🌌 BGP路由黑洞:网络世界的"百慕大三角"逃生指南
在之前的内容分享中,我们详细地介绍了BGP的配置基础知识,可以详见: 7–深入了解BGP协议,包你看一遍全部记住(含详细配置命令,以及BGP路由黑洞实验)
。本次为大家带来BGP路由黑洞的实验演示,包含详细的命令行和组网配置,喜欢的小伙伴可以点赞收藏加关注。
实验部分及其配置可以在5.实战环节部分看到哟,本次的实验环境是华为ensp。有需要环境安装软件的宝子可以在评论区发言哟。
文章目录
1. 黑洞诞生记:当BGP遇上"路痴"路由器
1.1 宇宙大爆炸(问题起源)
就像快递小哥带着包裹(数据包)穿越多个城市(AS),结果在某个中转站(未运行BGP的路由器)发现地址簿空白,包裹只能被扔进焚化炉(黑洞)!
1.2 时空弯曲原理(技术本质)
- 路由表失忆症:中间AS没有对应路由条目
- BGP同步规则:老式OS的"疑心病"(默认开启)
- 下一跳不可达:GPS信号丢失的导航系统
| 黑洞类型 | 发作症状 | 危险等级 |
|---|---|---|
| 临时性黑洞 | 路由收敛时的短暂丢包 | ⭐⭐ |
| 永久性黑洞 | 配置错误导致的持续丢包 | ⭐⭐⭐⭐⭐ |
| 间歇性黑洞 | MTU不匹配引发的随机丢包 | ⭐⭐⭐ |
2. 星际救援方案:五维度逃生通道
2.1 全互联方案(土豪的选择)
- 优点:简单粗暴,直接打通任督二脉
- 缺点:N²连接数,设备表示"我裂开了"
- 适用场景:小型网络(就像家庭微信群)
2.2 路由反射器(RR)方案
- 黑科技原理:单点广播路由信息(就像班级群公告)
- 配置要点:
router bgp 65001 neighbor 192.168.1.1 route-reflector-client neighbor 192.168.1.2 route-reflector-client
2.3 GRE隧道(时空穿梭机)
sequenceDiagram
数据包->>+隧道入口: 原始IP头
隧道入口->>隧道出口: 添加GRE头
隧道出口->>-目标网络: 解封装
- 优势:跨越AS鸿沟的隐形桥梁
- 致命弱点:MTU缩水(就像货车限高)
2.4 MPLS VPN(量子传送)
- 工作流程:
- 边缘打标签(快递包装)
- 核心换标签(自动分拣机)
- 边缘撕标签(拆快递)
2.5 联盟方案(AS分身术)
- 配置秘籍:
router bgp 65000 bgp confederation identifier 100 bgp confederation peers 65001 65002
3. 银河系级解决方案对比
| **方案** | **复杂度** | **扩展性** | **设备要求** | **适合场景** |
|----------------|-----------|-----------|-------------|---------------------|
| 全互联 | ★★ | ★ | 低 | 小型网络 |
| 路由反射器 | ★★★ | ★★★★ | 中 | 中大型网络 |
| GRE隧道 | ★★★★ | ★★ | 低 | 临时解决方案 |
| MPLS VPN | ★★★★★ | ★★★★★ | 高 | 运营商级网络 |
| 联盟 | ★★★★ | ★★★★ | 中 | 多分支机构 |
4. 终极逃生路线图
5.实验实战环节(多看看带代码注释,思路都在里面了)
这一步很难,刚刚接触的小伙伴伴可以按照我的步骤一步一步来,慢慢的就梳理清楚了。
5.1 拓扑图详解
根据我们之前的知识点讲解,这里我们将AR1 作为发生路由黑洞的路由器(万恶之源)其他部分成对称结构,每个路由器设置环回口,如R1设置1.1.1.1 R2 设置2.2.2.2
网段划分为24 12 13 35 这几个网段,当然这些可以自行选择。
5.2初始化配置信息
得到R1-5的初始化配置具体如下(这里的命令行不做过多阐述,不熟悉的小伙伴可以看看专栏之前的讲解,超详细的哟):
5.3OSPF的配置(对中间的R1,2,3 进行操作)
这里对OSPF不熟悉的小伙伴可以看我之前对OSPF协议的讲解,那里面有具体的操作代码,超详细的哟,有关后续OSPF实战训练会根据大家的评论区反馈定期制作,欢迎喜欢的小伙伴点个关注支持一下!
R1 的OSPF配置
[R1]os
[R1]ospf ro
[R1]ospf router-id 1.1.1.1
[R1-ospf-1]a
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network
[R1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network
[R1-ospf-1-area-0.0.0.0]network 12.1.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]net
[R1-ospf-1-area-0.0.0.0]network 13.1.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]dis
[R1-ospf-1-area-0.0.0.0]display this
[V200R003C00]
#
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 12.1.1.0 0.0.0.255
network 13.1.1.0 0.0.0.255
#
return
[R1-ospf-1-area-0.0.0.0]q
[R1-ospf-1]
R2的配置
[R2]ospf
[R2]ospf r
[R2]ospf router-id 2.2.2.2
[R2-ospf-1]ar
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]net
[R2-ospf-1-area-0.0.0.0]network 12.1.1.0 0.0.0.255
#这里我们只对R1,2,3进行组网安排,所以对应的24 网段先不放进去
##注意下面的7条,是OSPF完成的标志
[R2-ospf-1-area-0.0.0.0]
Mar 20 2025 16:54:57-08:00 R2 %%01OSPF/4/NBR_CHANGE_E(l)[2]:Neighbor changes event: neighbor status changed. (ProcessId=256, NeighborAddress=1.1.1.12, NeighborEvent=HelloReceived, NeighborPreviousState=Down, NeighborCurrentState=Init)
[R2-ospf-1-area-0.0.0.0]
Mar 20 2025 16:54:57-08:00 R2 %%01OSPF/4/NBR_CHANGE_E(l)[3]:Neighbor changes event: neighbor status changed. (ProcessId=256, NeighborAddress=1.1.1.12, NeighborEvent=2WayReceived, NeighborPreviousState=Init, NeighborCurrentState=2Way)
[R2-ospf-1-area-0.0.0.0]
Mar 20 2025 16:54:57-08:00 R2 %%01OSPF/4/NBR_CHANGE_E(l)[4]:Neighbor changes event: neighbor status changed. (ProcessId=256, NeighborAddress=1.1.1.12, NeighborEvent=AdjOk?, NeighborPreviousState=2Way, NeighborCurrentState=ExStart)
[R2-ospf-1-area-0.0.0.0]
Mar 20 2025 16:54:57-08:00 R2 %%01OSPF/4/NBR_CHANGE_E(l)[5]:Neighbor changes event: neighbor status changed. (ProcessId=256, NeighborAddress=1.1.1.12, NeighborEvent=NegotiationDone, NeighborPreviousState=ExStart, NeighborCurrentState=Exchange)
[R2-ospf-1-area-0.0.0.0]
Mar 20 2025 16:54:57-08:00 R2 %%01OSPF/4/NBR_CHANGE_E(l)[6]:Neighbor changes event: neighbor status changed. (ProcessId=256, NeighborAddress=1.1.1.12, NeighborEvent=ExchangeDone, NeighborPreviousState=Exchange, NeighborCurrentState=Loading)
[R2-ospf-1-area-0.0.0.0]
Mar 20 2025 16:54:57-08:00 R2 %%01OSPF/4/NBR_CHANGE_E(l)[7]:Neighbor changes event: neighbor status changed. (ProcessId=256, NeighborAddress=1.1.1.12, NeighborEvent=LoadingDone, NeighborPreviousState=Loading, NeighborCurrentState=Full)
R3的配置
[R3]
[R3]ospf r
[R3]ospf router-id 3.3.3.3
[R3-ospf-1]a
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]net
[R3-ospf-1-area-0.0.0.0]network 13.1.1.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]
Mar 20 2025 16:58:17-08:00 R3 %%01OSPF/4/NBR_CHANGE_E(l)[2]:Neighbor changes event: neighbor status changed. (ProcessId=256, NeighborAddress=1.1.1.13, NeighborEvent=HelloReceived, NeighborPreviousState=Down, NeighborCurrentState=Init)
[R3-ospf-1-area-0.0.0.0]
Mar 20 2025 16:58:17-08:00 R3 %%01OSPF/4/NBR_CHANGE_E(l)[3]:Neighbor changes event: neighbor status changed. (ProcessId=256, NeighborAddress=1.1.1.13, NeighborEvent=2WayReceived, NeighborPreviousState=Init, NeighborCurrentState=2Way)
[R3-ospf-1-area-0.0.0.0]
Mar 20 2025 16:58:17-08:00 R3 %%01OSPF/4/NBR_CHANGE_E(l)[4]:Neighbor changes event: neighbor status changed. (ProcessId=256, NeighborAddress=1.1.1.13, NeighborEvent=AdjOk?, NeighborPreviousState=2Way, NeighborCurrentState=ExStart)
[R3-ospf-1-area-0.0.0.0]
Mar 20 2025 16:58:17-08:00 R3 %%01OSPF/4/NBR_CHANGE_E(l)[5]:Neighbor changes event: neighbor status changed. (ProcessId=256, NeighborAddress=1.1.1.13, NeighborEvent=NegotiationDone, NeighborPreviousState=ExStart, NeighborCurrentState=Exchange)
[R3-ospf-1-area-0.0.0.0]
Mar 20 2025 16:58:17-08:00 R3 %%01OSPF/4/NBR_CHANGE_E(l)[6]:Neighbor changes event: neighbor status changed. (ProcessId=256, NeighborAddress=1.1.1.13, NeighborEvent=ExchangeDone, NeighborPreviousState=Exchange, NeighborCurrentState=Loading)
[R3-ospf-1-area-0.0.0.0]
Mar 20 2025 16:58:17-08:00 R3 %%01OSPF/4/NBR_CHANGE_E(l)[7]:Neighbor changes event: neighbor status changed. (ProcessId=256, NeighborAddress=1.1.1.13, NeighborEvent=LoadingDone, NeighborPreviousState=Loading, NeighborCurrentState=Full)
结果展示
[R3-ospf-1]display ip routing-table protocol ospf # 这里的protocal 是为了
只展示OSPF协议的路由表
#根据下面的内容,我们可以看到1.1.1.1 网段和12.1.1.0网段 ,可以证明我们的OSPF的配置是成功滴
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 2 Routes : 2
OSPF routing table status : <Active>
Destinations : 2 Routes : 2
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 OSPF 10 1 D 13.1.1.1 GigabitEthernet0/0/0
12.1.1.0/24 OSPF 10 2 D 13.1.1.1 GigabitEthernet0/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
5.4 BGP的配置
R4的配置
[R4]bgp 4#bgp + AS编号
[R4-bgp]net
[R4-bgp]network 4.4.4.0 24 #将网段加入进去进行宣告,但是BGP和OSPF存在不同!!!
#就算你宣告了这个网段,其他BGP也不会像OSPF一样记录下来,所以这里我们需要其他操作
[R4-bgp]networ
[R4-bgp]network 24.1.1.0 24
与R4相连的R2 的配置
[R2]bgp 123 #这里给的编号是123
[R2-bgp]rou
[R2-bgp]route-id
[R2-bgp]route-id 2.2.2.2
^
Error: Unrecognized command found at '^' position.
[R2-bgp]r
[R2-bgp]ru
[R2-bgp]rut
[R2-bgp]rou
[R2-bgp]router-id 2.2.2.2
[R2-bgp]netw
[R2-bgp]network 2.2.2.0 24
[R2-bgp]net
[R2-bgp]network 24.1.1.0 24
[R2-bgp]dis
#接下来你可以看到OSPF和BGP的对比,BGP就算宣告了网段也无法像OSPF一样直接组网,恨纳!!!
[R2-bgp]display ospf peer
OSPF Process 1 with Router ID 2.2.2.2
Neighbors
Area 0.0.0.0 interface 12.1.1.2(GigabitEthernet0/0/0)'s neighbors
Router ID: 1.1.1.1 Address: 12.1.1.1
State: Full Mode:Nbr is Slave Priority: 1
DR: 12.1.1.1 BDR: 12.1.1.2 MTU: 0
Dead timer due in 33 sec
Retrans timer interval: 5
Neighbor is up for 00:16:28
Authentication Sequence: [ 0 ]
[R2-bgp]disp
[R2-bgp]display bgp p
[R2-bgp]display bgp paths
Total Number of Routes: 2
Total Number of Paths: 2
Address Refcount MED Path/Origin
0xB2C7315C 1 0 i
0xB2C731EC 1 0 i
[R2-bgp]display bgp peer #没想到吧,这个家伙是个空的
[R2-bgp]
手动配置R4的BGP
[R4-bgp]peer 24.1.1.2 as-
[R4-bgp]peer 24.1.1.2 as-number 123 #这里的R2的地址必须是可达的,所以不能使用2.2.2.2 这个环回IP,因为R4没有到达R2的路由
[R4-bgp]dsi th
^
Error: Unrecognized command found at '^' position.
[R4-bgp]dis th
[V200R003C00]
#
bgp 4
peer 24.1.1.2 as-number 123
#
ipv4-family unicast
undo synchronization
network 4.4.4.0 255.255.255.0
network 24.1.1.0 255.255.255.0
peer 24.1.1.2 enable
#
return
[R4-bgp]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 10 Routes : 10
Destination/Mask Proto Pre Cost Flags NextHop Interface
4.4.4.0/24 Direct 0 0 D 4.4.4.4 LoopBack0
4.4.4.4/32 Direct 0 0 D 127.0.0.1 LoopBack0
4.4.4.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
24.1.1.0/24 Direct 0 0 D 24.1.1.4 GigabitEthernet0/0/0
24.1.1.4/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
24.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
[R4-bgp]
在R2查看BGP
[R2-bgp]peer 24.1.1.4 as-number 4
[R2-bgp]display bgp peer
BGP local router ID : 2.2.2.2
Local AS number : 123
Total number of peers : 1 Peers in established state : 0
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
24.1.1.4 4 4 0 0 0 00:00:15 Idle 0
[R2-bgp]display bgp peer
BGP local router ID : 2.2.2.2
Local AS number : 123
Total number of peers : 1 Peers in established state : 0
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
24.1.1.4 4 4 0 0 0 00:00:19 Idle 0
[R2-bgp]display bgp peer
BGP local router ID : 2.2.2.2
Local AS number : 123
Total number of peers : 1 Peers in established state : 0
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
24.1.1.4 4 4 0 0 0 00:00:21 Idle 0
[R2-bgp]display bgp peer
BGP local router ID : 2.2.2.2
Local AS number : 123
Total number of peers : 1 Peers in established state : 0
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
24.1.1.4 4 4 0 0 0 00:00:22 Idle 0
[R2-bgp]
Mar 20 2025 17:19:56-08:00 R2 %%01BGP/3/STATE_CHG_UPDOWN(l)[8]:The status of the peer 24.1.1.4 changed from OPENCONFIRM to ESTABLISHED. (InstanceName=Public, StateChangeReason=Up)
#直到这个log的出现,我们的BGP的状态才正式转化为established,之前的情况一致都是Idle
[R2-bgp]display bgp peer
BGP local router ID : 2.2.2.2
Local AS number : 123
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
24.1.1.4 4 4 4 4 0 00:00:02 Established 2
[R2-bgp]#注意BGP的路由表,看不到直连接口
[R2-bgp]display ip routing-table protocol bgp
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : BGP
Destinations : 1 Routes : 1
BGP routing table status : <Active>
Destinations : 1 Routes : 1
Destination/Mask Proto Pre Cost Flags NextHop Interface
4.4.4.0/24 EBGP 255 0 D 24.1.1.4 GigabitEthernet0/0/1
BGP routing table status : <Inactive>
Destinations : 0 Routes : 0
[R2-bgp]display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 16 Routes : 16
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 OSPF 10 1 D 12.1.1.1 GigabitEthernet0/0/0
2.2.2.0/24 Direct 0 0 D 2.2.2.2 LoopBack0
2.2.2.2/32 Direct 0 0 D 127.0.0.1 LoopBack0
2.2.2.255/32 Direct 0 0 D 127.0.0.1 LoopBack0
4.4.4.0/24 EBGP 255 0 D 24.1.1.4 GigabitEthernet0/0/1
12.1.1.0/24 Direct 0 0 D 12.1.1.2 GigabitEthernet0/0/0
12.1.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
12.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
13.1.1.0/24 OSPF 10 2 D 12.1.1.1 GigabitEthernet0/0/0
24.1.1.0/24 Direct 0 0 D 24.1.1.2 GigabitEthernet0/0/1
24.1.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
24.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
R2和R3去建立关系
[R2-bgp]peer 3.3.3.3 as-
[R2-bgp]peer 3.3.3.3 as-number 123
[R3]bgp 123
[R3-bgp]bgp
[R3-bgp]router
[R3-bgp]router-id 3.3.3.3
[R3-bgp]peer 2.2.2.2 as-n
[R3-bgp]peer 2.2.2.2 as-number 123
[R3]osp
[R3]ospf
[R3-ospf-1]a
[R3-ospf-1]arp-ping
^
Error:Incomplete command found at '^' position.
[R3-ospf-1]ar
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]net
[R3-ospf-1-area-0.0.0.0]network 3.3.3.3 32
^
Error: Wrong parameter found at '^' position.
[R3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[R2]ospf
[R2-ospf-1]ar
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]net
[R2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]ping 3.3.3.3
PING 3.3.3.3: 56 data bytes, press CTRL_C to break
Reply from 3.3.3.3: bytes=56 Sequence=1 ttl=254 time=40 ms
Reply from 3.3.3.3: bytes=56 Sequence=2 ttl=254 time=20 ms
Reply from 3.3.3.3: bytes=56 Sequence=3 ttl=254 time=10 ms
Reply from 3.3.3.3: bytes=56 Sequence=4 ttl=254 time=20 ms
Reply from 3.3.3.3: bytes=56 Sequence=5 ttl=254 time=20 ms
--- 3.3.3.3 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/22/40 ms
Public routing table : OSPF
Destinations : 3 Routes : 3
OSPF routing table status : <Active>
Destinations : 3 Routes : 3
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 OSPF 10 1 D 12.1.1.1 GigabitEthernet0/0/0
3.3.3.3/32 OSPF 10 2 D 12.1.1.1 GigabitEthernet0/0/0
13.1.1.0/24 OSPF 10 2 D 12.1.1.1 GigabitEthernet0/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
[R2-bgp]dis bgp peer
BGP local router ID : 2.2.2.2
Local AS number : 123
Total number of peers : 2 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
3.3.3.3 4 123 0 0 0 00:11:01 Active 0
24.1.1.4 4 4 28 28 0 00:24:32 Established 2
#从R2的视角来看,R3的环回口路由状态是active,但是我们作为合格的网络工程师,需要的establish,如何解决呢?
[R2-bgp]peer 3.3.3.3 connect-interface LoopBack 0 #使用该命令,强制使得R2到R3 对应的BGP接口变成R2 的环回口,这里的LoopBack也可以换成别的接口
#这一点很重要,小伙伴们可以拿个小本本记下来
[R2-bgp]dis dgp p
[R2-bgp]dis dgp p
^
Error: Wrong parameter found at '^' position.
[R2-bgp]
Mar 20 2025 18:00:25-08:00 R2 %%01BGP/3/STATE_CHG_UPDOWN(l)[9]:The status of the peer 3.3.3.3 changed from OPENCONFIRM to ESTABLISHED. (InstanceName=Public, StateChangeReason=Up)
[R2-bgp]dis b
[R2-bgp]dis bgp p
[R2-bgp]dis bgp peer
BGP local router ID : 2.2.2.2
Local AS number : 123
Total number of peers : 2 Peers in established state : 2
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
3.3.3.3 4 123 2 7 0 00:00:09 Established 0
24.1.1.4 4 4 44 44 0 00:40:38 Established 2
[R2-bgp]
R3和R5 建立连接
[R3]bgp 123
[R3-bgp]peer 5.5.5.5 as-
[R3-bgp]peer 5.5.5.5 as-number 5
[R3-bgp]pee
[R3-bgp]peer 5.5.5.5 con
[R3-bgp]peer 5.5.5.5 connect-interface L
[R3-bgp]peer 5.5.5.5 connect-interface LoopBack 0
[R3-bgp] q
[R5-bgp]peer 3.3.3.3 connect-interface LoopBack 0
[R5-bgp]displa
[R5-bgp]display bg
[R5-bgp]display bgp peer
BGP local router ID : 35.1.1.5
Local AS number : 5
Total number of peers : 1 Peers in established state : 0
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
3.3.3.3 4 123 0 0 0 00:00:33 Idle 0
[R5-bgp]#这里的状态一直是Idel,因为BGP在EBGP情况下的TTL是1,但是R3得环回口到R5的TTL是2 ,被限制了
[R5-bgp]peer 3.3.3.3 ebgp-max-hop 2#加上这个命令,在R5和R3两端
[R5]ip route-static 3.3.3.0 24 35.1.1.3
[R5]b
[R5]bgp 4
Error: BGP is already running. The AS is 5.
[R5]bgp 5
[R5-bgp]dis bgp p
[R5-bgp]dis bgp peer
BGP local router ID : 35.1.1.5
Local AS number : 5
Total number of peers : 1 Peers in established state : 0
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
3.3.3.3 4 123 0 0 0 00:04:44 Connect
路由黑洞(终于码到这里了)
假设我们的R5想要Ping R4的环回端口 4.4.4.4 这里我们可以ping通吗?注意此时的R1 没有配置BGP
我们查看R3的路由表,发现有 4.4.4.0 /24 网段,下一跳是 24.1.1.4 ,但是这个IP和我们的R3并非直连,所以会再次进行查询,也就是递归查询是否可以发送到24.1.1.4 ,发现不行。
观察BGP的路由表,发现我们的4.4.4.0 的路由信息是R2传过来的,正确来说,我们的下一跳应该是2.2.2.2 。
那么就对R2进行处理
[R2-bgp]peer 3.3.3.3 next-hop-local #对于3.3.3.3而言,凡是R2发过去的信息,对于R3 而言,下一条始终指向R2
再对R3 进行刷新
<R3>refresh bgp internal import #刷新命令,软清,可以认为是刷新一下
<R3>refresh bgp ?
IP_ADDR<X.X.X.X> Specify an IPv4 peer address
all All the connections with BGP
external External BGP session
group BGP sessions for peer group
internal Internal BGP session
ipv6 Specify IPv6 unicast address family
multicast Specify IPv4 multicast address family
vpn-instance Specify a VPN instance
vpnv4 Specify VPNv4 address family
<R3>refresh bgp
因为R2和R3是IBGP,所以选择internal,如果不是就是external
变成正常的了,解决问题
之后我们的R5可以顺利通过R3来到R1,发现了并不存在4.4.4.4 的路由
丢包,路由黑洞诞生
可以看到R1 上面路由表不存在对应的转发项目-----丢包
注意有一个小知识:已经建立了关系的Loopback不建议在BGP中用network进行声明
所以我们在R5上面创建一个loopback 55.55.55.55 ,并且双方都可以获取到对方的路由。但是任然无法ping通,因为在R1上面没有记录对应的转发路由。(黑洞~~~~)
按照之前对应的关系进行建立 让我们的R4 ping R5
结果如下:
6. 幽默技术总结
"选择黑洞解决方案就像选择逃生路线:
- 全互联是走消防通道(简单但拥挤)
- MPLS是坐直升飞机(高效但费钱)
- GRE隧道是挖地道(隐蔽但费劲)
最重要的是——别忘了带指南针(正确配置)!"
🔧 运维冷知识:当黑洞出现时,先检查这些:
- 邻居关系是否在"闹分手"(状态检查)
- 路由是否开启"隐身模式"(过滤策略)
- MTU是否"缩水"(ping测试)
- 同步规则是否在"装睡"(BGP同步状态)
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
