02 BGP地址聚合
实验目的
通过本实验可以掌握
(1)启动BGP 路由进程
(2)BGP 中通告网络
(3)EBGP 邻居配置
(4)BGP 地址聚合配置和调试
(5)地址聚合中参数“as-set”含义
(6)地址聚合中参数“summary-only”含义
(7)地址聚合中参数“suppress-map”含义
实验拓扑
实验步骤
本实验实现在路由器R2 上将路由器R1 和路由器R3 通告的环回接口的路由进行地址聚合,并通告给路由器R4。在路由器R1、R3、R4 配置静态路由实现网络互通。
1.配置IP地址
# '''R1'''
conf t
int l0
ip add 1.1.0.1 255.255.255.0
no sh
int l1
ip add 1.1.1.1 255.255.255.0
no sh
int f0/0
ip add 12.12.12.1 255.255.255.0
no sh
# '''R2'''
conf t
int f0/0
ip add 12.12.12.2 255.255.255.0
no sh
int f0/1
ip add 23.23.23.2 255.255.255.0
no sh
int f1/0
ip add 24.24.24.2 255.255.255.0
no sh
# '''R3'''
conf t
int l0
ip add 1.1.2.3 255.255.255.0
no sh
int l1
ip add 1.1.3.3 255.255.255.0
no sh
int f0/1
ip add 23.23.23.3 255.255.255.0
no sh
# '''R4'''
conf t
int l0
ip add 4.4.4.4 255.255.255.0
no sh
int f0/1
ip add 24.24.24.4 255.255.255.0
no sh
2.配置BGP
# '''R1'''
router bgp 100
no synchronization
no auto-summary
bgp router-id 1.1.1.1
neighbor 12.12.12.2 remote-as 200
network 1.1.0.0 mask 255.255.255.0
network 1.1.1.0 mask 255.255.255.0
exit
ip route 24.24.24.0 255.255.255.0 12.12.12.2
ip route 23.23.23.0 255.255.255.0 12.12.12.2
exit
# '''R2'''
# '''aggregate-address 1.1.0.0 255.255.252.0 配置地址聚合
router bgp 200
no synchronization
no auto-summary
bgp router-id 2.2.2.2
neighbor 12.12.12.1 remote-as 100
neighbor 23.23.23.3 remote-as 300
neighbor 24.24.24.4 remote-as 400
aggregate-address 1.1.0.0 255.255.252.0
# '''R3'''
router bgp 300
no synchronization
no auto-summary
bgp router-id 3.3.3.3
neighbor 23.23.23.2 remote-as 200
network 1.1.2.0 mask 255.255.255.0
network 1.1.3.0 mask 255.255.255.0
exit
ip route 12.12.12.0 255.255.255.0 23.23.23.2
ip route 24.24.24.0 255.255.255.0 23.23.23.2
# '''R4'''
router bgp 400
no synchronization
no auto-summary
bgp router-id 4.4.4.4
neighbor 24.24.24.2 remote-as 200
network 4.4.4.0 mask 255.255.255.0
exit
ip route 12.12.12.0 255.255.255.0 24.24.24.2
ip route 23.23.23.0 255.255.255.0 24.24.24.2
exit
实验调试
(1) 在路由器R1、R4上查看BGP表
R1#show ip bgp
BGP table version is 7, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/24 0.0.0.0 0 32768 i
*> 1.1.0.0/22 12.12.12.2 0 0 200 i
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 1.1.2.0/24 12.12.12.2 0 200 300 i
*> 1.1.3.0/24 12.12.12.2 0 200 300 i
*> 4.4.4.0/24 12.12.12.2 0 200 400 i
R4#show ip bgp
BGP table version is 7, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/24 24.24.24.2 0 200 100 i
*> 1.1.0.0/22 24.24.24.2 0 0 200 i
*> 1.1.1.0/24 24.24.24.2 0 200 100 i
*> 1.1.2.0/24 24.24.24.2 0 200 300 i
*> 1.1.3.0/24 24.24.24.2 0 200 300 i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
# 以上输出表明:
① 路由器R1、R4 收到“1.1.0.0/22”聚合路由,通过AS-PATH 属性可以看出,执行地址聚合的路由器R2 成为新路由的创造者,原来AS-PATH 属性丢失;
② 路由器R4 同时也收到4 条明细路由,在显示的AS-PATH 序列中,路由的始发AS 在列表的末端(右侧),每个收到该路由,并把它传递给其它AS 的BGP 对等体会把它自己的AS 追加在列表的开头(左侧);
③ BGP 路由器下一跳为“0.0.0.0”,表示该BGP 路由起源本地,Weight 值为“32768”;
④ 因为所有BGP 路由条目的代码为“*>”,所以所有BGP 路由条目都为最优。
(2) as-set 参数
# “as-set”可以使BGP 聚合路由不丢失原来的AS-PATH 属性,从而避免路由环路,在路由器R2 配置as-set参数,然后再次查看R1、R4的BGP表
R2(config-router)#aggregate-address 1.1.0.0 255.255.252.0 as-set
R1#show ip bgp
BGP table version is 8, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/24 0.0.0.0 0 32768 i
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 1.1.2.0/24 12.12.12.2 0 200 300 i
*> 1.1.3.0/24 12.12.12.2 0 200 300 i
*> 4.4.4.0/24 12.12.12.2 0 200 400 i
R4#show ip bgp
BGP table version is 8, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/24 24.24.24.2 0 200 100 i
*> 1.1.0.0/22 24.24.24.2 0 0 200 {100,300} i
*> 1.1.1.0/24 24.24.24.2 0 200 100 i
*> 1.1.2.0/24 24.24.24.2 0 200 300 i
*> 1.1.3.0/24 24.24.24.2 0 200 300 i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
# 以上输出表明:
① 路由器R4 上收到的汇总路由“1.1.0.0/22”中,AS-PATH 包含了被聚合路由中所有的AS 号码的集合“{100,300}”;
② 聚合路由正是由于携带了所有的AS,所以在路由器R1 的BGP 表中没有出现,当然在路由器R3 的BGP 表中也不会出现。
# BGP 使用AS-PATH 属性作为路由更新的一部分来确保没有路由环路。因为在BGP 对等体之间传递的每条路由都携带它所经过的AS 号码序列表,如果该路由被通告给它始发的AS,该AS 路由器将在AS 序列表中看到自己的AS,它将不接受该路由。以下的输出充分的说明了这一点;
R2#show ip bgp neighbor 12.12.12.1 advertised-routes
BGP table version is 8, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/24 12.12.12.1 0 0 100 i
*> 1.1.0.0/22 0.0.0.0 100 32768 {100,300} i
*> 1.1.1.0/24 12.12.12.1 0 0 100 i
*> 1.1.2.0/24 23.23.23.3 0 0 300 i
*> 1.1.3.0/24 23.23.23.3 0 0 300 i
*> 4.4.4.0/24 24.24.24.4 0 0 400 i
Total number of prefixes 6
# 以上输出表明路由器R2 仍然向邻居12.12.12.1 发送聚合路由“1.1.0.0/22”。
R1#show ip bgp neighbors 12.12.12.2 received-routes
% Inbound soft reconfiguration not enabled on 12.12.12.2
R1#conf t
R1(config)#router bgp 100
R1(config-router)#neighbor 12.12.12.2 soft-reconfiguration inbound
R1(config-router)#exit
R1(config)#exit
R1#show ip bgp neighbor 12.12.12.2 received-routes
BGP table version is 8, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.2.0/24 12.12.12.2 0 200 300 i
*> 1.1.3.0/24 12.12.12.2 0 200 300 i
*> 4.4.4.0/24 12.12.12.2 0 200 400 i
Total number of prefixes 3
# 以上输出表明路由器R1 没有接收聚合路由“1.1.0.0/22”,因为它发现聚合路由条目中的AS-PATH 属性列表“{100,300}”中包含自己的AS 号码100,所以不接收。同理,路由器R3 也不会接收该聚合路由条目。
# 要执行“show ip bgp neighbors 12.12.12.2 received-routes”命令,必须完成下面这条命令:
R1(config-router)#neighbor 12.12.12.2 soft-reconfiguration inbound
(3) summary-only 参数
# 如果在路由器R4 上只想看到汇总路由,没有明细路由,“summary-only”参数可以实现,在路由器R2 上的配置如下;
R2(config-router)#aggregate-address 1.1.0.0 255.255.252.0 as-set summary-only
R2(config-router)#do show ip bgp
BGP table version is 18, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
s> 1.1.0.0/24 12.12.12.1 0 0 100 i
*> 1.1.0.0/22 0.0.0.0 100 32768 {100,300} i
s> 1.1.1.0/24 12.12.12.1 0 0 100 i
s> 1.1.2.0/24 23.23.23.3 0 0 300 i
s> 1.1.3.0/24 23.23.23.3 0 0 300 i
*> 4.4.4.0/24 24.24.24.4 0 0 400 i
R4#show ip bgp
BGP table version is 18, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/22 24.24.24.2 0 0 200 {100,300} i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
# 以上输出表明:
① 路由器R2 上所有被聚合的明细路由被标记为“s”,表示被抑制,不被发送;
② 路由器R4 只收到一跳聚合路由“1.1.0.0/22 ”。如果不加“as-set”参数,则路由器R1、R3 也会收到该聚合路由。
(4) suppress-map 参数
# 如果有特殊的需求,在聚合后只抑制部分明细路由条目,参数“suppress-map”可以完成。本实验要求路由器R2 地址聚合后,要求路由器R1 的两条明细路由被抑制,而路由器R3 的明细路由要求传递给路由器R4,路由器R2 配置步骤如下:
R2(config)#ip prefix-list 1 permit 1.1.0.0/24
R2(config)#ip prefix-list 1 permit 1.1.1.0/24
R2(config)#route-map sup permit 10
R2(config-route-map)#match ip address prefix-list 1
R2(config-route-map)#router bgp 200
R2(config-router)#$ddress 1.1.0.0 255.255.252.0 as-set suppress-map sup
R1#show ip bgp
BGP table version is 12, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/24 0.0.0.0 0 32768 i
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 1.1.2.0/24 12.12.12.2 0 200 300 i
*> 1.1.3.0/24 12.12.12.2 0 200 300 i
*> 4.4.4.0/24 12.12.12.2 0 200 400 i
R2#show ip bgp
BGP table version is 24, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
s> 1.1.0.0/24 12.12.12.1 0 0 100 i
*> 1.1.0.0/22 0.0.0.0 100 32768 {100,300} i
s> 1.1.1.0/24 12.12.12.1 0 0 100 i
*> 1.1.2.0/24 23.23.23.3 0 0 300 i
*> 1.1.3.0/24 23.23.23.3 0 0 300 i
*> 4.4.4.0/24 24.24.24.4 0 0 400 i
R3#show ip bgp
BGP table version is 14, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.2.0/24 0.0.0.0 0 32768 i
*> 1.1.3.0/24 0.0.0.0 0 32768 i
*> 4.4.4.0/24 23.23.23.2 0 200 400 i
R4#show ip bgp
BGP table version is 20, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/22 24.24.24.2 0 0 200 {100,300} i
*> 1.1.2.0/24 24.24.24.2 0 200 300 i
*> 1.1.3.0/24 24.24.24.2 0 200 300 i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
# 以上输出表明:
① 由于在路由器R2 上将路由器R1 的明细路由“1.1.0.0/24”和“1.1.1.0/24”抑制,所以路由器R3 和R4 不能收到;
② 由于在路由器R2 上没有将明细路由“1.1.2.0/24”和“1.1.3.0/24”抑制,又没有配置“summary-only”参数,所以四台路由器全部收到“1.1.2.0/24”和“1.1.3.0/24”的路由条目;
③ 由于配置了“as-set”参数,所以只有R4 收到汇总路由“1.1.0.0/22”。
实验总结
(1) aggregate-address
aggregate-address address mask [as-set] [as-confed-set] [summary-only] [suppress-map map-name] [advertise-map map-name] [attribute-map map-name]
no aggregate-address address mask [as-set] [as-confed-set] [summary-only] [suppress-map map-name] [advertise-map map-name] [attribute-map map-name]
| Snytax | Description |
|---|---|
| address | Aggregate address. |
| mask | Aggregate mask. |
| as-set | (Optional) Generates autonomous system set path information. |
| as-confed-set | (Optional) Generates autonomous confederation set path information. |
| summary-only | (Optional) Filters all more-specific routes from updates. |
| suppress-map map-name | (Optional) Specifies the name of the route map used to select the routes to be suppressed. |
| advertise-map map-name | (Optional) Specifies the name of the route map used to select the routes to create AS_SET origin communities. |
| attribute-map map-name | (Optional) Specifies the name of the route map used to set the attribute of the aggregate route. |
Command Default The atomic aggregate attribute is set automatically when an aggregate route is created with this command unless the as-set keyword is specified.
Command Modes Address family configuration (config-router-af)
Router configuration (config-router)
Conditional Aggregation Example
In the following example, a route map called MAP-ONE is created to match on an AS-path access list. The path advertised for this route will be an AS_SET consisting of elements contained in paths that are matched in the route map.
Router(config)# ip as-path access-list 1 deny ^1234_
Router(config)# ip as-path access-list 1 permit .*
Router(config)# !
Router(config)# route-map MAP-ONE
Router(config-route-map)# match ip as-path 1
Router(config-route-map)# exit
Router(config)# router bgp 50000
Router(config-router)# address-family ipv4
Router(config-router-af)# aggregate-address 10.0.0.0 255.0.0.0 as-set advertise-map
MAP-ONE
Router(config-router-af)# end
Related Commands
| Command | Description |
|---|---|
| address-family ipv4 (BGP) | Places the router in address family configuration mode for configuring routing sessions such as BGP, RIP, or static routing sessions that use standard IPv4 address prefixes. |
| ip as-path access-list | Defines a BGP autonomous system path access list. |
| match ip address | Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, and performs policy routing on packets. |
| neighbor distribute-list | Distributes BGP neighbor information in an access list. |
| route-map (IP) | Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing. |
(2) ip prefix-list
To create a prefix list or to add a prefix-list entry, use the ip prefix-list command in global configuration mode. To delete a prefix-list entry, use the no form of this command.
ip prefix-list {list-name [seq number] {deny | permit} network/length [ge ge-length] [le le-length] | description description | sequence-number}
no ip prefix-list {list-name [seq number] [{deny | permit} network/length [ge ge-length] [le le-length]] | description description | sequence-number}
| Snytax | Description |
|---|---|
| list-name | Configures a name to identify the prefix list. Do not use the word “detail” or “summary” as a list name because they are keywords in the show ip prefix-list command. |
| seq | (Optional) Applies a sequence number to a prefix-list entry. |
| number | (Optional) Integer from 1 to 4294967294. If a sequence number is not entered when configuring this command, default sequence numbering is applied to the prefix list. The number 5 is applied to the first prefix entry, and subsequent unnumbered entries are incremented by 5. |
| deny | Denies access for a matching condition. |
| permit | Permits access for a matching condition. |
| network/length | Configures the network address and the length of the network mask in bits. The network number can be any valid IP address or prefix. The bit mask can be a number from 1 to 32. |
| ge | (Optional) Specifies the lesser value of a range (the “from” portion of the range description) by applying the ge-length argument to the range specified. Note The ge keyword represents the greater than or equal to operator. |
| ge-length | (Optional) Represents the minimum prefix length to be matched. |
| le | (Optional) Specifies the greater value of a range (the “to” portion of the range description) by applying the le-length argument to the range specified. Note The le keyword represents the less than or equal to operator. |
| le-length | (Optional) Represents the maximum prefix length to be matched. |
| description | (Optional) Configures a descriptive name for the prefix list. |
| description | (Optional) Descriptive name of the prefix list, from 1 to 80 characters in length. |
| sequence-number | (Optional) Enables or disables the use of sequence numbers for prefix lists. |
Command Default No prefix lists or prefix-list entries are created.
Command Modes Global configuration (config)
扫一扫
357
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
