网络设备安装与调试chp10bgp课件

1、边界网关路由协议BGP教学目标（ Objectives ）1.BGP概念和术语（ Concepts and Terminology ）2. BGP特征（BGP Characteristics）3. EBGP and IBGP4. BGP路由汇总（ Route Summarization）5. BGP路径属性（BGP Path Attributes）6. BGP选路判定（Selecting a BGP Path）第一节 BGP基本原理和基本配置使用BGP连接到Internet（Using BGP to Connect to the Internet）BGP自治系统（BGP Autonomous

2、Systems）AS是一组被统一管理的路由器，他们使用相同的内部网关路由协议和统一的度量值来决定在AS内部路由数据包，并使用EGP决定如何把数据包路由到其他的AS。An AS is a collection of networks under a single technical administration.AS.IGP在一个AS内操作（IGPs operate within an）BGP在AS之间操作。（BGP is used between autonomous systems. ）确保无环路的路由信息的交换（Exchange of loop-free routing informati

3、on is guaranteed.）路径向量路由（BGP Path-Vector Routing）IGP通告网络，并描述到达这些网络的度量值IGPs announce networks and describe the metric to reach those networks. BGP通告路径和网络的可达信息。BGP通过属性（类似度量值）来描述路径信息BGP announces paths and the networks that are reachable at the end of the path. BGP describes the path by using attribute

4、s, which are similar to metrics.BGP允许管理员定义策略来决定数据怎样通过ASBGP allows administrators to define policies or rules for how data will flow through the autonomous systems.BGP路由策略（BGP Routing Policies）BGP路由选择采用逐跳模式BGP can support any policy conforming (一致) to the hop-by-hop (AS-by-AS) routing paradigm.BGP特征（

5、BGP Characteristics）当至少满足下面的至少一个条件时，最适合使用BGPBGP is most appropriate when at least one of the following conditions exists:一个AS允许数据包穿越它到达另外的AS,如ISPAn AS allows packets to transit through it to reach other autonomous systems (for example, it is a service provider).一个AS到其他的AS有多个连接An AS has multiple conn

6、ections to other autonomous systems.必须对进入和离开AS的流量的路由策略和路由选择方式进行控制Routing policy and route selection for traffic entering and leaving the AS must be manipulated.BGP特征（BGP Characteristics）满足下列条件之一的，不适合使用BGP:BGP is not always appropriate. You do not have to use BGP if you have one of the following cond

7、itions:对路由过滤和BGP路径选择过程的理解有限Limited understanding of route filtering and BGP path-selection process到其他AS只有一条路径A single connection to the Internet or another AS路由器没有足够的能力处理连续的BGP更新Lack of memory or processor power to handle constant updates on BGP routers BGP特征（BGP Characteristics）BGP是路径向量协议，比距离向量提升的特

8、征如下：BGP is a path-vector protocol with the following enhancements over distance vector protocols:可靠更新：运行在TCP的179端口Reliable updates: runs on top of TCP (port 179)仅仅是增量和触发更新Incremental, triggered updates only定期的keepalive消息验证TCP的连接Periodic keepalive messages to verify TCP connectivity丰富的属性Rich metrics

9、(called path vectors or attributes)被设计用于巨型网络Designed to scale to huge internetworks (for example, the Internet)BGP数据库（BGP Databases）邻居表 （Neighbor table）List of BGP neighbors show ip bgp neighbors show ip bgp summary BGP表 （BGP table ，forwarding database) show ip bgp 列出从每个邻居学到的所有网络List of all networks

10、 learned from each neighbor可以包含到达目的网络的多条路径Can contain multiple paths to destination networks 每条BGP路径都包含属性Contains BGP attributes for each pathIP路由表（ IP routing table ）show ip routeList of best paths to destination networks列出到达目的网络的最佳路径对等体=邻居（Peers = Neighbors）“BGP peer”用于已经形成邻居关系的BGP发言者的特定的术语A “BGP

11、peer” also known as a “BGP neighbor,” is a specific term that is used for BGP speakers that have established a neighbor relationship. 两台路由器形成TCP连接，并且交换BGP的路由信息，就称为BGP对等体或邻居Any two routers that have formed a TCP connection to exchange BGP routing information are called BGP peers or BGP neighbors.Exte

12、rnal BGP当运行BGP的邻居属于不同的AS时，称为EBGPWhen BGP is running between neighbors that belong to different autonomous systems, it is called EBGP.默认情况下，EBGP的邻居需要直接连接EBGP neighbors, by default, need to be directly connected.Internal BGP当运行BGP的邻居属于相同的AS时，称为IBGPWhen BGP is running between neighbors within the same

13、AS, it is called IBGP.IBGP的邻居不需要直接连接The neighbors do not have to be directly connected.IBGP in a Transit（中转） AS (ISP)不推荐将BGP路由重分布到IGP中，替代的是，在所有的路由器上运行IBGPRedistributing BGP into an IGP (OSPF in this example) is not recommended. Instead, run IBGP on all routers.非传递区域IBGP邻居关系（IBGP Neighbor in a NonTra

14、nsit AS）IBGP水平分割原则（ IBGP Split Horizon Rule ）IBGP水平分割原则:默认情况下，从IBGP学到的路由，不再传递给其他的IBGP邻居,所以需要全互联的IBGPIBGP Split Horizon Rule：By default, routes learned via IBGP are never propagated to other IBGP peers, so they need full-mesh IBGP.Routing Issues If BGP Not on in All Routers in Transit Path路由器将丢弃去往10.

15、0.0.0网络的数据包。因为路由器C没有运行IBGP,因此他没有从路由器B学到该路由Router C will drop the packet to network . Router C is not running IBGP; therefore, it has not learned about the route to network from router B.本例中，路由器B和E没有把BGP重分布到OSPF中In this example, router B and router E are not redistributing BGP into O

16、SPF.解决方案（Resolution）Solution 1: full mesh（逻辑全互联）对路由器的资源和带宽的使用都成为负担，管理任务也很重Become a burden on router resources, bandwidth usage, and administrative overhead如果IBGP路由器的个数为n，TCP和BGP的连接是n(n-1)/2 If the number of IBGP routers is n, then the number of TCP and BGP connections is n(n-1)/2Solution 2: route re

17、flectors (RR,路由反射器)类似OSPF中的DR和BDR的特征This approach similar to OSPFs DR/BDR feature推荐在每个路由器有100个会话以上时使用Recommend only for AS that support approximately more than 100 sessions per routerBGP命令（BGP Commands）router bgp autonomous-systemRouter(config)#这条命令仅仅是进入路由配置模式，必须执行子命令才能激活BGP进程This command enters rou

18、ter configuration mode only; subcommands must be entered to activate BGP.在一台路由器上只能配置一个BGP进程Only one instance of BGP can be configured on the router.AS号用来识别路由器属于哪个ASThe autonomous system number identifies the autonomous system to which the router belongs.通过比较该命令的和邻居陈述的AS号码，路由器可以确定邻居是内部邻居还是外部邻居The aut

19、onomous system number in this command is compared to the autonomous system numbers listed in neighbor statements to determine if the neighbor is an internal or external neighbor.BGP neighbor命令（BGP neighbor remote-as Command）neighbor ip-address | peer-group-name remote-as autonomous-systemRouter(conf

20、ig-router)#该命令激活与邻居的BGP会话The neighbor command activates a BGP session with this neighbor. IP地址是BGP发往邻居的所有数据包的目的地址The IP address that is specified is the destination address of BGP packets going to this neighbor.在建立BGP关系之前，要确保该IP地址可达This router must have an IP path to reach this neighbor before it ca

21、n set up a BGP relationship. remote-as参数指明邻居路由器所在的ASThe remote-as option shows what AS this neighbor is in. IBGP和EBGP都是用该命令建立邻居关系This command is used for both external and internal neighbors.BGP neighbor命令举例（Example: BGP neighbor Command）BGP network命令（BGP network Command）network network-number mask

22、network-mask route-map map-tag Router(config-router)#该命令告诉BGP通告什么网络This command tells BGP what network to advertise.该命令不是在接口上启用BGP协议The command does not activate the protocol on an interface.没有mask选项，该命令通告有类别的网络，如果路由表中存在子网路由，有类地址也可以被通告，前提是开启自动汇总，自动汇总本地生效Without a mask option, the command advertises

23、classful networks. If a subnet of the classful network exists in a routing table, the classful address is announced.如果有mask参数，BGP在通告之前要最精确匹配本地的路由条目With the mask option, BGP looks for an exact match in the local routing table before announcing the route.实例：BGP network命令（Example: BGP network Command）

24、network mask Router(config-router)#在路由表中精确查找/24 ，如果不匹配，就不通告The router looks for exactly /24 in the routing table, but cannot find it, so it will not announce anything. network mask Router(config-router)#路由器在路由表中精确查找/16路

25、由条目The router looks for exactly /16 in the routing table.如果路由表中没有匹配的路由，你可以通过添加指向null0的路由，以便能够被宣告。If the exact route is not in the table, you can add a static route to null0 so that the route can be announced.Case Study1：BGP基本配置第二节 IBGP和EBGPBGP更新源问题(BGP Issues with Source IP Address)当创建BGP

26、分组时，目的地址是邻居后指定的地址，源地址是出接口的地址When creating a BGP packet, the neighbor statement defines the destination IP address and the outbound interface defines the source IP address.当从一个新的BGP会话收到BGP数据包时，将数据包的源地址与邻居指定的地址比较：When a BGP packet is received for a new BGP session, the source address of the packet is

27、compared to the list of neighbor statements:如果地址匹配，邻居关系形成If a match is found, a relationship is established.如果不匹配，忽略数据包If no match is found, the packet is ignored.必须确定源地址和neighbor命令指定的地址匹配，否则邻居关系不能建立Make sure that the source IP address matches the address that the other router has in its neighbor st

28、atement.指定BGP邻居更新源的命令（BGP neighbor update-source Command）neighbor ip-address | peer-group-name update-source interface-type interface-numberRouter(config-router)#该命令将允许BGP进程使用指定接口的IP地址作为BGP的更新源This command allows the BGP process to use the IP address of a specified interface as the source IP address

29、 of all BGP updates to that neighbor.通常使用环回接口（A loopback interface is usually used）正常情况下，通常在建立IBGP邻居关系的使用该命令（The neighbor update-source command is normally used only with IBGP neighbors.）EBGP邻居的地址通常是直连，而使用环回接口作为更新源并没有直连The address of an EBGP neighbor must be directly connected by default; the loopba

30、ck of an EBGP neighbor is not directly connected.使用环回接口作为更新源的例子（Example: BGP Using Loopback Addresses）EBGP多跳命令（BGP neighbor ebgp-multihop Command）neighbor ip-address | peer-group-name ebgp-multihop ttl Router(config-router)#该命令解决了默认是EBGP只有一跳的限制This command increases the default of one hop for EBGP p

31、eers.能够路由到EBGP环回接口地址It allows routes to the EBGP loopback address 可以使得跳数大于1 Which will have a hop count greater than 1.EBGP多跳举例（Example: ebgp-multihop Command）下一跳行为（Next-Hop Behavior）BGP是逐AS的路由协议，而不是逐路由器路由协议BGP is an AS-by-AS routing protocol, not a router-by-router routing protocol. 在BGP中下一跳并不意味着下一

32、个路由器，而是到达下一个AS的IP地址In BGP, the next hop does not mean the next router; it means the IP address to reach the next AS.对于EBGP,默认下一跳发送更新的邻居路由器的IP地址For EBGP, the default next hop is the IP address of the neighbor router that sent the update.对于IBGP，被EBGP通告的下一跳地址将被携带到IBGP 中For IBGP, the BGP protocol states

33、 that the next hop advertised by EBGP should be carried into IBGP.下一跳行为举例（Example: Next-Hop Behavior）Router A advertisesnetwork torouter B in EBGP, with a next hop of .Router B advertises in IBGP torouter C, keeping as the next-hop address.BGP邻居下一跳自我命令（BGP ne

34、ighbor next-hop-self Command）强制对这个邻居的更新使用自己作为下一跳Forces all updates for this neighbor to beadvertised with this router as the next hop.使用next-hop-self参数的下一跳地址是BGP的更新源The IP address used for the next-hop-self option will be the same as the source IP address of the BGP packet.neighbor ip-address | peer

35、-group-name next-hop-selfRouter(config-router)#下一跳自我配置举例（Example: next-hop-self Configuration）RouterA#sh ip bgp neighborsBGP neighbor is , remote AS 64998, external link BGP version 4, remote router ID BGP state = Established, up for 00:19:10 Last read 00:00:10, last write 00:00

36、:10, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received Message statistics: InQ depth is 0 OutQ depth is 0 Sent Rcvd Opens: 7 7 Notifications: 0 0 Updates: 13 38 show ip bgp

37、neighbors CommandCase Study2：IBGP和EBGP配置第三节 BGP路由汇总CIDR和地址聚合（CIDR and Aggregate Addresses）BGP4是无类路由协议，支持VLSM和最长路由匹配，在每个网络更新中，携带掩码信息。 BGP4 is classless,supports VLSM and longest match routing, and carries a network mask for each network in the update.网络边界汇总（Network Boundary Summarization）no auto-summ

38、aryRouter(config-router)# network network-number mask network-maskRouter(config-router)#BGP network Commandip route prefix mask null0Router(config)#使用network命令要慎重（Cautions about Network Statement）使用network命令和指向null0的静态路由实现BGP路由汇总。BGP Summarization Using the network Command and Static Route to Null0。

39、配置BGP地址聚合（Configuring BGP for Aggregate Addressing）aggregate-address ip-address mask summary-only as-setRouter(config-router)#使用aggregate-address命令（Using the aggregate-address Command）Network /22 *s s s s Next Hop

40、 LocPrfWeight 32768 32768 32768 32768 32768 Path i i i i iMetric 0 0 0 0 0routerC# show ip bgpBGP table version is 28, local router ID is Status codes: s = suppressed, * = valid, = best, and i = internalOrigin codes : i = IGP, e = EGP, and ? = incompleteCase Study3：BGP路由汇总配置

41、第四节 BGP路径选择BGP路径属性（BGP Path Attributes）BGP度量值也叫路径属性BGP metrics are called path attributes.路径属性的特征包括： （Characteristics of path attributes include:）公认对可选Well-known versus optional必遵对自决Mandatory versus discretionary可传递对对非可传递Transitive versus nontransitive公认属性（Well-known attributes）公认属性（Well-known attri

42、butes）所有的BGP实现都必须识别这些属性Must be recognized by all compliant BGP implementations被传递给其他的BGP邻居Are propagated to other neighbors公认必遵（Well-known mandatory attributes）必须出现在所有的更新中Must be present in all update messages公认自决（Well-known discretionary attributes）可以不出现在更新中May be present in update messages任选属性（Opt

43、ional attributes）任选属性（Optional attributes）可以被某些BGP实现所识别（可能是私有），但是不是期望被所有的BGP路由器识别They are recognized by some implementations (could be private); but expected not to be recognized by all BGP routers.识别的可选属性基于他们的含义被传递到其他的邻居Recognized optional attributes are propagated to other neighbors based on their

44、 meaning. 任选可传递（Optional transitive attributes）如果不识别，标记为部分，然后传给其他的邻居(If not recognized, marked as partial and propagated to other neighbors) 任选不可传递（Optional nontransitive attributes）不识别，就丢弃（Discarded if not recognized）BGP属性（BGP Attributes）BGP属性包括如下：BGP attributes include the following:AS path * AS路径

45、Next-hop * 下一跳Origin * 起源Local preference 本地优先级MED 多出口区分Others* Well-known mandatory attributeAS Path属性（AS Path Attribute）路由所经过的AS序列：A list of autonomous systems that a route has traversed:For example, on router B, the path to is the AS sequence (65500, 64520).AS path是公认必遵属性The AS path a

46、ttribute is well-known, mandatory.仅当路由器通告给EBGP邻居时，才会加上自己的AS号，通告给IBGP邻居时，不会修改AS PATH属性下一跳属性（Next-Hop Attribute）到达指定网络下一个AS的IP地址The IP address of the next AS to reach a given network:Router A advertises network torouter B in EBGP, with anext hop of .Router B advertises i

47、n IBGP torouter C, keeping as the next-hop address.下一跳是公认必遵的属性The next-hop attribute is well-known, mandatory.起源属性（Origin Attribute）IGP (i)network commandEGP (e)从EGP重分布（Redistributed from EGP）Incomplete (?)从IGP或静态重分布（Redistributed from IGP or static）起源属性通知网络上所有AS路由是怎样放到BGP中的The origin attr

48、ibute informs all autonomous systems in the internetwork how the prefixes were introduced into BGP.起源是公认必遵的属性The origin attribute is well-known, mandatory.起源属性实例（Example: Origin Attribute）RouterA# show ip bgpBGP table version is 14, local router ID is Status codes: s suppressed, d damped,

49、 h history, * valid, best, i - internal, r RIB-failure, S StaleOrigin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path* /24 0 32768 i* i 0 100 0 i* /24 0 32768 i*i/24 0 100 0 i* /24 0 649

50、98 64997 i* 0 64999 64997 i* i 0 100 0 64999 64997 i* /24 0 0 64998 i* 0 64999 64998 i* i 0 100 0 64998 ir /24 0 0 64998 ir 0 64999 64998 ir i 0 100 0 64998 i* /24 0 0 64998 i本地优先级属性（Local Preference Attribute）本地优先级属性用于通告给IBGP邻居怎样离开本ASLocal preference is used to advertise to IBGP neighbors about how to leave their AS.只通告给IBGP邻居，AS内有效The local preference is sent to IBGP ne