ميزة الإعلان الشرطي BGP
المحتويات
المقدمة
يصف هذا المستند ميزة الإعلان المشروط لبروتوكول العبارة الحدودية (BGP) التي توفر التحكم الإضافي في إعلانات المسار، والتي تعتمد على وجود بادئات أخرى في جدول BGP.
المتطلبات الأساسية
المتطلبات
cisco يوصي أن يتلقى أنت معرفة من هذا موضوع:
- مستقل عن المنبر
المكونات المستخدمة
تستند المعلومات الواردة في هذا المستند إلى إصدارات البرامج والمكونات المادية التالية:
- IOS
- IOS-XE
- ASR1000
تم إنشاء المعلومات الواردة في هذا المستند من الأجهزة الموجودة في بيئة معملية خاصة. بدأت جميع الأجهزة المُستخدمة في هذا المستند بتكوين ممسوح (افتراضي). إذا كانت شبكتك قيد التشغيل، فتأكد من فهمك للتأثير المحتمل لأي أمر.
التكوين
تكوين R1 و R2 و R3. يتم توفير التكوين هنا.
الرسم التخطيطي للشبكة
التكوينات
تكوين R1:
!
hostname R1
!
ip cef
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
ip address 1.1.1.2 255.255.255.255
!
interface Loopback2
ip address 1.1.1.3 255.255.255.255
!
interface Loopback3
ip address 1.1.1.4 255.255.255.255
!
interface Loopback4
ip address 1.1.1.5 255.255.255.255
!
interface Loopback100
ip address 10.139.224.1 255.255.240.0
!
interface Ethernet0/0
ip address 10.10.12.1 255.255.255.0
!
router bgp 1
bgp log-neighbor-changes
neighbor 10.10.12.2 remote-as 2
!
address-family ipv4
network 0.0.0.0 route-map DEF
network 1.1.1.1 mask 255.255.255.255 route-map RM1
network 1.1.1.5 mask 255.255.255.255
redistribute connected route-map CUST
neighbor 10.10.12.2 activate
neighbor 10.10.12.2 send-community
neighbor 10.10.12.2 soft-reconfiguration inbound
exit-address-family
!
ip forward-protocol nd
!
ip bgp-community new-format
ip route 0.0.0.0 0.0.0.0 Null0
!
ip prefix-list CUST seq 5 permit 10.139.224.0/20
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list PL1 seq 5 permit 1.1.1.1/32
!
route-map CUST permit 10
match ip address prefix-list CUST
set community 64671:501
!
route-map RM1 permit 10
match ip address prefix-list PL1
set community 64952:3008
!
route-map DEF permit 10
match ip address prefix-list DEFAULT
set community 64848:3011 65011:200 65013:200
!
end
تكوين R2:
! hostname R2 ! ip cef ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface Ethernet0/0 ip address 10.10.12.2 255.255.255.0 ! interface Ethernet0/1 ip address 10.10.23.2 255.255.255.0 ! router bgp 2 bgp log-neighbor-changes neighbor 10.10.12.1 remote-as 1 neighbor 10.10.23.3 remote-as 3 ! address-family ipv4 neighbor 10.10.12.1 activate neighbor 10.10.12.1 soft-reconfiguration inbound neighbor 10.10.23.3 activate neighbor 10.10.23.3 send-community neighbor 10.10.23.3 advertise-map ADV-MAP exist-map EXIST-MAP <<< This statement changes in non-exist-map neighbor 10.10.23.3 soft-reconfiguration inbound exit-address-family ! ip forward-protocol nd ! ip bgp-community new-format ip community-list standard DEFAULT-ROUTE permit 65013:200 ip community-list standard DC1-ROUTES permit 64952:3008 ip community-list standard DC2-ROUTES permit 64671:501 ip community-list standard DC3-ROUTES permit 64950:3009 ip community-list standard DEFAULT-ROUTE-DENY deny 65013:200 ! ! ip prefix-list DEFAULT seq 5 permit 1.1.1.5/32 ip prefix-list DEFAULT seq 10 permit 1.1.1.1/32 ! ip prefix-list EXIST seq 5 permit 10.10.10.10/32 ! ip prefix-list DEFAULT-ROUTE seq 5 permit 0.0.0.0/0 ! ip prefix-list DEFAULT-ROUTE-DENY seq 5 deny 0.0.0.0/0 ! ip prefix-list IP1 seq 5 permit 10.139.224.0/20 ! ip prefix-list T2 seq 5 permit 1.1.1.5/32 ! route-map ADV-MAP permit 10 match ip address prefix-list IP1 ! route-map ADV-MAP permit 20 match community DC1-ROUTES DC2-ROUTES DC3-ROUTES ! route-map EXIST-MAP permit 10 description Verify Default Route from MDC-SWG match ip address prefix-list DEFAULT-ROUTE IP1 match community DEFAULT-ROUTE ! ! end
تكوين R3:
! hostname R3 ! ip cef ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface Ethernet0/1 ip address 10.10.23.3 255.255.255.0 shutdown ! router bgp 3 bgp log-neighbor-changes neighbor 10.10.23.2 remote-as 2 ! address-family ipv4 neighbor 10.10.23.2 activate neighbor 10.10.23.2 send-community neighbor 10.10.23.2 soft-reconfiguration inbound exit-address-family ! ip forward-protocol nd ! ip bgp-community new-format ! ! end
التحقق من الصحة
الشرط 1:
إذا لم يكن المسار الافتراضي موجودا في BGP RIB، فيجب ألا يعلن R2 عن مسارات معينة.
إذا كان المسار الافتراضي موجودا في BGP RIB، فيجب أن يعلن R2 عن جميع المسارات.
إستخدام خريطة موجودة
الشرط 2:
إذا لم يكن المسار الافتراضي موجودا في BGP RIB، فيجب أن يعلن R2 عن جميع المسارات.
إذا كان المسار الافتراضي موجودا في BGP RIB، فيجب ألا يعلن R2 عن مسارات معينة.
إستخدام خريطة غير موجودة
R1#show ip bgp
BGP table version is 7, local router ID is 10.139.224.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 0.0.0.0 0 32768 i
*> 1.1.1.1/32 0.0.0.0 0 32768 i
*> 1.1.1.5/32 0.0.0.0 0 32768 i
*> 10.139.224.0/20 0.0.0.0 0 32768 ?
R2#show ip bgp
BGP table version is 11, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 10.10.12.1 0 0 1 i
*> 1.1.1.1/32 10.10.12.1 0 0 1 i
*> 1.1.1.5/32 10.10.12.1 0 0 1 i
*> 10.139.224.0/20 10.10.12.1 0 0 1 ?
R2#show ip bgp 0.0.0.0
BGP routing table entry for 0.0.0.0/0, version 9
Paths: (1 available, best #1, table default)
Advertised to update-groups:
1
Refresh Epoch 1
1, (received & used)
10.10.12.1 from 10.10.12.1 (10.139.224.1)
Origin IGP, metric 0, localpref 100, valid, external, best
Community: 64848:3011 65011:200 65013:200
rx pathid: 0, tx pathid: 0x0
R2#show ip bgp neighbors 10.10.23.3 advertised-routes
BGP table version is 11, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 10.10.12.1 0 0 1 i
*> 1.1.1.1/32 10.10.12.1 0 0 1 i
*> 1.1.1.5/32 10.10.12.1 0 0 1 i
*> 10.139.224.0/20 10.10.12.1 0 0 1 ?
Total number of prefixes 4
Condition1 Verification:
======================== If default route is not present in BGP RIB, R2 should not advertise certain routes.
If default route is present in BGP RIB, R2 should advertise all the routes. Use exist-map
R2's BGP Configuration:
=======================
R2#show running-config | sec bgp
router bgp 2
bgp log-neighbor-changes
neighbor 10.10.12.1 remote-as 1
neighbor 10.10.23.3 remote-as 3
!
address-family ipv4
neighbor 10.10.12.1 activate
neighbor 10.10.12.1 soft-reconfiguration inbound
neighbor 10.10.23.3 activate
neighbor 10.10.23.3 send-community
neighbor 10.10.23.3 advertise-map ADV-MAP exist-map EXIST-MAP
neighbor 10.10.23.3 soft-reconfiguration inbound
exit-address-family
ip bgp-community new-format
When Default route is removed from R2's BGP RIB:
================================================ *Mar 6 09:07:08.833: BGP(0): 10.10.12.1 rcv UPDATE about 0.0.0.0/0 -- withdrawn *Mar 6 09:07:08.833: BGP(0): no valid path for 0.0.0.0/0 *Mar 6 09:07:08.833: BGP: topo global:IPv4 Unicast:base Remove_fwdroute for 0.0.0.0/0 *Mar 6 09:07:08.833: BGP(0): (base) 10.10.23.3 send unreachable (format) 0.0.0.0/0 *Mar 6 09:07:21.280: BPG(0): Condition EXIST-MAP changes to Withdraw *Mar 6 09:07:21.353: BGP(0): net 1.1.1.1/32 matches ADV MAP ADV-MAP: bump version to 13 *Mar 6 09:07:21.353: BGP(0): net 10.139.224.0/20 matches ADV MAP ADV-MAP: bump version to 14 *Mar 6 09:07:21.362: BGP(0): Revise route installing 1 of 1 routes for 1.1.1.1/32 -> 10.10.12.1(global) to main IP table *Mar 6 09:07:21.362: BGP(0): Revise route installing 1 of 1 routes for 10.139.224.0/20 -> 10.10.12.1(global) to main IP table *Mar 6 09:07:38.933: BGP(0): (base) 10.10.23.3 send unreachable (format) 1.1.1.1/32 *Mar 6 09:07:38.933: BGP(0): (base) 10.10.23.3 send unreachable (format) 10.139.224.0/20 R2#show ip bgp neighbors 10.10.23.3 advertised-routes BGP table version is 14, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 1.1.1.5/32 10.10.12.1 0 0 1 i Total number of prefixes 1 When Default route is added back into R2's BGP RIB:
=================================================== *Mar 6 09:15:22.883: BGP(0): 10.10.12.1 rcvd UPDATE w/ attr: nexthop 10.10.12.1, origin i, metric 0, merged path 1, AS_PATH , community 64848:3011 65011:200 65013:200 *Mar 6 09:15:22.883: BGP(0): 10.10.12.1 rcvd 0.0.0.0/0 *Mar 6 09:15:22.883: BGP(0): Revise route installing 1 of 1 routes for 0.0.0.0/0 -> 10.10.12.1(global) to main IP table *Mar 6 09:15:22.883: BGP(0): (base) 10.10.23.3 send UPDATE (format) 0.0.0.0/0, next 10.10.23.2, metric 0, path 1 *Mar 6 09:16:21.759: BPG(0): Condition EXIST-MAP changes to Advertise *Mar 6 09:16:21.759: BGP(0): net 1.1.1.1/32 matches ADV MAP ADV-MAP: bump version to 16 *Mar 6 09:16:21.759: BGP(0): net 10.139.224.0/20 matches ADV MAP ADV-MAP: bump version to 17 *Mar 6 09:16:21.768: BGP(0): Revise route installing 1 of 1 routes for 1.1.1.1/32 -> 10.10.12.1(global) to main IP table *Mar 6 09:16:21.769: BGP(0): Revise route installing 1 of 1 routes for 10.139.224.0/20 -> 10.10.12.1(global) to main IP table *Mar 6 09:16:21.769: BGP(0): (base) 10.10.23.3 send UPDATE (format) 1.1.1.1/32, next 10.10.23.2, metric 0, path 1 *Mar 6 09:16:21.769: BGP(0): (base) 10.10.23.3 send UPDATE (format) 10.139.224.0/20, next 10.10.23.2, metric 0, path 1 R2#show ip bgp neighbors 10.10.23.3 advertised-routes BGP table version is 17, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 0.0.0.0 10.10.12.1 0 0 1 i *> 1.1.1.1/32 10.10.12.1 0 0 1 i *> 1.1.1.5/32 10.10.12.1 0 0 1 i *> 10.139.224.0/20 10.10.12.1 0 0 1 ? Total number of prefixes 4
Condition2 Verification: ========================= If default route is not present in BGP RIB, R2 should advertise all the routes.
If default route is present in BGP RIB, R2 should not advertise certain routes. Use non-exist-map
R2's BGP Configuration:
=======================
R2#show running-config | sec bgp
router bgp 2
bgp log-neighbor-changes
neighbor 10.10.12.1 remote-as 1
neighbor 10.10.23.3 remote-as 3
!
address-family ipv4
neighbor 10.10.12.1 activate
neighbor 10.10.12.1 soft-reconfiguration inbound
neighbor 10.10.23.3 activate
neighbor 10.10.23.3 send-community
neighbor 10.10.23.3 advertise-map ADV-MAP non-exist-map EXIST-MAP
neighbor 10.10.23.3 soft-reconfiguration inbound
exit-address-family
ip bgp-community new-format
When Default route is removed from R2's BGP RIB: ================================================ *Mar 6 09:21:24.445: BGP(0): 10.10.12.1 rcv UPDATE about 0.0.0.0/0 -- withdrawn *Mar 6 09:21:24.445: BGP(0): no valid path for 0.0.0.0/0 *Mar 6 09:21:24.445: BGP: topo global:IPv4 Unicast:base Remove_fwdroute for 0.0.0.0/0 *Mar 6 09:21:24.445: BGP(0): (base) 10.10.23.3 send unreachable (format) 0.0.0.0/0 *Mar 6 09:22:22.050: BPG(0): Condition EXIST-MAP changes to Advertise *Mar 6 09:22:22.050: BGP(0): net 1.1.1.1/32 matches ADV MAP ADV-MAP: bump version to 21 *Mar 6 09:22:22.050: BGP(0): net 10.139.224.0/20 matches ADV MAP ADV-MAP: bump version to 22 *Mar 6 09:22:22.060: BGP(0): Revise route installing 1 of 1 routes for 1.1.1.1/32 -> 10.10.12.1(global) to main IP table *Mar 6 09:22:22.060: BGP(0): Revise route installing 1 of 1 routes for 10.139.224.0/20 -> 10.10.12.1(global) to main IP table *Mar 6 09:22:22.060: BGP(0): (base) 10.10.23.3 send UPDATE (format) 1.1.1.1/32, next 10.10.23.2, metric 0, path 1 *Mar 6 09:22:22.060: BGP(0): (base) 10.10.23.3 send UPDATE (format) 10.139.224.0/20, next 10.10.23.2, metric 0, path 1 R2#show ip bgp neighbors 10.10.23.3 advertised-routes BGP table version is 22, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 1.1.1.1/32 10.10.12.1 0 0 1 i *> 1.1.1.5/32 10.10.12.1 0 0 1 i *> 10.139.224.0/20 10.10.12.1 0 0 1 ? Total number of prefixes 3 When Default route is added back into R2's BGP RIB: ===================================================== *Mar 6 09:23:04.461: BGP(0): 10.10.12.1 rcvd UPDATE w/ attr: nexthop 10.10.12.1, origin i, metric 0, merged path 1, AS_PATH , community 64848:3011 65011:200 65013:200 *Mar 6 09:23:04.461: BGP(0): 10.10.12.1 rcvd 0.0.0.0/0 *Mar 6 09:23:04.461: BGP(0): Revise route installing 1 of 1 routes for 0.0.0.0/0 -> 10.10.12.1(global) to main IP table *Mar 6 09:23:04.461: BGP(0): (base) 10.10.23.3 send UPDATE (format) 0.0.0.0/0, next 10.10.23.2, metric 0, path 1 *Mar 6 09:23:22.090: BPG(0): Condition EXIST-MAP changes to Withdraw *Mar 6 09:23:22.090: BGP(0): net 1.1.1.1/32 matches ADV MAP ADV-MAP: bump version to 24 *Mar 6 09:23:22.090: BGP(0): net 10.139.224.0/20 matches ADV MAP ADV-MAP: bump version to 25 *Mar 6 09:23:22.103: BGP(0): Revise route installing 1 of 1 routes for 1.1.1.1/32 -> 10.10.12.1(global) to main IP table *Mar 6 09:23:22.103: BGP(0): Revise route installing 1 of 1 routes for 10.139.224.0/20 -> 10.10.12.1(global) to main IP table *Mar 6 09:23:35.248: BGP(0): (base) 10.10.23.3 send unreachable (format) 1.1.1.1/32 *Mar 6 09:23:35.248: BGP(0): (base) 10.10.23.3 send unreachable (format) 10.139.224.0/20 R2#show ip bgp neighbors 10.10.23.3 advertised-routes BGP table version is 25, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 0.0.0.0 10.10.12.1 0 0 1 i *> 1.1.1.5/32 10.10.12.1 0 0 1 i Total number of prefixes 2
| حالة خريطة الوجود |
حالة خريطة الإعلانات |
|
| إذا كان المسار الافتراضي موجودا. |
الشرط المتطابق |
إعلان |
| إذا لم يكن المسار الافتراضي موجودا. |
الشرط غير مطابق |
مسحوب |
| حالة خريطة غير موجودة |
حالة خريطة الإعلانات |
|
| إذا كان المسار الافتراضي موجودا. |
الشرط المتطابق |
ننسحب |
| إذا لم يكن المسار الافتراضي موجودا. |
الشرط غير مطابق |
إعلان |
استكشاف الأخطاء وإصلاحها
الأمر المهم هو تحديثات BGP ip التي تمنحك حركة خلفية لمخططات المسار المرتبطة بالخريطة الشرطية BGP. في تصحيح الأخطاء الشرطي لتشغيل الشبكة الكبيرة باستخدام قائمة التحكم في الوصول (ACL).
التعليقات