02 BGP地址聚合
2024-05-11 14:53:34
02 BGP地址聚合
实验目的
通过本实验可以掌握
(1)启动BGP 路由进程
(2)BGP 中通告网络
(3)EBGP 邻居配置
(4)BGP 地址聚合配置和调试
(5)地址聚合中参数“as-set”含义
(6)地址聚合中参数“summary-only”含义
(7)地址聚合中参数“suppress-map”含义
实验拓扑
实验步骤
本实验实现在路由器R2 上将路由器R1 和路由器R3 通告的环回接口的路由进行地址聚合,并通告给路由器R4。在路由器R1、R3、R4 配置静态路由实现网络互通。
1.配置IP地址
# '''R1'''
conf t
int l0
ip add 1.1.0.1 255.255.255.0
no sh
int l1
ip add 1.1.1.1 255.255.255.0
no sh
int f0/0
ip add 12.12.12.1 255.255.255.0
no sh
# '''R2'''
conf t
int f0/0
ip add 12.12.12.2 255.255.255.0
no sh
int f0/1
ip add 23.23.23.2 255.255.255.0
no sh
int f1/0
ip add 24.24.24.2 255.255.255.0
no sh
# '''R3'''
conf t
int l0
ip add 1.1.2.3 255.255.255.0
no sh
int l1
ip add 1.1.3.3 255.255.255.0
no sh
int f0/1
ip add 23.23.23.3 255.255.255.0
no sh
# '''R4'''
conf t
int l0
ip add 4.4.4.4 255.255.255.0
no sh
int f0/1
ip add 24.24.24.4 255.255.255.0
no sh
2.配置BGP
# '''R1'''
router bgp 100
no synchronization
no auto-summary
bgp router-id 1.1.1.1
neighbor 12.12.12.2 remote-as 200
network 1.1.0.0 mask 255.255.255.0
network 1.1.1.0 mask 255.255.255.0
exit
ip route 24.24.24.0 255.255.255.0 12.12.12.2
ip route 23.23.23.0 255.255.255.0 12.12.12.2
exit
# '''R2'''
# '''aggregate-address 1.1.0.0 255.255.252.0 配置地址聚合
router bgp 200
no synchronization
no auto-summary
bgp router-id 2.2.2.2
neighbor 12.12.12.1 remote-as 100
neighbor 23.23.23.3 remote-as 300
neighbor 24.24.24.4 remote-as 400
aggregate-address 1.1.0.0 255.255.252.0
# '''R3'''
router bgp 300
no synchronization
no auto-summary
bgp router-id 3.3.3.3
neighbor 23.23.23.2 remote-as 200
network 1.1.2.0 mask 255.255.255.0
network 1.1.3.0 mask 255.255.255.0
exit
ip route 12.12.12.0 255.255.255.0 23.23.23.2
ip route 24.24.24.0 255.255.255.0 23.23.23.2
# '''R4'''
router bgp 400
no synchronization
no auto-summary
bgp router-id 4.4.4.4
neighbor 24.24.24.2 remote-as 200
network 4.4.4.0 mask 255.255.255.0
exit
ip route 12.12.12.0 255.255.255.0 24.24.24.2
ip route 23.23.23.0 255.255.255.0 24.24.24.2
exit
实验调试
(1) 在路由器R1、R4上查看BGP表
R1#show ip bgp
BGP table version is 7, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/24 0.0.0.0 0 32768 i
*> 1.1.0.0/22 12.12.12.2 0 0 200 i
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 1.1.2.0/24 12.12.12.2 0 200 300 i
*> 1.1.3.0/24 12.12.12.2 0 200 300 i
*> 4.4.4.0/24 12.12.12.2 0 200 400 i
R4#show ip bgp
BGP table version is 7, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/24 24.24.24.2 0 200 100 i
*> 1.1.0.0/22 24.24.24.2 0 0 200 i
*> 1.1.1.0/24 24.24.24.2 0 200 100 i
*> 1.1.2.0/24 24.24.24.2 0 200 300 i
*> 1.1.3.0/24 24.24.24.2 0 200 300 i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
# 以上输出表明:
① 路由器R1、R4 收到“1.1.0.0/22”聚合路由,通过AS-PATH 属性可以看出,执行地址聚合的路由器R2 成为新路由的创造者,原来AS-PATH 属性丢失;
② 路由器R4 同时也收到4 条明细路由,在显示的AS-PATH 序列中,路由的始发AS 在列表的末端(右侧),每个收到该路由,并把它传递给其它AS 的BGP 对等体会把它自己的AS 追加在列表的开头(左侧);
③ BGP 路由器下一跳为“0.0.0.0”,表示该BGP 路由起源本地,Weight 值为“32768”;
④ 因为所有BGP 路由条目的代码为“*>”,所以所有BGP 路由条目都为最优。
(2) as-set 参数
# “as-set”可以使BGP 聚合路由不丢失原来的AS-PATH 属性,从而避免路由环路,在路由器R2 配置as-set参数,然后再次查看R1、R4的BGP表
R2(config-router)#aggregate-address 1.1.0.0 255.255.252.0 as-set
R1#show ip bgp
BGP table version is 8, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/24 0.0.0.0 0 32768 i
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 1.1.2.0/24 12.12.12.2 0 200 300 i
*> 1.1.3.0/24 12.12.12.2 0 200 300 i
*> 4.4.4.0/24 12.12.12.2 0 200 400 i
R4#show ip bgp
BGP table version is 8, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/24 24.24.24.2 0 200 100 i
*> 1.1.0.0/22 24.24.24.2 0 0 200 {100,300} i
*> 1.1.1.0/24 24.24.24.2 0 200 100 i
*> 1.1.2.0/24 24.24.24.2 0 200 300 i
*> 1.1.3.0/24 24.24.24.2 0 200 300 i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
# 以上输出表明:
① 路由器R4 上收到的汇总路由“1.1.0.0/22”中,AS-PATH 包含了被聚合路由中所有的AS 号码的集合“{100,300}”;
② 聚合路由正是由于携带了所有的AS,所以在路由器R1 的BGP 表中没有出现,当然在路由器R3 的BGP 表中也不会出现。
# BGP 使用AS-PATH 属性作为路由更新的一部分来确保没有路由环路。因为在BGP 对等体之间传递的每条路由都携带它所经过的AS 号码序列表,如果该路由被通告给它始发的AS,该AS 路由器将在AS 序列表中看到自己的AS,它将不接受该路由。以下的输出充分的说明了这一点;
R2#show ip bgp neighbor 12.12.12.1 advertised-routes
BGP table version is 8, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/24 12.12.12.1 0 0 100 i
*> 1.1.0.0/22 0.0.0.0 100 32768 {100,300} i
*> 1.1.1.0/24 12.12.12.1 0 0 100 i
*> 1.1.2.0/24 23.23.23.3 0 0 300 i
*> 1.1.3.0/24 23.23.23.3 0 0 300 i
*> 4.4.4.0/24 24.24.24.4 0 0 400 iTotal number of prefixes 6
# 以上输出表明路由器R2 仍然向邻居12.12.12.1 发送聚合路由“1.1.0.0/22”。
R1#show ip bgp neighbors 12.12.12.2 received-routes
% Inbound soft reconfiguration not enabled on 12.12.12.2
R1#conf t
R1(config)#router bgp 100
R1(config-router)#neighbor 12.12.12.2 soft-reconfiguration inbound
R1(config-router)#exit
R1(config)#exit
R1#show ip bgp neighbor 12.12.12.2 received-routes
BGP table version is 8, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.2.0/24 12.12.12.2 0 200 300 i
*> 1.1.3.0/24 12.12.12.2 0 200 300 i
*> 4.4.4.0/24 12.12.12.2 0 200 400 iTotal number of prefixes 3
# 以上输出表明路由器R1 没有接收聚合路由“1.1.0.0/22”,因为它发现聚合路由条目中的AS-PATH 属性列表“{100,300}”中包含自己的AS 号码100,所以不接收。同理,路由器R3 也不会接收该聚合路由条目。
# 要执行“show ip bgp neighbors 12.12.12.2 received-routes”命令,必须完成下面这条命令:
R1(config-router)#neighbor 12.12.12.2 soft-reconfiguration inbound
(3) summary-only 参数
# 如果在路由器R4 上只想看到汇总路由,没有明细路由,“summary-only”参数可以实现,在路由器R2 上的配置如下;
R2(config-router)#aggregate-address 1.1.0.0 255.255.252.0 as-set summary-only
R2(config-router)#do show ip bgp
BGP table version is 18, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
s> 1.1.0.0/24 12.12.12.1 0 0 100 i
*> 1.1.0.0/22 0.0.0.0 100 32768 {100,300} i
s> 1.1.1.0/24 12.12.12.1 0 0 100 i
s> 1.1.2.0/24 23.23.23.3 0 0 300 i
s> 1.1.3.0/24 23.23.23.3 0 0 300 i
*> 4.4.4.0/24 24.24.24.4 0 0 400 i
R4#show ip bgp
BGP table version is 18, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/22 24.24.24.2 0 0 200 {100,300} i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
# 以上输出表明:
① 路由器R2 上所有被聚合的明细路由被标记为“s”,表示被抑制,不被发送;
② 路由器R4 只收到一跳聚合路由“1.1.0.0/22 ”。如果不加“as-set”参数,则路由器R1、R3 也会收到该聚合路由。
(4) suppress-map 参数
# 如果有特殊的需求,在聚合后只抑制部分明细路由条目,参数“suppress-map”可以完成。本实验要求路由器R2 地址聚合后,要求路由器R1 的两条明细路由被抑制,而路由器R3 的明细路由要求传递给路由器R4,路由器R2 配置步骤如下:
R2(config)#ip prefix-list 1 permit 1.1.0.0/24
R2(config)#ip prefix-list 1 permit 1.1.1.0/24
R2(config)#route-map sup permit 10
R2(config-route-map)#match ip address prefix-list 1
R2(config-route-map)#router bgp 200
R2(config-router)#$ddress 1.1.0.0 255.255.252.0 as-set suppress-map sup
R1#show ip bgp
BGP table version is 12, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/24 0.0.0.0 0 32768 i
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 1.1.2.0/24 12.12.12.2 0 200 300 i
*> 1.1.3.0/24 12.12.12.2 0 200 300 i
*> 4.4.4.0/24 12.12.12.2 0 200 400 i
R2#show ip bgp
BGP table version is 24, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
s> 1.1.0.0/24 12.12.12.1 0 0 100 i
*> 1.1.0.0/22 0.0.0.0 100 32768 {100,300} i
s> 1.1.1.0/24 12.12.12.1 0 0 100 i
*> 1.1.2.0/24 23.23.23.3 0 0 300 i
*> 1.1.3.0/24 23.23.23.3 0 0 300 i
*> 4.4.4.0/24 24.24.24.4 0 0 400 i
R3#show ip bgp
BGP table version is 14, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.2.0/24 0.0.0.0 0 32768 i
*> 1.1.3.0/24 0.0.0.0 0 32768 i
*> 4.4.4.0/24 23.23.23.2 0 200 400 i
R4#show ip bgp
BGP table version is 20, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path
*> 1.1.0.0/22 24.24.24.2 0 0 200 {100,300} i
*> 1.1.2.0/24 24.24.24.2 0 200 300 i
*> 1.1.3.0/24 24.24.24.2 0 200 300 i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
# 以上输出表明:
① 由于在路由器R2 上将路由器R1 的明细路由“1.1.0.0/24”和“1.1.1.0/24”抑制,所以路由器R3 和R4 不能收到;
② 由于在路由器R2 上没有将明细路由“1.1.2.0/24”和“1.1.3.0/24”抑制,又没有配置“summary-only”参数,所以四台路由器全部收到“1.1.2.0/24”和“1.1.3.0/24”的路由条目;
③ 由于配置了“as-set”参数,所以只有R4 收到汇总路由“1.1.0.0/22”。
实验总结
(1) aggregate-address
aggregate-address address mask [as-set] [as-confed-set] [summary-only] [suppress-map map-name] [advertise-map map-name] [attribute-map map-name]
no aggregate-address address mask [as-set] [as-confed-set] [summary-only] [suppress-map map-name] [advertise-map map-name] [attribute-map map-name]
| Snytax | Description |
|---|---|
| address | Aggregate address. |
| mask | Aggregate mask. |
| as-set | (Optional) Generates autonomous system set path information. |
| as-confed-set | (Optional) Generates autonomous confederation set path information. |
| summary-only | (Optional) Filters all more-specific routes from updates. |
| suppress-map map-name | (Optional) Specifies the name of the route map used to select the routes to be suppressed. |
| advertise-map map-name | (Optional) Specifies the name of the route map used to select the routes to create AS_SET origin communities. |
| attribute-map map-name | (Optional) Specifies the name of the route map used to set the attribute of the aggregate route. |
Command Default The atomic aggregate attribute is set automatically when an aggregate route is created with this command unless the as-set keyword is specified.
Command Modes Address family configuration (config-router-af)
Router configuration (config-router)
Conditional Aggregation Example
In the following example, a route map called MAP-ONE is created to match on an AS-path access list. The path advertised for this route will be an AS_SET consisting of elements contained in paths that are matched in the route map.
Router(config)# ip as-path access-list 1 deny ^1234_
Router(config)# ip as-path access-list 1 permit .*
Router(config)# !
Router(config)# route-map MAP-ONE
Router(config-route-map)# match ip as-path 1
Router(config-route-map)# exit
Router(config)# router bgp 50000
Router(config-router)# address-family ipv4
Router(config-router-af)# aggregate-address 10.0.0.0 255.0.0.0 as-set advertise-map
MAP-ONE
Router(config-router-af)# end
Related Commands
| Command | Description |
|---|---|
| address-family ipv4 (BGP) | Places the router in address family configuration mode for configuring routing sessions such as BGP, RIP, or static routing sessions that use standard IPv4 address prefixes. |
| ip as-path access-list | Defines a BGP autonomous system path access list. |
| match ip address | Distributes any routes that have a destination network number address that is permitted by a standard or extended access list, and performs policy routing on packets. |
| neighbor distribute-list | Distributes BGP neighbor information in an access list. |
| route-map (IP) | Defines the conditions for redistributing routes from one routing protocol into another, or enables policy routing. |
(2) ip prefix-list
To create a prefix list or to add a prefix-list entry, use the ip prefix-list command in global configuration mode. To delete a prefix-list entry, use the no form of this command.
ip prefix-list {list-name [seq number] {deny | permit} network/length [ge ge-length] [le le-length] | description description | sequence-number}
no ip prefix-list {list-name [seq number] [{deny | permit} network/length [ge ge-length] [le le-length]] | description description | sequence-number}
| Snytax | Description |
|---|---|
| list-name | Configures a name to identify the prefix list. Do not use the word “detail” or “summary” as a list name because they are keywords in the show ip prefix-list command. |
| seq | (Optional) Applies a sequence number to a prefix-list entry. |
| number | (Optional) Integer from 1 to 4294967294. If a sequence number is not entered when configuring this command, default sequence numbering is applied to the prefix list. The number 5 is applied to the first prefix entry, and subsequent unnumbered entries are incremented by 5. |
| deny | Denies access for a matching condition. |
| permit | Permits access for a matching condition. |
| network/length | Configures the network address and the length of the network mask in bits. The network number can be any valid IP address or prefix. The bit mask can be a number from 1 to 32. |
| ge | (Optional) Specifies the lesser value of a range (the “from” portion of the range description) by applying the ge-length argument to the range specified. Note The ge keyword represents the greater than or equal to operator. |
| ge-length | (Optional) Represents the minimum prefix length to be matched. |
| le | (Optional) Specifies the greater value of a range (the “to” portion of the range description) by applying the le-length argument to the range specified. Note The le keyword represents the less than or equal to operator. |
| le-length | (Optional) Represents the maximum prefix length to be matched. |
| description | (Optional) Configures a descriptive name for the prefix list. |
| description | (Optional) Descriptive name of the prefix list, from 1 to 80 characters in length. |
| sequence-number | (Optional) Enables or disables the use of sequence numbers for prefix lists. |
Command Default No prefix lists or prefix-list entries are created.
Command Modes Global configuration (config)
02 BGP地址聚合相关推荐
- 5.4 BGP地址聚合
5.3.1配置BGP地址聚合 1. 实验目的 熟悉BGP地址聚合的应用场景 掌握BGP地址聚合的配置方法 2. 实验拓扑 实验拓扑如图5-4所示: 图5-4:配置BGP地址聚合 3. ...
- 网络协议02 - Mac地址和IP地址
MAC地址 介绍 每一个网卡都要一个6字节的MAC地址(Media Access Control Address),该地址全球唯一,固化在网卡的ROM中,由IEEE802标准规定 前3个字节:组织唯一 ...
- 02. MAC地址 · ARP · ICMP · IP地址 · 子网 · 超网 · 端口
MAC · IP · 子网 · 超网 MAC地址 MAC地址的表示格式 MAC地址操作(查看.修改)[实践] MAC地址的获取[实践] ARP ICMP IP地址 · 子网掩码 IP地址的组成 IP地 ...
- 视频教程-从零开始学BGP--【适用于思科CCNA、CCNP入门】-路由协议
从零开始学BGP--[适用于思科CCNA.CCNP入门] 原苏州万博IT教育创始人兼CEO,苏州46516VUE思科考试中心负责人.9年思科培训(CCNA,CCNP,CCIE全能讲师)和考场管理经验, ...
- BGP同步与路由黑洞,路由聚合
BGP路由不优 BGP路由下一跳不可达 BGP同步 拓扑图 (AS 234之间直接 2 4建立BGP,EBGP之间采取直连 ) 下一跳属性: 将EBGP邻居学习路由传递给IBGP邻居时,下一跳不发生变 ...
- BGP协议路由聚合—AS-SET的使用
BGP协议可以使用命令,将具体路由聚合成一条聚合路由. 路由聚合原则采用最长相同掩码匹配的方法. 路由聚合可以减小路由表的规模. BGP的聚合分为两种: 1. 自动聚合(现网中不用,可控性差,只能聚合 ...
- 锐捷BGP基础配置(邻居建立、路由重发布、路由聚合、认证)
目录 配置IBGP邻居 配置EBGP邻居 配置BGP重发布OSPF BGP路由聚合 BGP其它配置 配置IBGP邻居 R2.R3.R4底层IGP互通,此处IGP互通配置不做介绍 R2与R4通过Loop ...
- BGP路由器协议排错教程:BGP 路由通告的排错
工程师很容易对 BGP 路由通告产生误解,这是本章第一个需要解释清楚的概念. 4.1.1 本地路由通告问题 假设现在有一台路由器,它要把网络 10.1.0.0/16 和 10.0.0.0/8 放到 B ...
- BGP------BGP工作原理、BGP属性及选路原则
BGP工作原理 一.BGP报文 1.open报文 作用:建立邻居.协商参数 open报文只在邻居建立时发送,不会周期发送 内容: version:BGP版本 My AS:自身的AS号 hold tim ...
最新文章
- HDU 1061 Rightmost Digit
- 【MATLAB】数据分析之数据插值
- MVC 中使用bootstrap-select 基础使用方法
- 内存管理-定时器循环、内存布局、tagged pointer、weak指针、copy、自动释放池
- STM32 FSMC学习笔记+补充(LCD的FSMC配置)
- 深度学习的基础知识(机器学习、损失函数、梯度下降、反向传播、基础模型一网打尽)
- mingw编译wxwidgets
- java实现打印菱形
- NYOJ 10 skiing
- divi模板下载_Java Math类静态double IEEEremainder(double divi,double divisor)的示例
- Android 内存泄漏分析与解决方法
- ECSHOP解决大量重复页面问题,提高SEO效果
- 制作ext4 img的两种方式
- 2021 Pycharm汉化教程,两种方法,带图讲解,简洁明了
- matlab分割txt数据,MATLAB批量分割txt数据
- 用cmd命令行下载github中的工程文件
- 崩溃!因对领导不满前网管离职后远程入侵服务器,致诊疗系统瘫痪!
- 如何使用Win10原生的截图工具Snipping Tool?
- 兄弟机cnc系统面板图解_兄弟机操作面板及编程
- 如何分析和判断中国经济大势