比较IOS和IOS-XR上的OSPF转发地址行为
简介
本文档介绍IOS-XR和IOS设备上的开放最短路径优先(OSPF)转发地址的概念。它比较了IOS-XR和IOS设备之间的OSPF行为。
先决条件
要求
Cisco建议您对OSPF协议有基本的了解。
使用的组件
本文档中的信息基于以下软件和硬件版本:
- IOS-XR虚拟设备版本:6.1.3、6.1.2、6.0.0、5.3.0、5.2.0
- Cisco IOS平台
OSPF转发地址
本节讨论OSPF中转发地址的概念,如果您已经熟悉此概念,可以继续下一节。
当OSPF路由器将来自其他源协议的路由重分发到OSPF中,作为E1或E2时,它可以在该特定外部链路状态通告(LSA)中设置转发地址。 OSPF协议必须满足这些条件才能设置该特定属性。转发地址可以填充(非零),也可以不填充(全零)。
所有这些条件必须将转发地址字段设置为非零地址:
- 在下一跳接口的自治系统边界路由器(ASBR)上启用OSPF
- ASBR的下一跳接口在OSPF下为非被动接口
- ASBR的下一跳接口不是点对点
- ASBR的下一跳接口不是点对多点
- ASBR 的下一跳接口地址属于在 router ospf 命令中指定的网络范围。
- 除这些条件外,其他任何条件均将转发地址设置为0.0.0.0。
当转发地址设置为全零(0.0.0.0)时,这意味着路由器必须递归到OSPF拓扑中的该特定节点,才能正确将流量路由到目的地。与距离矢量协议相比,OSPF作为链路状态路由协议的一大区别是链路状态使其能够全面了解该特定区域的拓扑,路由器可以计算到拓扑中节点的最短路径,并全面了解所有设备及其成本。它不一定会路由到前缀,而是路由到节点,这是一个很大的不同。
当转发地址设置为非零值时,路由器会检查到与转发地址连接的节点的最短路径。
本节将回顾拓扑,以进一步说明:
图1
在图1中,增强型内部网关路由协议(EIGRP)在共享网段192.168.1.0/24上的R2和R3之间运行。R1也连接到共享网段192.168.1.0/24,但没有EIGRP。R2配置为将172.16.3.3/32从EIGRP重分布到OSPF作为外部E2路由。OSPF在R2到R4、R1到R4、R1到Transit_Router和R4之间运行,向XR5运行。XR5路由器软件是IOS-XR。
本节说明转发地址的重要性。假设您的流量从云网络发往172.16.3.3/32,此流量到达Transit_Router,并根据路由表转发。
检查Transit_Router的路由表中前缀172.16.3.3/32的内容。
Transit_Router#show ip route 172.16.3.3
Routing entry for 172.16.3.3/32 Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 2 Last update from 192.168.70.1 on GigabitEthernet1, 00:00:04 ago Routing Descriptor Blocks: * 192.168.70.1, from 2.2.2.2, 00:00:04 ago, via GigabitEthernet1 <- You see the prefix is from advertising router with router-id 2.2.2.2 Route metric is 20, traffic share count is 1 Transit_Router#
下一跳是192.168.70.1,该跳指向R1。由于R2将网络172.16.3.3/32重分发到OSPF,因此您可以假设必须路由到R2才能到达目的172.16.3.3/32。
您可以从Transit_Router向172.16.3.3/32运行traceroute。
Transit_Router#traceroute 172.16.3.3 timeout 1 Type escape sequence to abort. Tracing the route to 172.16.3.3 VRF info: (vrf in name/id, vrf out name/id) 1 192.168.70.1 7 msec 5 msec 8 msec <- R1 2 192.168.1.3 10 msec 11 msec 17 msec <- R3
当R1收到发往172.16.3.3/32的流量时,它实际上会直接路由到R3。在R1上运行show ip route以查看指向172.16.3.3的路由表。
R1#show ip route 172.16.3.3
Routing entry for 172.16.3.3/32
Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 1
Last update from 192.168.1.3 on GigabitEthernet0/0, 02:04:54 ago
Routing Descriptor Blocks:
* 192.168.1.3, from 2.2.2.2, 02:04:54 ago, via GigabitEthernet0/0 <-- Next-hop goes directly towards R3 over the shared segment
Route metric is 20, traffic share count is 1
由于转发地址,R1的下一跳为192.168.1.3,该跳指向R3。如果R1和R3之间没有路由协议,请检验transit_Router上的外部LSA。
Transit_Router#show ip ospf database external 172.16.3.3
OSPF Router with ID (6.6.6.6) (Process ID 1)
Type-5 AS External Link States
LS age: 1641
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 172.16.3.3 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000004
Checksum: 0x8299
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 192.168.1.3 <-R3 interface towards the shared segment
External Route Tag: 0
如您所见,转发地址填充了IP地址192.168.1.3,这意味着如果要路由到172.16.3.3/32,则必须递归到192.168.1.3。这意味着当R1收到发往172.16.3.3/32的数据包时,它还具有Type-5172.16.3.3/32的LSA,转发地址为192.168.1.3,直接连接在Gi0/0接口上。因此,R1将数据包路由到192.168.1.3。
转发地址有助于缓解次优路由。如果未在第5类LSA上设置转发地址,则需要通过ASBR(即R2)路由发往172.16.3.3的所有数据包。
要验证它,可以将转发地址重置为0.0.0.0并从Transit_Router运行traceroute。
Transit_Router#show ip ospf database external 172.16.3.3
OSPF Router with ID (6.6.6.6) (Process ID 1)
Type-5 AS External Link States
LS age: 14
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 172.16.3.3 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000005
Checksum: 0x196F
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 0.0.0.0 <- Recurse towards the ASBR (RID 2.2.2.2)
External Route Tag: 0
Transit_Router#
您可以看到转发地址设置为0.0.0.0,如前所述,这意味着您现在必须将数据包路由到ASBR,即R2。当您从Transit_Router运行traceroute ,目的地为172.16.3.3时,此流量会沿着通往ASBR R2的路径。
此处可以看到:
Transit_Router#traceroute 172.16.3.3 Type escape sequence to abort. Tracing the route to 172.16.3.3 VRF info: (vrf in name/id, vrf out name/id) 1 192.168.70.1 17 msec 12 msec 3 msec <-R1 2 192.168.14.4 3 msec 18 msec 7 msec <-R4 3 192.168.24.2 15 msec 8 msec 5 msec <-R2 4 192.168.1.3 8 msec 11 msec 7 msec <-R3 Transit_Router#
IOS和IOS-XR之间的区别
本节介绍当您通过其他源知道转发地址时IOS和IOS-XR设备之间的区别。
在IOS中,当您在数据库中有OSPF外部路由且设置了转发地址时,必须通过OSPF区域间或区域内路由知道转发地址。如果转发地址未通过OSPF区域内或区域间路由知道,则路由器不会将外部OSPF路由安装到路由信息库(RIB)中。
检验配置转发地址以通过静态路由获知时会发生什么情况。
图2
在图像2拓扑中,R2配置为EIGRP和OSPF之间的重分发点。路由器将172.16.3.3/32从EIGRP重分布到OSPF域。您可以检查R4和XR5,以确保转发地址通过其他源已知时有何差异。R4上的OSPF数据库如下所示。
R4# show ip ospf database external 172.16.3.3
OSPF Router with ID (4.4.4.4) (Process ID 1) Type-5 AS External Link States LS age: 4 Options: (No TOS-capability, DC, Upward) LS Type: AS External Link Link State ID: 172.16.3.3 (External Network Number ) Advertising Router: 2.2.2.2 LS Seq Number: 80000002 Checksum: 0x8697 Length: 36 Network Mask: /32 Metric Type: 2 (Larger than any link state path) MTID: 0 Metric: 20 Forward Address: 192.168.1.3 External Route Tag: 0
检查如何路由到转发地址。
R4# show ip route 192.168.1.3
Routing entry for 192.168.1.0/24
Known via "ospf 1", distance 110, metric 2, type intra area <- Here you see it is know via OSPF intra area
Last update from 192.168.24.2 on GigabitEthernet0/0, 00:00:23 ago
Routing Descriptor Blocks:
192.168.24.2, from 1.1.1.1, 00:00:23 ago, via GigabitEthernet0/0
Route metric is 2, traffic share count is 1
* 192.168.14.1, from 1.1.1.1, 00:04:42 ago, via GigabitEthernet0/1
Route metric is 2, traffic share count is 1
R4#
如您所见,路由器通过区域内路由获取转发地址,这意味着它可以在RIB中安装外部LSA。您可以看到外部LSA已安装在RIB中。
R4#show ip route 172.16.3.3
Routing entry for 172.16.3.3/32
Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 2
Last update from 192.168.24.2 on GigabitEthernet0/0, 00:01:02 ago
Routing Descriptor Blocks:
192.168.24.2, from 2.2.2.2, 00:01:02 ago, via GigabitEthernet0/0
Route metric is 20, traffic share count is 1
* 192.168.14.1, from 2.2.2.2, 00:04:57 ago, via GigabitEthernet0/1
Route metric is 20, traffic share count is 1
为转发地址配置通往R2的ASBR的静态路由
R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#ip route 192.168.1.0 255.255.255.0 192.168.24.2
向转发地址运行show ip route。
R4# show ip route 192.168.1.3
Routing entry for 192.168.1.0/24
Known via "static", distance 1, metric 0
Routing Descriptor Blocks:
* 192.168.24.2
Route metric is 0, traffic share count is 1
您可以看到,转发地址不是通过OSPF获取的,而是静态的,这意味着现在172.16.3.3的外部LSA无法通过所需的标准。
R4#show ip ospf database external 172.16.3.3
OSPF Router with ID (4.4.4.4) (Process ID 1)
Type-5 AS External Link States
LS age: 480
Options: (No TOS-capability, DC, Upward)
LS Type: AS External Link
Link State ID: 172.16.3.3 (External Network Number )
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0x8896
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
MTID: 0
Metric: 20
Forward Address: 192.168.1.3
External Route Tag: 0
最后,检查外部路由是否从OSPF数据库安装到RIB中。
R4#show ip route 172.16.3.3 % Network not in table
如您所见,路由器不会将外部LSA从OSPF数据库安装到RIB中,因为转发地址是通过静态而不是OSPF内部或区域间获知的。
这里的逻辑是,OSPF不认为通往转发地址的路由的另一个来源是可信的,因此路由器不得考虑任何具有未通过OSPF知道的转发地址的外部LSA。
本节介绍在IOS-XR上用于验证行为的相同测试。在XR5上,您有外部LSA:
RP/0/0/CPU0:XR4#show ospf database external 172.16.3.3
Mon Mar 26 06:26:24.656 UTC
OSPF Router with ID (192.168.60.1) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 930
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.3.3 (External Network Number)
Advertising Router: 2.2.2.2
LS Seq Number: 80000001
Checksum: 0x8896
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 192.168.1.3
External Route Tag: 0
当您为指向R4的转发地址配置静态路由时,检查路由器是否将外部LSA安装到数据库中。
RP/0/0/CPU0:XR4#show route 192.168.1.3
Mon Mar 26 06:33:21.587 UTC
Routing entry for 192.168.1.0/24
Known via "static", distance 1, metric 0 <- The forwarding address is now known via static
Installed Mar 26 06:31:55.133 for 00:01:26
Routing Descriptor Blocks
192.168.60.4 <- Next-hop is R4
Route metric is 0, Wt is 1
No advertising protos.
您可以看到转发地址是通过静态学习的。现在,验证外部LSA是否已安装到RIB中。
RP/0/0/CPU0:XR4#show route 172.16.3.3
Mon Mar 26 06:42:24.830 UTC
Routing entry for 172.16.3.3/32
Known via "ospf 1", distance 110, metric 20, type extern 2
Installed Mar 26 06:25:09.841 for 00:17:15
Routing Descriptor Blocks
192.168.60.4, from 2.2.2.2, via GigabitEthernet0/0/0/0
Route metric is 20
No advertising protos.
RP/0/0/CPU0:XR4#
您可以看到IOS和IOS-XR之间的区别。外部LSA已安装在RIB中,即使转发地址是通过静态获取的。路由器仍具有与外部前缀的连接。
RP/0/0/CPU0:XR4#ping 172.16.3.3 Mon Mar 26 06:44:25.772 UTC Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.3.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/9/19 ms RP/0/0/CPU0:XR4#
IOS-XR似乎将外部LSA填充到RIB中,但并未考虑递归的转发地址,这意味着它现在会递归到ASBR,而不是查找到RIB以获取转发地址。
该测试表明可以考虑它。您可以为指向null0的转发地址配置静态路由,并检查到外部前缀的连接是否仍然存在。
RP/0/0/CPU0:XR4#show ospf database external 172.16.3.3
Mon Mar 26 06:55:36.296 UTC
OSPF Router with ID (192.168.60.1) (Process ID 1)
Type-5 AS External Link States
Routing Bit Set on this LSA
LS age: 667
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 172.16.3.3 (External Network Number)
Advertising Router: 2.2.2.2
LS Seq Number: 80000002
Checksum: 0x8697
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 192.168.1.3
External Route Tag: 0
RP/0/0/CPU0:XR4#show route 192.168.1.3
Mon Mar 26 06:55:38.966 UTC
Routing entry for 192.168.1.0/24
Known via "static", distance 1, metric 0 (connected)
Installed Mar 26 06:47:15.030 for 00:08:23
Routing Descriptor Blocks
directly connected, via Null0
Route metric is 0, Wt is 1
No advertising protos.
检查从XR5到172.16.3.3的连接。
RP/0/0/CPU0:XR4#ping 172.16.3.3 Mon Mar 26 06:56:45.261 UTC Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.3.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/7/19 ms RP/0/0/CPU0:XR4#traceroute 172.16.3.3 Mon Mar 26 06:56:51.251 UTC Type escape sequence to abort. Tracing the route to 172.16.3.3 1 192.168.60.4 0 msec 0 msec 0 msec 2 192.168.14.1 0 msec 0 msec 0 msec 3 192.168.1.3 9 msec 9 msec 0 msec RP/0/0/CPU0:XR4
在这些测试中,您了解了转发地址的重要性以及设置时如何解释路由。此外,如果设置了转发地址,则必须使用该地址,则假设可能为错误,因为它取决于平台。当通过OSPF区域内/区域间已知转发地址时,会使用该地址,否则会填充该地址,但不会用于递归。XR上的行为给我们带来一定程度的保证,如果外部LSA转发地址通过另一个源变为已知,则流量不能被列入黑名单。
反馈