1.BGP路由协议简介
传输协议:TCP--------端口号:179
BGP是外部路由协议,用来在AS(自治区)之间传递路由信息
是一种增强的路径矢量路由协议
拥有可靠的路由更新机智
具备丰富的Metric度量方法
无环路协议设计
为路由条目附带多种属性信息
支持CIDR(无类别域间选路)
丰富的路由过滤和路由策略
无需周期性更新
路由更新时只发送增量路由
周期性发送KeepAlive报文以保持TCP连通性
2.BGP邻居关系
2.1邻居关系
一个BGP建立的网络拓扑整体,建立的邻居关系分IBGP和EBGP
IBGP:属于IGP中,即内部网关路由协议形成的邻居关系,在同一个自治区内
EBGP:属于EGP中,即外部网关路由协议形成的邻居关系,是相邻两个自治区的边界路由器之间的邻居关系
示例图:
2.2邻居状态机
- IDLE(空闲):IDLE是BGP连接的第一个状态,在空闲状态,BGP在等待一个启动时间,启动时间出现以后,BGP初始化资源,复位连接重试计时器,发起一条TCP连接,同时接入Connect状态
- Connect(连接):在connect状态,BGP发起第一个TCP连接,如果连接重试计时器超时,就重新发起TCP连接,并继续保持在connect状态,如果TCP连接失败,就转入Active状态
- Active(活跃):在Active状态,BGP总是在试图建立TCP连接,如果连接重试计时器超时,就退回connect状态,如果TCP连接成功,就转入opensent状态,如果TCP连接失败,就继续在Active状态,并继续发起TCP连接
- opensent(打开消息已发送):在opensent状态,TCP连接已经建立,BGP也已经发送了第一个open报文,剩下的工作,BGP就在等待其对等体发送open报文,并对收到的open惊醒正确性检查,如果有错误,系统就会发送一条出错通知消息并退回IDLE状态,如果没有错误,BGP就会开始发送keepalive报文,并复位keepalive计时器,开始计时。同时转入open confirm状态。
- open confirm(打开消息确认):在open confirm状态,BGP发送一个keepalive报文,同时复位保持计时器,如果收到了一个keepalive报文,就转入Established阶段,BGP邻居关系就建立起来了,如果TCP连接中断,就退回IDLE状态
- Established(连接已建立):在Established状态,BGP邻居关系已建立,这是,BGP将和他的邻居们交换UPdate报文,同时复位保持计时器
3.BGP策略
BGP通过设定策略决定数据发送时的路由选择优先级
1.AS-Path属性(AS路径):可在IBGP和EBGP中使用,路径越短越优先
2.Local-Pref属性(本地优先级):IBGP使用,越大越优先
3.MED属性(权重):EBGP使用,MED值越小,链路越优先
4.综合实验
路由器R1:
#
sysname r1
#
router id 1.1.1.1
#
interface GigabitEthernet0/0/0
ip address 12.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 13.1.1.1 255.255.255.0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
bgp 100
peer 2.2.2.2 as-number 200
peer 2.2.2.2 ebgp-max-hop 255
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 200
peer 3.3.3.3 ebgp-max-hop 255
peer 3.3.3.3 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 1.1.1.1 255.255.255.255
network 2.2.2.2 255.255.255.255
network 3.3.3.0 255.255.255.0
network 3.3.3.3 255.255.255.255
network 12.1.1.0 255.255.255.0
network 13.1.1.0 255.255.255.0
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ip route-static 2.2.2.2 255.255.255.255 12.1.1.2
ip route-static 3.3.3.3 255.255.255.255 13.1.1.3
#
路由器R2:
#
sysname r2
#
router id 2.2.2.2
#
acl number 2000
rule 5 permit source 1.1.1.1 0
#
interface GigabitEthernet0/0/0
ip address 12.1.1.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 24.1.1.2 255.255.255.0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
bgp 200
peer 1.1.1.1 as-number 100
peer 1.1.1.1 ebgp-max-hop 255
peer 1.1.1.1 connect-interface LoopBack0
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 1.1.1.1 255.255.255.255
network 2.2.2.2 255.255.255.255
network 3.3.3.3 255.255.255.255
network 4.4.4.4 255.255.255.255
network 12.1.1.0 255.255.255.0
network 24.1.1.0 255.255.255.0
peer 1.1.1.1 enable
peer 3.3.3.3 enable
peer 3.3.3.3 next-hop-local
peer 4.4.4.4 enable
peer 4.4.4.4 route-policy as export
peer 4.4.4.4 next-hop-local
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 24.1.1.0 0.0.0.255
#
route-policy as permit node 10
if-match acl 2000
apply as-path 666 777 888 additive
#
route-policy as permit node 20
#
ip route-static 1.1.1.1 255.255.255.255 12.1.1.1
#
路由器R3:
#
sysname r3
#
router id 3.3.3.3
#
acl number 2000
rule 5 permit source 4.4.4.4 0
rule 10 permit source 7.7.7.7 0
#
interface GigabitEthernet0/0/0
ip address 34.1.1.3 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 13.1.1.3 255.255.255.0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
bgp 200
peer 1.1.1.1 as-number 100
peer 1.1.1.1 ebgp-max-hop 255
peer 1.1.1.1 connect-interface LoopBack0
peer 2.2.2.2 as-number 200
peer 2.2.2.2 connect-interface LoopBack0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 1.1.1.1 255.255.255.255
network 2.2.2.2 255.255.255.255
network 3.3.3.3 255.255.255.255
network 4.4.4.4 255.255.255.255
network 13.1.1.0 255.255.255.0
network 34.1.1.0 255.255.255.0
peer 1.1.1.1 enable
peer 1.1.1.1 route-policy as export
peer 2.2.2.2 enable
peer 2.2.2.2 next-hop-local
peer 4.4.4.4 enable
peer 4.4.4.4 next-hop-local
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 34.1.1.0 0.0.0.255
#
route-policy as permit node 10
if-match acl 2000
apply as-path 55 66 77 additive
#
route-policy as permit node 20
#
ip route-static 1.1.1.1 255.255.255.255 13.1.1.1
#
路由器R4:
#
sysname r4
#
router id 4.4.4.4
#
interface GigabitEthernet0/0/0
ip address 24.1.1.4 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 34.1.1.4 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 45.1.1.4 255.255.255.0
#
interface GigabitEthernet0/0/3
ip address 46.1.1.4 255.255.255.0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
bgp 200
peer 2.2.2.2 as-number 200
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
peer 5.5.5.5 as-number 300
peer 5.5.5.5 ebgp-max-hop 255
peer 5.5.5.5 connect-interface LoopBack0
peer 6.6.6.6 as-number 300
peer 6.6.6.6 ebgp-max-hop 255
peer 6.6.6.6 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 2.2.2.2 255.255.255.255
network 3.3.3.3 255.255.255.255
network 4.4.4.4 255.255.255.255
network 5.5.5.5 255.255.255.255
network 6.6.6.6 255.255.255.255
network 24.1.1.0 255.255.255.0
network 34.1.1.0 255.255.255.0
network 45.1.1.0 255.255.255.0
network 46.1.1.0 255.255.255.0
peer 2.2.2.2 enable
peer 2.2.2.2 next-hop-local
peer 3.3.3.3 enable
peer 3.3.3.3 next-hop-local
peer 5.5.5.5 enable
peer 6.6.6.6 enable
#
ospf 1
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 24.1.1.0 0.0.0.255
network 34.1.1.0 0.0.0.255
#
ip route-static 5.5.5.5 255.255.255.255 45.1.1.5
ip route-static 6.6.6.6 255.255.255.255 46.1.1.6
#
路由器R5:
#
sysname r5
#
router id 5.5.5.5
#
acl number 2000
rule 5 permit source 4.4.4.4 0
rule 10 permit source 1.1.1.1 0
#
interface GigabitEthernet0/0/0
ip address 45.1.1.5 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 57.1.1.5 255.255.255.0
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
#
bgp 300
peer 4.4.4.4 as-number 200
peer 4.4.4.4 ebgp-max-hop 255
peer 4.4.4.4 connect-interface LoopBack0
peer 6.6.6.6 as-number 300
peer 6.6.6.6 connect-interface LoopBack0
peer 7.7.7.7 as-number 300
peer 7.7.7.7 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 4.4.4.4 255.255.255.255
network 5.5.5.5 255.255.255.255
network 6.6.6.6 255.255.255.255
network 7.7.7.7 255.255.255.255
network 45.1.1.0 255.255.255.0
network 57.1.1.0 255.255.255.0
peer 4.4.4.4 enable
peer 6.6.6.6 enable
peer 6.6.6.6 next-hop-local
peer 7.7.7.7 enable
peer 7.7.7.7 route-policy as export
peer 7.7.7.7 next-hop-local
#
ospf 1
area 0.0.0.0
network 57.1.1.0 0.0.0.255
network 5.5.5.5 0.0.0.0
#
route-policy as permit node 10
if-match acl 2000
apply as-path 11 22 33 additive
#
route-policy as permit node 20
#
ip route-static 4.4.4.4 255.255.255.255 45.1.1.4
#
路由器R6:
#
sysname r6
#
router id 6.6.6.6
#
acl number 2000
rule 5 permit source 7.7.7.7 0
#
interface GigabitEthernet0/0/0
ip address 46.1.1.6 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 67.1.1.6 255.255.255.0
#
interface LoopBack0
ip address 6.6.6.6 255.255.255.255
#
bgp 300
peer 4.4.4.4 as-number 200
peer 4.4.4.4 ebgp-max-hop 255
peer 4.4.4.4 connect-interface LoopBack0
peer 5.5.5.5 as-number 300
peer 5.5.5.5 connect-interface LoopBack0
peer 7.7.7.7 as-number 300
peer 7.7.7.7 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 4.4.4.4 255.255.255.255
network 5.5.5.5 255.255.255.255
network 6.6.6.6 255.255.255.255
network 7.7.7.7 255.255.255.255
network 46.1.1.0 255.255.255.0
network 67.1.1.0 255.255.255.0
peer 4.4.4.4 enable
peer 4.4.4.4 route-policy as export
peer 5.5.5.5 enable
peer 5.5.5.5 next-hop-local
peer 7.7.7.7 enable
peer 7.7.7.7 next-hop-local
#
ospf 1
area 0.0.0.0
network 6.6.6.6 0.0.0.0
network 67.1.1.0 0.0.0.255
#
route-policy as permit node 10
if-match acl 2000
apply as-path 999 567 789 additive
#
route-policy as permit node 20
#
ip route-static 4.4.4.4 255.255.255.255 46.1.1.4
#
路由器R7:
#
sysname r7
#
router id 7.7.7.7
#
interface GigabitEthernet0/0/0
ip address 57.1.1.7 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 67.1.1.7 255.255.255.0
#
interface LoopBack0
ip address 7.7.7.7 255.255.255.255
#
bgp 300
peer 5.5.5.5 as-number 300
peer 5.5.5.5 connect-interface LoopBack0
peer 6.6.6.6 as-number 300
peer 6.6.6.6 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 7.7.7.7 255.255.255.255
network 57.1.1.0 255.255.255.0
network 67.1.1.0 255.255.255.0
peer 5.5.5.5 enable
peer 6.6.6.6 enable
#
ospf 1
area 0.0.0.0
network 7.7.7.7 0.0.0.0
network 57.1.1.0 0.0.0.255
network 67.1.1.0 0.0.0.255
#
4.1实验结果
1.全网互通,所有路由器环回地址可以互相通信
2.数据路由走向:①:R1>R2>R4>R5>R7
②:R7>R6>R4>R3>R1