BGP路由聚合
在大規模的網絡中,BGP路由表十分龐大,給設備造成了很大的負擔,同時使發生路由振盪的機率也大大增加,影響網絡的穩定性。
路由聚合是將多條路由合併的機制,它通過只向對等體發送聚合後的路由而不發送所有的具體路由的方法,減小路由表的規模。並且被聚合的路由如果發生路由振盪,也不再對網絡造成影響,從而提高了網絡的穩定性。
拓撲:
基本配置:
完成基本接口配置 (略)
完成AS200內IGP配置,使用OSPF協議,宣告各自直連接口和環回口(略)
完成EBGP和IBGP配置
以AR1爲例:
bgp 100
router-id 11.1.1.1
timer keepalive 50 hold 150
peer 12.1.1.2 as-number 200
#
ipv4-family unicast
undo synchronization
network 11.1.1.1 255.255.255.255
peer 12.1.1.2 enable
AR2:
bgp 200
router-id 22.1.1.1
peer 12.1.1.1 as-number 100
peer 33.1.1.1 as-number 200
peer 33.1.1.1 connect-interface LoopBack0
peer 44.1.1.1 as-number 200
peer 44.1.1.1 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 12.1.1.1 enable
peer 33.1.1.1 enable
peer 33.1.1.1 next-hop-local
peer 44.1.1.1 enable
peer 44.1.1.1 next-hop-local
(1)自動聚合
對BGP引入的子網路由進行自然掩碼聚合。配置自動聚合後,生成聚合後的自然網段路由,而原引入的子網路由被抑制,不會被優選和發佈給BGP鄰居。
在AR2上把OSPF學習到的路由引入到BGP協議中
AR2:
bgp 200
import-route ospf 1 //引入OSPF路由
[AR2]dis bgp routing-table //查看BGP路由表
BGP Local router ID is 22.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 7
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 10.1.1.0/24 0.0.0.0 2 0 ? ---問號代表重分佈引入路由
*> 11.1.1.1/32 12.1.1.1 0 0 100i
*> 22.1.1.1/32 0.0.0.0 0 0 ?
*> 23.1.1.0/24 0.0.0.0 0 0 ?
*> 33.1.1.1/32 0.0.0.0 1 0 ?
*> 44.1.1.1/32 0.0.0.0 2 0 ?
*>i 55.1.1.1/32 44.1.1.1 0 100 0 300i
此時在AR2上開啓自動彙總功能,配置如下
[AR2-bgp]summary automatic //開啓自動彙總
Info: Automatic summarization is valid only for the routes imported through the import-route command.
[AR2]dis bgp routing-table
BGP Local router ID is 22.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 14
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 10.0.0.0 127.0.0.1 0 ?
s> 10.1.1.0/24 0.0.0.0 2 0 ? //生成聚合後的自然網段路由,而原引入的子網路由被抑制,不會被優選和發佈給BGP鄰居。
*> 11.1.1.1/32 12.1.1.1 0 0 100i
*> 22.0.0.0 127.0.0.1 0 ?
s> 22.1.1.1/32 0.0.0.0 0 0 ?
*> 23.0.0.0 127.0.0.1 0 ?
s> 23.1.1.0/24 0.0.0.0 0 0 ?
*> 33.0.0.0 127.0.0.1 0 ?
s> 33.1.1.1/32 0.0.0.0 1 0 ?
*> 44.0.0.0 127.0.0.1 0 ?
s> 44.1.1.1/32 0.0.0.0 2 0 ?
*> 55.0.0.0 127.0.0.1 0 ?
s> 55.1.1.1/32 0.0.0.0 1 0 ?
* i 44.1.1.1 0 100 0 300i
[AR2]dis bgp routing-table 10.0.0.0
BGP local router ID : 22.1.1.1
Local AS number : 200
Paths: 1 available, 1 best, 1 select
BGP routing table entry information of 10.0.0.0/8:
Summary automatic route
Route Duration: 00h00m29s
Direct Out-interface: NULL0
Original nexthop: 127.0.0.1
Qos information : 0x0
AS-path Nil, origin incomplete, pref-val 0, valid, local, best, select, active, pre 255
Aggregator: AS 200, Aggregator ID 22.1.1.1
Advertised to such 3 peers:
44.1.1.1
33.1.1.1
12.1.1.1
[AR2]dis ip routing-table protocol bgp
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : BGP
Destinations : 7 Routes : 7
BGP routing table status : <Active>
Destinations : 7 Routes : 7
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.0.0/8 IBGP 255 0 D 127.0.0.1 NULL0 ===路由聚合以後,會產生指向NULL0空接口路由
11.1.1.1/32 EBGP 255 0 D 12.1.1.1 GigabitEthernet0/0/0
22.0.0.0/8 IBGP 255 0 D 127.0.0.1 NULL0
23.0.0.0/8 IBGP 255 0 D 127.0.0.1 NULL0
33.0.0.0/8 IBGP 255 0 D 127.0.0.1 NULL0
44.0.0.0/8 IBGP 255 0 D 127.0.0.1 NULL0
55.1.1.1/32 IBGP 255 0 RD 44.1.1.1 GigabitEthernet0/0/1
(2)手動聚合
手動聚合:
對BGP本地路由進行聚合。通常情況下,手動聚合的優先級高於自動聚合的優先級。缺省情況下手動聚合後會把明細路由和聚合路由一起發佈。
在AR1上新添加環回口地址 LO10 192.168.0.1/24、 LO11 192.168.1.1/24、 LO12 192.168.2.1/24 、LO13 192.168.3.1/24,然後將新增加4個環回接口宣告進BGP進程下,
[AR1]bgp 100
[AR1-bgp]net 192.168.0.0 24
[AR1-bgp]net 192.168.1.0 24
[AR1-bgp]net 192.168.2.0 24
[AR1-bgp]net 192.168.3.0 24
<AR2>dis bgp routing-table
BGP Local router ID is 22.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 11
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 10.1.1.0/24 0.0.0.0 2 0 ?
*> 11.1.1.1/32 12.1.1.1 0 0 100i
*> 22.1.1.1/32 0.0.0.0 0 0 ?
*> 23.1.1.0/24 0.0.0.0 0 0 ?
*> 33.1.1.1/32 0.0.0.0 1 0 ?
*> 44.1.1.1/32 0.0.0.0 2 0 ?
*>i 55.1.1.1/32 44.1.1.1 0 100 0 300i
*> 192.168.0.0 12.1.1.1 0 0 100i
*> 192.168.1.0 12.1.1.1 0 0 100i
*> 192.168.2.0 12.1.1.1 0 0 100i
*> 192.168.3.0 12.1.1.1 0 0 100i
在AR2上查看BGP路由表,學習到AR1宣告的192網段的4條明細路由,由於學習到大量的明細路由會佔用內存空間,需手工聚合,路由聚合如下配置:
爲了查看路由表,把AR2上OSPF引入BGP路由刪掉
[AR2]bgp 200
[AR2-bgp]aggregate ?
IP_ADDR<X.X.X.X> Aggregate address
[AR2-bgp]aggregate 192.168.0.0 255.255.252.0 ? //發佈所有聚合路由和被聚合的路由
as-set Generate the route with AS-SET path-attribute //發佈檢測環路的聚合路由
attribute-policy Set aggregation attributes / //設置聚合路由的屬性
detail-suppressed Filter more detail route from updates //只發布聚合路由
origin-policy Filter the originate routes of the aggregate //只將通過路由策略的路由生成聚合路由
suppress-policy Filter more detail route from updates through a Routing policy //只發布聚合路由和通過路由策略的被聚合的路由
<cr> Please press ENTER to execute command
(1) 發佈所有聚合路由和被聚合的路由
[AR2-bgp]aggregate 192.168.0.0 255.255.252.0
[AR2]dis bgp routing-table 192.168.0.0 255.255.252.0
BGP local router ID : 22.1.1.1
Local AS number : 200
Paths: 1 available, 1 best, 1 select
BGP routing table entry information of 192.168.0.0/22:
Aggregated route.
Route Duration: 00h00m30s
Direct Out-interface: NULL0
Original nexthop: 127.0.0.1
Qos information : 0x0
AS-path Nil, origin igp, pref-val 0, valid, local, best, select, active, pre 255
Aggregator: AS 200, Aggregator ID 22.1.1.1
Advertised to such 3 peers:
44.1.1.1
33.1.1.1
12.1.1.1
[AR1]dis bgp routing-table
BGP Local router ID is 11.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 7
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 11.1.1.1/32 0.0.0.0 0 0 i
*> 55.1.1.1/32 12.1.1.2 0 200 300i
*> 192.168.0.0/22 12.1.1.2 0 200i
*> 192.168.0.0 0.0.0.0 0 0 i
*> 192.168.1.0 0.0.0.0 0 0 i
*> 192.168.2.0 0.0.0.0 0 0 i
*> 192.168.3.0 0.0.0.0 0 0 i
(2)只發布聚合路由
[AR2-bgp]aggregate 192.168.0.0 22 detail-suppressed
[AR2]dis bgp routing-table
BGP Local router ID is 22.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 7
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 11.1.1.1/32 12.1.1.1 0 0 100i
*>i 55.1.1.1/32 44.1.1.1 0 100 0 300i
*> 192.168.0.0/22 127.0.0.1 0 i
s> 192.168.0.0 12.1.1.1 0 0 100i
s> 192.168.1.0 12.1.1.1 0 0 100i
s> 192.168.2.0 12.1.1.1 0 0 100i
s> 192.168.3.0 12.1.1.1 0 0 100i
[AR2]dis bgp routing-table peer 44.1.1.1 advertised-routes
BGP Local router ID is 22.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 11.1.1.1/32 22.1.1.1 0 100 0 100i
*> 192.168.0.0/22 22.1.1.1 100 0 i
(3)只發布聚合路由和通過路由策略的被聚合的路由
ip ip-prefix 192 index 10 permit 192.168.1.0 24
route-policy BGP permit node 10
if-match ip-prefix 192
[AR2-bgp] aggregate 192.168.0.0 255.255.252.0 detail-suppressed suppress-policy BGP
//只發布聚合路由和抑制被匹配的路由,但其他未通過策略的具體路由仍被通告。
[AR2]dis bgp routing-table
BGP Local router ID is 22.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 7
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 11.1.1.1/32 12.1.1.1 0 0 100i
*>i 55.1.1.1/32 44.1.1.1 0 100 0 300i
*> 192.168.0.0/22 127.0.0.1 0 i
*> 192.168.0.0 12.1.1.1 0 0 100i
s> 192.168.1.0 12.1.1.1 0 0 100i
*> 192.168.2.0 12.1.1.1 0 0 100i
*> 192.168.3.0 12.1.1.1 0 0 100i
[AR2]dis ip ip-prefix 192
Prefix-list 192
Permitted 1
Denied 3
index: 10 permit 192.168.1.0/24
[AR2]
[AR2]dis route-policy BGP
Route-policy : BGP
permit : 10 (matched counts: 1)
Match clauses :
if-match ip-prefix 192
(4)發佈檢測環路的聚合路由
爲了避免路由聚合可能引起的路由環路,BGP設計了AS_Set屬性。
AS_Set屬性是一種無序的AS_Path屬性,標明聚合路由所經過的AS號。當聚合路由重新進入AS_Set屬性中列出的任何一個AS時,BGP將會檢測到自己的AS號在聚合路由的AS_Set屬性中,於是會丟棄該聚合路由,從而避免了路由環路的形成。
[AR2-bgp]aggregate 192.168.0.0 255.255.252.0 detail-suppressed suppress-policy BGP as-set
[AR2]dis bgp routing-table 192.168.0.0 22
BGP local router ID : 22.1.1.1
Local AS number : 200
Paths: 1 available, 1 best, 1 select
BGP routing table entry information of 192.168.0.0/22:
Aggregated route.
Route Duration: 00h00m08s
Direct Out-interface: NULL0
Original nexthop: 127.0.0.1
Qos information : 0x0
AS-path 100, origin igp, pref-val 0, valid, local, best, select, active, pre 255
Aggregator: AS 200, Aggregator ID 22.1.1.1
Advertised to such 3 peers:
44.1.1.1
33.1.1.1
12.1.1.1
<AR4>dis bgp routing-table
BGP Local router ID is 44.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 11.1.1.1/32 22.1.1.1 0 100 0 100i
*> 55.1.1.1/32 45.1.1.5 0 0 300i
*>i 192.168.0.0/22 22.1.1.1 100 0 100i
*>i 192.168.0.0 22.1.1.1 0 100 0 100i
*>i 192.168.2.0 22.1.1.1 0 100 0 100i
*>i 192.168.3.0 22.1.1.1 0 100 0 100i
此時由於還原起源AS-path的屬性,R1就不會學習到彙總以後的路由。
<AR1>dis bgp routing-table
BGP Local router ID is 11.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 11.1.1.1/32 0.0.0.0 0 0 i
*> 55.1.1.1/32 12.1.1.2 0 200 300i
*> 192.168.0.0 0.0.0.0 0 0 i
*> 192.168.1.0 0.0.0.0 0 0 i
*> 192.168.2.0 0.0.0.0 0 0 i
*> 192.168.3.0 0.0.0.0 0 0 i
(4)設置聚合路由的屬性:給彙總路由設置community
[AR2-bgp] aggregate 192.168.0.0 255.255.252.0 detail-suppressed suppress-policy BGP attribute-policy ORN
route-policy ORN permit node 10
apply origin incomplete //設置origin 屬性
[AR2]dis bgp routing-table
BGP Local router ID is 22.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 7
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 11.1.1.1/32 12.1.1.1 0 0 100i
*>i 55.1.1.1/32 44.1.1.1 0 100 0 300i
*> 192.168.0.0/22 127.0.0.1 0 100?
*> 192.168.0.0 12.1.1.1 0 0 100i
s> 192.168.1.0 12.1.1.1 0 0 100i
*> 192.168.2.0 12.1.1.1 0 0 100i
*> 192.168.3.0 12.1.1.1 0 0 100i
[AR2]dis bgp routing-table 192.168.0.0 22
BGP local router ID : 22.1.1.1
Local AS number : 200
Paths: 1 available, 1 best, 1 select
BGP routing table entry information of 192.168.0.0/22:
Aggregated route.
Route Duration: 00h01m32s
Direct Out-interface: NULL0
Original nexthop: 127.0.0.1
Qos information : 0x0
AS-path 100, origin incomplete, pref-val 0, valid, local, best, select, active, pre 255
Aggregator: AS 200, Aggregator ID 22.1.1.1
Advertised to such 3 peers:
44.1.1.1
33.1.1.1
12.1.1.1
(5)只將通過路由策略的路由生成聚合路由
有條件的聚合,僅僅在匹配route-policy時纔會產生聚合路由
如果BGP路由表中存在需要彙總的明細路由,纔會生成聚合的路由,同時抑制匹配的到明細路由。
ip ip-prefix 194 index 10 permit 192.168.3.0 24
route-policy ORI permit node 10
if-match ip-prefix 194
[AR2-bgp] aggregate 192.168.0.0 255.255.252.0 detail-suppressed origin-policy ORI
<AR2>dis route-policy ORI
Route-policy : ORI
permit : 10 (matched counts: 10)
Match clauses :
if-match ip-prefix 194
<AR2>dis bgp routing-table
BGP Local router ID is 22.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 8
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 11.1.1.1/32 12.1.1.1 0 0 100i
*>i 55.1.1.1/32 44.1.1.1 0 100 0 300i
*> 192.168.0.0/22 127.0.0.1 0 i
*> 192.168.0.0 12.1.1.1 0 0 100i
*> 192.168.1.0 12.1.1.1 0 0 100i
*> 192.168.2.0 12.1.1.1 0 0 100i
s> 192.168.3.0 12.1.1.1 0 0 100i