RR的设计建议有一下几点:
1. 不要跨越非客户端建立客户端
2. 不要跨越客户端建立非客户端对等体
3. 客户端与非客户端之间不要建立IBGP会话
下面的实验说明了第一个设计建议:跨越非客户端建立客户端造成的路由环路。
拓扑如下:
R1处于AS100,其余所有路由器在AS200中。
AS2内部运行OSPF,各路由器将直连网段发布进ospf。
R5与R7之间没有对等体关系,R6与R8之间没有对等体关系,R7与R8之间没有对等体关系。
R5与R8之间跨越R7建立客户端对等体关系。
R6与R7之间跨越R8建立客户端对等体关系。
实线表示物理连接,虚线表示对等体连接。
基本配置如下:
R1发布10.1.1.0/24网段进BGP,R7,R8分别发布70.1.1.0/24,80.1.1.0/24网段进BGP已完成测试。
R1
R1#sh ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES manual up up
FastEthernet0/0.13 13.1.1.1 YES manual up up
FastEthernet0/0.14 14.1.1.1 YES manual up up
Loopback0 10.1.1.1 YES manual up up
R1#sh run | b router
router bgp 100
no synchronization
bgp router-id 1.1.1.1
bgp log-neighbor-changes
network 10.1.1.0 mask 255.255.255.0
neighbor 13.1.1.3 remote-as 200
neighbor 14.1.1.4 remote-as 200
no auto-summary
R3
R3#sh ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES manual up up
FastEthernet0/0.13 13.1.1.3 YES manual up up
FastEthernet0/0.35 35.1.1.3 YES manual up up
Loopback0 30.1.1.1 YES manual up up
R3#sh run | b router
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
network 35.1.1.0 0.0.0.255 area 0
!
router bgp 200
no synchronization
bgp router-id 3.3.3.3
bgp log-neighbor-changes
network 30.1.1.0 mask 255.255.255.0
neighbor 13.1.1.1 remote-as 100
neighbor 35.1.1.5 remote-as 200
neighbor 35.1.1.5 next-hop-self
no auto-summary
R4
R4#sh ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES manual up up
FastEthernet0/0.14 14.1.1.4 YES manual up up
FastEthernet0/0.46 46.1.1.4 YES manual up up
R4#sh run | b router
router ospf 10
router-id 4.4.4.4
log-adjacency-changes
network 46.1.1.0 0.0.0.255 area 0
!
router bgp 200
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
neighbor 14.1.1.1 remote-as 100
neighbor 46.1.1.6 remote-as 200
neighbor 46.1.1.6 next-hop-self
no auto-summary
R5
R5#sh ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES manual up up
FastEthernet0/0.35 35.1.1.5 YES manual up up
FastEthernet0/0.57 57.1.1.5 YES manual up up
R5#sh run | b router
router ospf 10
router-id 5.5.5.5
log-adjacency-changes
network 35.1.1.0 0.0.0.255 area 0
network 57.1.1.0 0.0.0.255 area 0
!
router bgp 200
no synchronization
bgp router-id 5.5.5.5
bgp log-neighbor-changes
neighbor 35.1.1.3 remote-as 200
neighbor 35.1.1.3 route-reflector-client
neighbor 68.1.1.6 remote-as 200
neighbor 78.1.1.8 remote-as 200
neighbor 78.1.1.8 route-reflector-client
no auto-summary
R6
R6#sh ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES manual up up
FastEthernet0/0.46 46.1.1.6 YES manual up up
FastEthernet0/0.68 68.1.1.6 YES manual up up
R6#sh run | b router
router ospf 10
router-id 6.6.6.6
log-adjacency-changes
network 46.1.1.0 0.0.0.255 area 0
network 68.1.1.0 0.0.0.255 area 0
!
router bgp 200
no synchronization
bgp router-id 6.6.6.6
bgp log-neighbor-changes
neighbor 46.1.1.4 remote-as 200
neighbor 46.1.1.4 route-reflector-client
neighbor 57.1.1.5 remote-as 200
neighbor 78.1.1.7 remote-as 200
neighbor 78.1.1.7 route-reflector-client
no auto-summary
R7
R7#sh ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES manual up up
FastEthernet0/0.57 57.1.1.7 YES manual up up
FastEthernet0/0.78 78.1.1.7 YES manual up up
Loopback0 70.1.1.1 YES manual up up
R7#sh run | b router
router ospf 10
router-id 7.7.7.7
log-adjacency-changes
network 57.1.1.0 0.0.0.255 area 0
network 78.1.1.0 0.0.0.255 area 0
!
router bgp 200
no synchronization
bgp router-id 7.7.7.7
bgp log-neighbor-changes
network 70.1.1.0 mask 255.255.255.0
neighbor 68.1.1.6 remote-as 200
no auto-summary
R8
R8#sh ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES manual up up
FastEthernet0/0.68 68.1.1.8 YES manual up up
FastEthernet0/0.78 78.1.1.8 YES manual up up
Loopback0 80.1.1.1 YES manual up up
R8#sh run | b router
router ospf 10
router-id 8.8.8.8
log-adjacency-changes
network 68.1.1.0 0.0.0.255 area 0
network 78.1.1.0 0.0.0.255 area 0
!
router bgp 200
no synchronization
bgp router-id 8.8.8.8
bgp log-neighbor-changes
network 80.1.1.0 mask 255.255.255.0
neighbor 57.1.1.5 remote-as 200
no auto-summary
网络配置完成后查看邻居建立是否正常,IGP是否收敛。
分析:
1. R1向R3和R4发送10.1.1.0/24前缀
2. R3,R4收到,修改下一跳后向自己的RR发送
3. 这里分析R5的情况。R5收到后会有一个路径决策过程,这里R6也会向它发送10.1.1.0/24的前缀,根据BGP路径决策的13个原则,R5最总选择IGP度量值最小的,即选择R3作为下一跳。然后它将这个最佳路径发往R6和R8。
4. 同理,R6最总选择的下一跳是R4。
5. 关键在于R7和R8。因为R7只能收到R6发来的更新,所以,它去往10.1.1.0/24的下一跳也是R4;同理R8去往10.1.1.0/24的下一跳是R3。
6. 这时要关注IGP了。见下文show输出。
R7#sh ip b 10.1.1.0
BGP routing table entry for 10.1.1.0/24, version 14
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
100
46.1.1.4 (metric 3) from 68.1.1.6 (6.6.6.6)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 4.4.4.4, Cluster list: 6.6.6.6
R7#sh ip rou 46.1.1.0
Routing entry for 46.1.1.0/24
Known via "ospf 10", distance 110, metric 3, type intra area
Last update from 78.1.1.8 on FastEthernet0/0.78, 00:54:26 ago
Routing Descriptor Blocks:
* 78.1.1.8, from 4.4.4.4, 00:54:26 ago, via FastEthernet0/0.78
Route metric is 3, traffic share count is 1
R7去往10.1.1.0/24的下一跳是46.1.1.4,即R4;去往46.1.1.4的下一跳是R8。(这个不难理解)
下面看看R8的路径输出
R8#sh ip b 10.1.1.0
BGP routing table entry for 10.1.1.0/24, version 12
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
100
35.1.1.3 (metric 3) from 57.1.1.5 (5.5.5.5)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 3.3.3.3, Cluster list: 5.5.5.5
R8#sh ip rou 35.1.1.0
Routing entry for 35.1.1.0/24
Known via "ospf 10", distance 110, metric 3, type intra area
Last update from 78.1.1.7 on FastEthernet0/0.78, 00:56:28 ago
Routing Descriptor Blocks:
* 78.1.1.7, from 3.3.3.3, 00:56:28 ago, via FastEthernet0/0.78
Route metric is 3, traffic share count is 1
R8去往10.1.1.0/24的下一跳是35.1.1.3,即R3,去往35.1.1.3的下一跳是R7!
好,到这里环路出现了!R7去往10.1.1.0/24网段的数据包发给了R8,R8把去往10.1.1.0/24的数据又发给了R7,数据包就在R7和R8之间来回倒腾,直到TTL超时。
下面用TRACEROOT命令可以比较直观的看出来数据是怎么倒来倒去的。
R8#traceroute
Protocol [ip]:
Target IP address: 10.1.1.1
Source address: 80.1.1.1
Numeric display [n]: 10
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]: 10
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 10.1.1.1
1 78.1.1.7 32 msec 40 msec 64 msec
2 78.1.1.8 72 msec 48 msec 60 msec
3 78.1.1.7 56 msec 48 msec 80 msec
4 78.1.1.8 108 msec 88 msec 80 msec
5 78.1.1.7 88 msec 112 msec 140 msec
6 78.1.1.8 108 msec 92 msec 152 msec
7 78.1.1.7 136 msec 152 msec 176 msec
8 78.1.1.8 140 msec 136 msec 132 msec
9 78.1.1.7 172 msec 156 msec 196 msec
10 78.1.1.8 196 msec 168 msec 184 msec