文章作者:姜南(Slyar) 文章来源:Slyar Home (www.slyar.com) 转载请注明,谢谢合作。
【实验环境】
C3640-IK9O3S-M Version 12.4(10)
【实验目的】
采用邻居全互联(Full-mesh)方式解决由IBGP水平分割导致的BGP路由黑洞问题
【实验拓扑】
【实验描述】
R1、R2、R4、R5跑BGP协议,R2、R3、R4跑OSPF协议。目标是使1.1.1.1<->5.5.5.5可以互相访问
IBGP邻居关系采用回环口进行建立,R1<->R2<->R4<->R5
R1<->R2、R4<->R5之间创建默认路由保证BGP邻居关系的建立
数据层面的BGP路由黑洞问题:由于R3没有跑BGP,因此R2和R4均不会将路由条目传给R3,因此R3没有1.1.1.1和5.5.5.5的路由,导致路由黑洞。
解决方法:在R3上也跑1个BGP,并且与R2和R4建立完全BGP邻居关系,通过IBGP学习到1.1.1.1和5.5.5.5的路由条目
注意:BGP的同步及下一跳问题
【实验步骤】
1、R1基本配置,端口,默认路由:
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface Serial0/0
ip address 12.0.0.1 255.255.255.0
clock rate 64000
!
ip route 2.2.2.2 255.255.255.255 12.0.0.2
2、R2基本配置,端口,默认路由,OSPF:
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface Serial0/0
ip address 12.0.0.2 255.255.255.0
!
interface Serial0/1
ip address 23.0.0.1 255.255.255.0
clock rate 64000
!
router ospf 110
router-id 2.2.2.2
network 2.2.2.0 0.0.0.255 area 0
network 23.0.0.1 0.0.0.0 area 0
!
ip route 1.1.1.1 255.255.255.255 12.0.0.1
3、R3基本配置,端口,OSPF:
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface Serial0/0
ip address 34.0.0.1 255.255.255.0
clock rate 64000
!
interface Serial0/1
ip address 23.0.0.2 255.255.255.0
!
router ospf 110
router-id 3.3.3.3
network 3.3.3.0 0.0.0.255 area 0
network 23.0.0.2 0.0.0.0 area 0
network 34.0.0.1 0.0.0.0 area 0
!
4、R4基本配置,端口,默认路由,OSPF:
!
interface Loopback0
ip address 4.4.4.4 255.255.255.0
!
interface Serial0/0
ip address 34.0.0.2 255.255.255.0
!
interface Serial0/1
ip address 45.0.0.1 255.255.255.0
clock rate 64000
!
router ospf 110
router-id 4.4.4.4
network 4.4.4.0 0.0.0.255 area 0
network 34.0.0.2 0.0.0.0 area 0
!
ip route 5.5.5.5 255.255.255.255 45.0.0.2
5、R5基本配置,端口,默认路由:
!
interface Loopback0
ip address 5.5.5.5 255.255.255.0
!
interface Serial0/1
ip address 45.0.0.2 255.255.255.0
!
ip route 4.4.4.4 255.255.255.255 45.0.0.1
6、配置R1与R2之间的EBGP
//R1配置AS 1
router bgp 1
//默认关闭同步
no synchronization
//设置bgp router-id
bgp router-id 1.1.1.1
//宣告路由条目
network 1.1.1.0 mask 255.255.255.0
//设置邻居AS号,使用回环口建立邻居关系,需要将默认的TTL值由1改为2
neighbor 2.2.2.2 remote-as 3
neighbor 2.2.2.2 ebgp-multihop 2
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
//R2配置AS 3
router bgp 3
no synchronization
//设置bgp router-id,建议与OSPF保持一致
bgp router-id 2.2.2.2
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback0
no auto-summary
!
7、配置R4与R5之间的EBGP
//R4配置AS 3
router bgp 3
no synchronization
neighbor 5.5.5.5 remote-as 5
neighbor 5.5.5.5 ebgp-multihop 2
neighbor 5.5.5.5 update-source Loopback0
no auto-summary
//R5配置AS 5
router bgp 5
no synchronization
network 5.5.5.0 mask 255.255.255.0
neighbor 4.4.4.4 remote-as 3
neighbor 4.4.4.4 ebgp-multihop 2
neighbor 4.4.4.4 update-source Loopback0
no auto-summary
8、使用Peer Group简化配置,节约内存,配置R2、R3、R4之间的IBGP,通过邻居全互联解决路由黑洞问题
//R2与R3、R4建立邻居关系
router bgp 3
neighbor slyar peer-group
neighbor slyar remote-as 3
neighbor slyar update-source Loopback0
neighbor slyar next-hop-self
neighbor 3.3.3.3 peer-group slyar
neighbor 4.4.4.4 peer-group slyar
//R3与R2、R4建立邻居关系
router bgp 3
neighbor slyar peer-group
neighbor slyar remote-as 3
neighbor slyar update-source Loopback0
neighbor slyar next-hop-self
neighbor 2.2.2.2 peer-group slyar
neighbor 4.4.4.4 peer-group slyar
//R4与R2、R3建立邻居关系
router bgp 3
neighbor slyar peer-group
neighbor slyar remote-as 3
neighbor slyar update-source Loopback0
neighbor slyar next-hop-self
neighbor 2.2.2.2 peer-group slyar
neighbor 3.3.3.3 peer-group slyar
由于所有运行IBGP的路由器上都关闭了同步,并且使用next-hop-self命令解决了下一跳问题,因此所有路由器上的BGP条目均为best,并且可以通过路由递归查询进行正常转发。
9、检查路由表
R1#sh ip ro
1.0.0.0/24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
S 2.2.2.2 [1/0] via 12.0.0.2
5.0.0.0/24 is subnetted, 1 subnets
B 5.5.5.0 [20/0] via 2.2.2.2, 00:59:19
12.0.0.0/24 is subnetted, 1 subnets
C 12.0.0.0 is directly connected, Serial0/0
R2#sh ip ro
34.0.0.0/24 is subnetted, 1 subnets
O 34.0.0.0 [110/128] via 23.0.0.2, 01:04:19, Serial0/1
1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
S 1.1.1.1/32 [1/0] via 12.0.0.1
B 1.1.1.0/24 [20/0] via 1.1.1.1, 01:13:12
2.0.0.0/24 is subnetted, 1 subnets
C 2.2.2.0 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/65] via 23.0.0.2, 01:04:19, Serial0/1
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/129] via 23.0.0.2, 01:04:21, Serial0/1
5.0.0.0/24 is subnetted, 1 subnets
B 5.5.5.0 [200/0] via 4.4.4.4, 01:02:00
23.0.0.0/24 is subnetted, 1 subnets
C 23.0.0.0 is directly connected, Serial0/1
12.0.0.0/24 is subnetted, 1 subnets
C 12.0.0.0 is directly connected, Serial0/0
R3#sh ip ro
34.0.0.0/24 is subnetted, 1 subnets
C 34.0.0.0 is directly connected, Serial0/0
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [200/0] via 2.2.2.2, 01:02:46
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/65] via 23.0.0.1, 01:04:38, Serial0/1
3.0.0.0/24 is subnetted, 1 subnets
C 3.3.3.0 is directly connected, Loopback0
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/65] via 34.0.0.2, 01:04:38, Serial0/0
5.0.0.0/24 is subnetted, 1 subnets
B 5.5.5.0 [200/0] via 4.4.4.4, 01:02:26
23.0.0.0/24 is subnetted, 1 subnets
C 23.0.0.0 is directly connected, Serial0/1
R4#sh ip ro
34.0.0.0/24 is subnetted, 1 subnets
C 34.0.0.0 is directly connected, Serial0/0
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [200/0] via 2.2.2.2, 01:02:32
2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/129] via 34.0.0.1, 01:04:54, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/65] via 34.0.0.1, 01:04:54, Serial0/0
4.0.0.0/24 is subnetted, 1 subnets
C 4.4.4.0 is directly connected, Loopback0
5.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
S 5.5.5.5/32 [1/0] via 45.0.0.2
B 5.5.5.0/24 [20/0] via 5.5.5.5, 01:13:23
23.0.0.0/24 is subnetted, 1 subnets
O 23.0.0.0 [110/128] via 34.0.0.1, 01:04:56, Serial0/0
45.0.0.0/24 is subnetted, 1 subnets
C 45.0.0.0 is directly connected, Serial0/1
R5#sh ip ro
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 4.4.4.4, 01:02:48
4.0.0.0/32 is subnetted, 1 subnets
S 4.4.4.4 [1/0] via 45.0.0.1
5.0.0.0/24 is subnetted, 1 subnets
C 5.5.5.0 is directly connected, Loopback0
45.0.0.0/24 is subnetted, 1 subnets
C 45.0.0.0 is directly connected, Serial0/1
10、验证,在R1上使用回环口1.1.1.1连接5.5.5.5
R1#ping 5.5.5.5 so 1.1.1.1
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 76/92/108 ms
11、评价
这种方法在实际工程中显然不可取:
配置复杂;
任意IBGP路由器均需要互联,需要维护大量的IBGP关系
消耗大量资源;
以后会陆续介绍其他方法
