms, ACK hold:
200 ms
Flags: active open, nagle
IP Precedence value : 6
Datagrams (max data segment is 536 bytes):
Rcvd: 8 (out of order: 0), with data: 7,
total data bytes: 269
Sent: 15 (retransmit: 0, fastretransmit: 0,
partialack: 0, Second Congestion: 0), with data: 7, total data bytes: 277
BGP neighbor is
BGP
version 4, remote router ID
BGP
state = Established, up for 00:05:00
Last read 00:00:00, last write 00:00:00, hold time is 180, keepalive
interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 3 1
Keepalives: 7 7
Route Refresh: 0 0
Total: 11 9
Default minimum time between advertisement runs is 30 seconds
For
address family: IPv4 Unicast
BGP
table version 8, neighbor version 8/0
Output queue size : 0
Index 1, Offset 0, Mask 0x2
1
update-group member
Sent Rcvd
Prefix activity:
---- ----
Prefixes Current:
4 1 (Consumes 52 bytes)
Prefixes Total:
4 1
Implicit Withdraw:
0 0
Explicit Withdraw: 0 0
Used as bestpath:
n/a 1
Used as multipath:
n/a 0
Outbound Inbound
Local Policy Denied Prefixes:
-------- -------
Bestpath from this peer:
1 n/a
Total:
1 0
Number of NLRIs in the update sent: max 2, min 1
Connections established 1; dropped 0
Last reset never
Connection state is ESTAB, I/O status: 1,
unread input bytes: 0
Connection is ECN Disabled, Mininum
incoming TTL 0, Outgoing TTL 1
Local host:
Foreign host:
Enqueued packets for retransmit: 0, input:
0 mis-ordered: 0 (0 bytes)
Event Timers (current time is 0xF
Timer Starts Wakeups Next
Retrans 11 0 0x0
TimeWait 0 0 0x0
AckHold 9 2 0x0
SendWnd 0
0 0x0
KeepAlive 0 0 0x0
GiveUp 0 0 0x0
PmtuAger 0 0 0x0
DeadWait 0 0 0x0
iss:
300025546 snduna: 300025871
sndnxt: 300025871 sndwnd:
16060
irs: 1734736732 rcvnxt: 1734736963 rcvwnd:
16154 delrcvwnd: 230
SRTT: 251 ms, RTTO: 796 ms, RTV: 545 ms,
KRTT: 0 ms
minRTT: 24 ms, maxRTT: 412 ms, ACK hold:
200 ms
Flags: passive open, nagle, gen tcbs
IP Precedence value : 6
Datagrams (max data segment is 1460 bytes):
Rcvd: 19 (out of order: 0), with data: 9,
total data bytes: 230
Sent: 13 (retransmit: 0, fastretransmit: 0,
partialack: 0, Second Congestion: 0), with data: 10, total data bytes: 324
以上为R2的BGP邻居信息,详细的说明了邻居的状态和一些参数。
(其他BGP路由器的邻居表略)
然后查看BGP路由表:
R1#show ip bgp
BGP table version is 6, local router ID is
Status codes: s suppressed, d damped, h
history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? -
incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.1.0/24
*> 172.16.2.0/24
*> 172.16.3.0/24
*> 192.1.1.0
*> 193.1.1.0
R2#show ip bgp
BGP table version is 8, local router ID is
172.16.2.1
Status codes: s suppressed, d damped, h
history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? -
incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.1.0/24
*> 172.16.2.0/24
r>i172.16.3.0/24
*> 192.1.1.0
r>i193.1.1.0
R4#show ip bgp
BGP table version is 7, local router ID is
Status codes: s suppressed, d damped, h
history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? -
incomplete
Network Next Hop Metric LocPrf Weight Path
*>i172.16.1.0/24
*>i172.16.2.0/24
*> 172.16.3.0/24
r>i192.1.1.0
*> 193.1.1.0
上面的输出解释:
*号表示存在的网络;
>号表示最佳路径;
前面的i表示通过IBGP学到的路由;
前面的r表示写入到路由信息库失败的路由,可以通过命令show ip bgp
rib-failure查看失败原因;
NextHop表示下一跳;
Metric用来表示MED属性;
LocPrf用来表示本地优先级,默认为100;
Weight是cisco专有的一个属性,如果这条路由是自己产生的,Weight为32768,如果是从邻居学到的Weight为0;
Path为BGP的AS PATH属性,用来表示经过的AS。
这里有的前面标记为r的原因是:在写入路由表的时候,ospf同样也有到达该目的地的路由,所以管理距离小的就写入路由表,IBGP的管理距离为200,OSPF的为120,所以使用OSPF的路由。
BGP table version is 7表示BGP的路由表经过了7次的交换和学习路由。
最后查看一下IP路由表:
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B
- BGP
D - EIGRP,
EX - EIGRP external, O -
N1 - OSPF
NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF
external type 1, E2 - OSPF external type 2
i - IS-IS,
su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS
inter area, * - candidate default, U - per-user static route
o - ODR, P
- periodic downloaded static route
Gateway of last resort is not set
C
172.16.0.0/24
is subnetted, 3 subnets
C 172.16.1.0
is directly connected, FastEthernet1/0
B
172.16.2.0 [20/0] vi
B
172.16.3.0 [20/0] vi
C
B
193.1.1.0/24 [20/0] vi
B
192.1.1.0/24 [20/0] vi
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B
- BGP
D - EIGRP,
EX - EIGRP external, O -
N1 - OSPF
NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF
external type 1, E2 - OSPF external type 2
i - IS-IS,
su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS
inter area, * - candidate default, U - per-user static route
o - ODR, P
- periodic downloaded static route
Gateway of last resort is not set
C
O
O
172.16.0.0/24
is subnetted, 3 subnets
B
172.16.1.0 [20/0] vi
C 172.16.2.0
is directly connected, Loopback1
O 172.16.3.0
[110/3] via 192.1.1.2, 00:07:05, FastEthernet1/0
C
O 193.1.1.0/24
[110/2] via 192.1.1.2, 00:07:05, FastEthernet1/0
C 192.1.1.0/24
is directly connected, FastEthernet1/0
R4#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B
- BGP
D - EIGRP,
EX - EIGRP external, O -
N1 - OSPF
NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF
external type 1, E2 - OSPF external type 2
i - IS-IS,
su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS
inter area, * - candidate default, U - per-user static route
o - ODR, P
- periodic downloaded static route
Gateway of last resort is not set
O
O
C
172.16.0.0/16
is variably subnetted, 4 subnets, 2 masks
B
172.16.1.0/24 [200/0] vi
B
172.16.2.0/24 [200/0] vi
C
172.16.3.0/24 is directly connected, FastEthernet1/0
O
172.16.2.1/32 [110/3] via 193.1.1.1, 00:11:10, FastEthernet0/0
O
C 193.1.1.0/24
is directly connected, FastEthernet0/0
O 192.1.1.0/24
[110/2] via 193.1.1.1, 00:11:11, FastEthernet0/0
上面用红色标记的是从BGP学到的路由,下面我们来在R4上ping测试一下:
R4#p 172.16.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to
172.16.1.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
R4#
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to
!!!!!
Success rate is 100 percent (5/5), round-trip
min/avg/max = 276/352/408 ms
R4#
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to
!!!!!
Success rate is 100 percent (5/5), round-trip
min/avg/max = 144/205/260 ms
R4#p 172.16.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is
2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip
min/avg/max = 168/245/356 ms
到172.16.1.1不通,为什么呢?我们debug ip icmp来观察一下:
R4#debug ip icmp
ICMP packet debugging is on
R4#p 172.16.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is
2 seconds:
U
*Mar
1 00:17:47.947: ICMP: dst (193.1.1.2) host unreachable rcv from
193.1.1.1.U
*Mar
1 00:17:50.051: ICMP: dst (193.1.1.2) host unreachable rcv from
193.1.1.1.U
Success rate is 0 percent (0/5)
R4#
*Mar
1 00:17:52.167: ICMP: dst (193.1.1.2) host unreachable rcv from
193.1.1.1
收到193.1.1.1的目标不可达错误消息,我们到R3上查看一下路由表:
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B
- BGP
D - EIGRP,
EX - EIGRP external, O -
N1 - OSPF
NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external
type 1, E2 - OSPF external type 2
i - IS-IS,
su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS
inter area, * - candidate default, U - per-user static route
o - ODR, P
- periodic downloaded static route
Gateway of last resort is not set
O
C
O
172.16.0.0/16
is variably subnetted, 2 subnets, 2 masks
O
172.16.3.0/24 [110/2] via 193.1.1.2, 00:07:54, FastEthernet0/0
O
172.16.2.1/32 [110/2] via 192.1.1.1, 00:07:54, FastEthernet1/0
O
C 193.1.1.0/24
is directly connected, FastEthernet0/0
C 192.1.1.0/24
is directly connected, FastEthernet1/0
没有到172.16.1.0/24的路由,我们来添加一条静态路由:
Ip route 172.16.1.0 255.255.255.0 192.1.1.1
这样我们再到R4上Ping 172.16.1.1看看:
R4#p 172.16.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is
2 seconds:
!!!!!
Success rate is 100 percent (5/5),
round-trip min/avg/max = 212/290/408 ms
通了。
其实在一个传输AS中,要求形成一个完全网格的拓扑,就是所有路由器必须都要直连在一起,以防止向在这里出现的中间有一台没有运行BGP的路由器所带来的问题。不过完全网格的限制可以通过其他的手段来解决。
下面我们再来观察一下BGP在建立邻居关系时候的debug信息:
R1#debug ip bgp ipv4 unicast
BGP debugging is on for address family:
IPv4 Unicast
R1#clear ip bgp *
R1#
*Mar
1 00:22:32.907: BGPNSF state:
*Mar
1 00:22:32.907: BGP:
*Mar
1 00:22:32.907: %BGP-5-ADJCHANGE: neighbor
*Mar
1 00:22:32.907: BGP:
*Mar
1 00:22:32.911: BGP:
*Mar
1 00:22:32.919: BGP:
*Mar
1 00:22:33.055: BGP:
*Mar
1 00:22:33.055: BGP:
*Mar
1 00:22:33.063: BGP:
*Mar 1 00:22:33.175: BGP:
*Mar
1 00:22:33.175: BGP:
*Mar
1 00:22:33.179: BGP:
*Mar
1 00:22:33.179: BGP:
*Mar
1 00:22:33.179: BGP:
*Mar
1 00:22:33.179: BGP:
*Mar
1 00:22:33.179: BGP:
*Mar
1 00:22:33.183: BGP:
*Mar
1 00:22:33.183: BGP:
*Mar
1 00:22:33.183: BGP:
*Mar
1 00:22:33.183: BGP:
*Mar
1 00:22:33.183: BGP:
BGP:
*Mar
1 00:22:33.187: BGP:
*Mar
1 00:22:33.187: BGP:
实验总结:掌握基本的BGP配置,掌握EBGP/IBGP PEER配置中需要注意的问题和配置方法,并且掌握基本的查看和调试BGP信息和解决简单问题的方法。 本文出自 “★Beckham~23” 博客,请务必保留此出处http://loveme23.blog.51cto.com/7891/53577 本文出自 51CTO.COM技术博客 |
loveme23
博客统计信息
热门文章
最新评论