BGP條件式通告功能
簡介
本檔案介紹邊界閘道通訊協定(BGP)條件通告功能,此功能提供額外的路由通告控制,這取決於BGP表中是否有其他字首。
必要條件
需求
思科建議您瞭解以下主題:
- 獨立於平台
採用元件
本文中的資訊係根據以下軟體和硬體版本:
- IOS
- IOS-XE
- ASR1000
本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除(預設)的組態來啟動。如果您的網路運作中,請確保您瞭解任何指令可能造成的影響。
設定
配置R1、R2和R3。此處提供了配置。
網路圖表
組態
R1配置:
!
hostname R1
!
ip cef
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
ip address 1.1.1.2 255.255.255.255
!
interface Loopback2
ip address 1.1.1.3 255.255.255.255
!
interface Loopback3
ip address 1.1.1.4 255.255.255.255
!
interface Loopback4
ip address 1.1.1.5 255.255.255.255
!
interface Loopback100
ip address 10.139.224.1 255.255.240.0
!
interface Ethernet0/0
ip address 10.10.12.1 255.255.255.0
!
router bgp 1
bgp log-neighbor-changes
neighbor 10.10.12.2 remote-as 2
!
address-family ipv4
network 0.0.0.0 route-map DEF
network 1.1.1.1 mask 255.255.255.255 route-map RM1
network 1.1.1.5 mask 255.255.255.255
redistribute connected route-map CUST
neighbor 10.10.12.2 activate
neighbor 10.10.12.2 send-community
neighbor 10.10.12.2 soft-reconfiguration inbound
exit-address-family
!
ip forward-protocol nd
!
ip bgp-community new-format
ip route 0.0.0.0 0.0.0.0 Null0
!
ip prefix-list CUST seq 5 permit 10.139.224.0/20
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
ip prefix-list PL1 seq 5 permit 1.1.1.1/32
!
route-map CUST permit 10
match ip address prefix-list CUST
set community 64671:501
!
route-map RM1 permit 10
match ip address prefix-list PL1
set community 64952:3008
!
route-map DEF permit 10
match ip address prefix-list DEFAULT
set community 64848:3011 65011:200 65013:200
!
end
R2配置:
! hostname R2 ! ip cef ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface Ethernet0/0 ip address 10.10.12.2 255.255.255.0 ! interface Ethernet0/1 ip address 10.10.23.2 255.255.255.0 ! router bgp 2 bgp log-neighbor-changes neighbor 10.10.12.1 remote-as 1 neighbor 10.10.23.3 remote-as 3 ! address-family ipv4 neighbor 10.10.12.1 activate neighbor 10.10.12.1 soft-reconfiguration inbound neighbor 10.10.23.3 activate neighbor 10.10.23.3 send-community neighbor 10.10.23.3 advertise-map ADV-MAP exist-map EXIST-MAP <<< This statement changes in non-exist-map neighbor 10.10.23.3 soft-reconfiguration inbound exit-address-family ! ip forward-protocol nd ! ip bgp-community new-format ip community-list standard DEFAULT-ROUTE permit 65013:200 ip community-list standard DC1-ROUTES permit 64952:3008 ip community-list standard DC2-ROUTES permit 64671:501 ip community-list standard DC3-ROUTES permit 64950:3009 ip community-list standard DEFAULT-ROUTE-DENY deny 65013:200 ! ! ip prefix-list DEFAULT seq 5 permit 1.1.1.5/32 ip prefix-list DEFAULT seq 10 permit 1.1.1.1/32 ! ip prefix-list EXIST seq 5 permit 10.10.10.10/32 ! ip prefix-list DEFAULT-ROUTE seq 5 permit 0.0.0.0/0 ! ip prefix-list DEFAULT-ROUTE-DENY seq 5 deny 0.0.0.0/0 ! ip prefix-list IP1 seq 5 permit 10.139.224.0/20 ! ip prefix-list T2 seq 5 permit 1.1.1.5/32 ! route-map ADV-MAP permit 10 match ip address prefix-list IP1 ! route-map ADV-MAP permit 20 match community DC1-ROUTES DC2-ROUTES DC3-ROUTES ! route-map EXIST-MAP permit 10 description Verify Default Route from MDC-SWG match ip address prefix-list DEFAULT-ROUTE IP1 match community DEFAULT-ROUTE ! ! end
R3配置:
! hostname R3 ! ip cef ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface Ethernet0/1 ip address 10.10.23.3 255.255.255.0 shutdown ! router bgp 3 bgp log-neighbor-changes neighbor 10.10.23.2 remote-as 2 ! address-family ipv4 neighbor 10.10.23.2 activate neighbor 10.10.23.2 send-community neighbor 10.10.23.2 soft-reconfiguration inbound exit-address-family ! ip forward-protocol nd ! ip bgp-community new-format ! ! end
驗證
條件1:
如果BGP RIB中沒有預設路由,則R2不應通告某些路由。
如果BGP RIB中存在預設路由,R2應通告所有路由。
使用存在對映
條件2:
如果BGP RIB中沒有預設路由,R2應通告所有路由。
如果BGP RIB中存在預設路由,則R2不應通告某些路由。
使用不存在的對映
R1#show ip bgp
BGP table version is 7, local router ID is 10.139.224.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 0.0.0.0 0 32768 i
*> 1.1.1.1/32 0.0.0.0 0 32768 i
*> 1.1.1.5/32 0.0.0.0 0 32768 i
*> 10.139.224.0/20 0.0.0.0 0 32768 ?
R2#show ip bgp
BGP table version is 11, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 10.10.12.1 0 0 1 i
*> 1.1.1.1/32 10.10.12.1 0 0 1 i
*> 1.1.1.5/32 10.10.12.1 0 0 1 i
*> 10.139.224.0/20 10.10.12.1 0 0 1 ?
R2#show ip bgp 0.0.0.0
BGP routing table entry for 0.0.0.0/0, version 9
Paths: (1 available, best #1, table default)
Advertised to update-groups:
1
Refresh Epoch 1
1, (received & used)
10.10.12.1 from 10.10.12.1 (10.139.224.1)
Origin IGP, metric 0, localpref 100, valid, external, best
Community: 64848:3011 65011:200 65013:200
rx pathid: 0, tx pathid: 0x0
R2#show ip bgp neighbors 10.10.23.3 advertised-routes
BGP table version is 11, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 10.10.12.1 0 0 1 i
*> 1.1.1.1/32 10.10.12.1 0 0 1 i
*> 1.1.1.5/32 10.10.12.1 0 0 1 i
*> 10.139.224.0/20 10.10.12.1 0 0 1 ?
Total number of prefixes 4
Condition1 Verification:
======================== If default route is not present in BGP RIB, R2 should not advertise certain routes.
If default route is present in BGP RIB, R2 should advertise all the routes. Use exist-map
R2's BGP Configuration:
=======================
R2#show running-config | sec bgp
router bgp 2
bgp log-neighbor-changes
neighbor 10.10.12.1 remote-as 1
neighbor 10.10.23.3 remote-as 3
!
address-family ipv4
neighbor 10.10.12.1 activate
neighbor 10.10.12.1 soft-reconfiguration inbound
neighbor 10.10.23.3 activate
neighbor 10.10.23.3 send-community
neighbor 10.10.23.3 advertise-map ADV-MAP exist-map EXIST-MAP
neighbor 10.10.23.3 soft-reconfiguration inbound
exit-address-family
ip bgp-community new-format
When Default route is removed from R2's BGP RIB:
================================================ *Mar 6 09:07:08.833: BGP(0): 10.10.12.1 rcv UPDATE about 0.0.0.0/0 -- withdrawn *Mar 6 09:07:08.833: BGP(0): no valid path for 0.0.0.0/0 *Mar 6 09:07:08.833: BGP: topo global:IPv4 Unicast:base Remove_fwdroute for 0.0.0.0/0 *Mar 6 09:07:08.833: BGP(0): (base) 10.10.23.3 send unreachable (format) 0.0.0.0/0 *Mar 6 09:07:21.280: BPG(0): Condition EXIST-MAP changes to Withdraw *Mar 6 09:07:21.353: BGP(0): net 1.1.1.1/32 matches ADV MAP ADV-MAP: bump version to 13 *Mar 6 09:07:21.353: BGP(0): net 10.139.224.0/20 matches ADV MAP ADV-MAP: bump version to 14 *Mar 6 09:07:21.362: BGP(0): Revise route installing 1 of 1 routes for 1.1.1.1/32 -> 10.10.12.1(global) to main IP table *Mar 6 09:07:21.362: BGP(0): Revise route installing 1 of 1 routes for 10.139.224.0/20 -> 10.10.12.1(global) to main IP table *Mar 6 09:07:38.933: BGP(0): (base) 10.10.23.3 send unreachable (format) 1.1.1.1/32 *Mar 6 09:07:38.933: BGP(0): (base) 10.10.23.3 send unreachable (format) 10.139.224.0/20 R2#show ip bgp neighbors 10.10.23.3 advertised-routes BGP table version is 14, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 1.1.1.5/32 10.10.12.1 0 0 1 i Total number of prefixes 1 When Default route is added back into R2's BGP RIB:
=================================================== *Mar 6 09:15:22.883: BGP(0): 10.10.12.1 rcvd UPDATE w/ attr: nexthop 10.10.12.1, origin i, metric 0, merged path 1, AS_PATH , community 64848:3011 65011:200 65013:200 *Mar 6 09:15:22.883: BGP(0): 10.10.12.1 rcvd 0.0.0.0/0 *Mar 6 09:15:22.883: BGP(0): Revise route installing 1 of 1 routes for 0.0.0.0/0 -> 10.10.12.1(global) to main IP table *Mar 6 09:15:22.883: BGP(0): (base) 10.10.23.3 send UPDATE (format) 0.0.0.0/0, next 10.10.23.2, metric 0, path 1 *Mar 6 09:16:21.759: BPG(0): Condition EXIST-MAP changes to Advertise *Mar 6 09:16:21.759: BGP(0): net 1.1.1.1/32 matches ADV MAP ADV-MAP: bump version to 16 *Mar 6 09:16:21.759: BGP(0): net 10.139.224.0/20 matches ADV MAP ADV-MAP: bump version to 17 *Mar 6 09:16:21.768: BGP(0): Revise route installing 1 of 1 routes for 1.1.1.1/32 -> 10.10.12.1(global) to main IP table *Mar 6 09:16:21.769: BGP(0): Revise route installing 1 of 1 routes for 10.139.224.0/20 -> 10.10.12.1(global) to main IP table *Mar 6 09:16:21.769: BGP(0): (base) 10.10.23.3 send UPDATE (format) 1.1.1.1/32, next 10.10.23.2, metric 0, path 1 *Mar 6 09:16:21.769: BGP(0): (base) 10.10.23.3 send UPDATE (format) 10.139.224.0/20, next 10.10.23.2, metric 0, path 1 R2#show ip bgp neighbors 10.10.23.3 advertised-routes BGP table version is 17, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 0.0.0.0 10.10.12.1 0 0 1 i *> 1.1.1.1/32 10.10.12.1 0 0 1 i *> 1.1.1.5/32 10.10.12.1 0 0 1 i *> 10.139.224.0/20 10.10.12.1 0 0 1 ? Total number of prefixes 4
Condition2 Verification: ========================= If default route is not present in BGP RIB, R2 should advertise all the routes.
If default route is present in BGP RIB, R2 should not advertise certain routes. Use non-exist-map
R2's BGP Configuration:
=======================
R2#show running-config | sec bgp
router bgp 2
bgp log-neighbor-changes
neighbor 10.10.12.1 remote-as 1
neighbor 10.10.23.3 remote-as 3
!
address-family ipv4
neighbor 10.10.12.1 activate
neighbor 10.10.12.1 soft-reconfiguration inbound
neighbor 10.10.23.3 activate
neighbor 10.10.23.3 send-community
neighbor 10.10.23.3 advertise-map ADV-MAP non-exist-map EXIST-MAP
neighbor 10.10.23.3 soft-reconfiguration inbound
exit-address-family
ip bgp-community new-format
When Default route is removed from R2's BGP RIB: ================================================ *Mar 6 09:21:24.445: BGP(0): 10.10.12.1 rcv UPDATE about 0.0.0.0/0 -- withdrawn *Mar 6 09:21:24.445: BGP(0): no valid path for 0.0.0.0/0 *Mar 6 09:21:24.445: BGP: topo global:IPv4 Unicast:base Remove_fwdroute for 0.0.0.0/0 *Mar 6 09:21:24.445: BGP(0): (base) 10.10.23.3 send unreachable (format) 0.0.0.0/0 *Mar 6 09:22:22.050: BPG(0): Condition EXIST-MAP changes to Advertise *Mar 6 09:22:22.050: BGP(0): net 1.1.1.1/32 matches ADV MAP ADV-MAP: bump version to 21 *Mar 6 09:22:22.050: BGP(0): net 10.139.224.0/20 matches ADV MAP ADV-MAP: bump version to 22 *Mar 6 09:22:22.060: BGP(0): Revise route installing 1 of 1 routes for 1.1.1.1/32 -> 10.10.12.1(global) to main IP table *Mar 6 09:22:22.060: BGP(0): Revise route installing 1 of 1 routes for 10.139.224.0/20 -> 10.10.12.1(global) to main IP table *Mar 6 09:22:22.060: BGP(0): (base) 10.10.23.3 send UPDATE (format) 1.1.1.1/32, next 10.10.23.2, metric 0, path 1 *Mar 6 09:22:22.060: BGP(0): (base) 10.10.23.3 send UPDATE (format) 10.139.224.0/20, next 10.10.23.2, metric 0, path 1 R2#show ip bgp neighbors 10.10.23.3 advertised-routes BGP table version is 22, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 1.1.1.1/32 10.10.12.1 0 0 1 i *> 1.1.1.5/32 10.10.12.1 0 0 1 i *> 10.139.224.0/20 10.10.12.1 0 0 1 ? Total number of prefixes 3 When Default route is added back into R2's BGP RIB: ===================================================== *Mar 6 09:23:04.461: BGP(0): 10.10.12.1 rcvd UPDATE w/ attr: nexthop 10.10.12.1, origin i, metric 0, merged path 1, AS_PATH , community 64848:3011 65011:200 65013:200 *Mar 6 09:23:04.461: BGP(0): 10.10.12.1 rcvd 0.0.0.0/0 *Mar 6 09:23:04.461: BGP(0): Revise route installing 1 of 1 routes for 0.0.0.0/0 -> 10.10.12.1(global) to main IP table *Mar 6 09:23:04.461: BGP(0): (base) 10.10.23.3 send UPDATE (format) 0.0.0.0/0, next 10.10.23.2, metric 0, path 1 *Mar 6 09:23:22.090: BPG(0): Condition EXIST-MAP changes to Withdraw *Mar 6 09:23:22.090: BGP(0): net 1.1.1.1/32 matches ADV MAP ADV-MAP: bump version to 24 *Mar 6 09:23:22.090: BGP(0): net 10.139.224.0/20 matches ADV MAP ADV-MAP: bump version to 25 *Mar 6 09:23:22.103: BGP(0): Revise route installing 1 of 1 routes for 1.1.1.1/32 -> 10.10.12.1(global) to main IP table *Mar 6 09:23:22.103: BGP(0): Revise route installing 1 of 1 routes for 10.139.224.0/20 -> 10.10.12.1(global) to main IP table *Mar 6 09:23:35.248: BGP(0): (base) 10.10.23.3 send unreachable (format) 1.1.1.1/32 *Mar 6 09:23:35.248: BGP(0): (base) 10.10.23.3 send unreachable (format) 10.139.224.0/20 R2#show ip bgp neighbors 10.10.23.3 advertised-routes BGP table version is 25, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 0.0.0.0 10.10.12.1 0 0 1 i *> 1.1.1.5/32 10.10.12.1 0 0 1 i Total number of prefixes 2
| Exist-map狀態 |
Advertise-map狀態 |
|
| 如果存在預設路由。 |
條件匹配 |
廣告 |
| 如果不存在預設路由。 |
條件不匹配 |
已撤銷 |
| 不存在對映狀態 |
Advertise-map狀態 |
|
| 如果存在預設路由。 |
條件匹配 |
撤消 |
| 如果不存在預設路由。 |
條件不匹配 |
廣告 |
疑難排解
重要命令是debug ip bgp updates,它提供與BGP條件對映關聯的路由對映的後端移動。在大型網路中,使用ACL運行條件調試。
意見