BGP中通过通告汇聚路由、具体路由可以实现多宿主的主备或负载均衡,以下先记录主备形式。
案例一:多链路(主备),多宿主(Multi-Homing)
思路:
针对多链路(主备),采用发布sumary-only的aggregate route;针对单ISP,使用med影响入流量;使用local-pref属性影响出流量。
案例分析:
一、针对出流量,可以使用浮动静态路由直接指向不同的链路;也可以要求ISP发送默认路由,且通过不同的Local-Preference接受并往内部发送主链路的默认路由。注意:这里没有考虑R1接受路由的情况;
二、针对入流量,由于是单ISP,可以采用med影响ISP的eBGP路由选择;
三、可以使用BGP+aggregation的方式。从主、备两条链路发送AS内的网络汇总到ISP,且通过不同的MED,对返回流量进行控制;
具体操作:蓝色部分为本地,黄色为ISP;24.0.0.0/24为主链路,35.0.0.0/24为备用链路
一、R1向外发布
二、R2、R3分别与R4、R5建立eBGP连接;
三、不考虑AS-PATH对其他AS的影响,针对BGP公告汇总路由可采用两种方式:使用aggregate-address命令加summary-only参数,或者使用静态路由+network方式。由于aggregate-address可通过as-set保留as-set信息,建议使用aggregate-address和summary-only方式;
四、使用route-map SET_LOCAL_PREF in,修改两个入口Local-Pref值,确保出流量采用主链路;同时使用route-map SET_MED out,修改两个出口的med值,确保入流量采用主链路。
主要配置:(R2、R3配置相似,R4、R5配置相似)
hostname R1
!
interface Loopback0
ip address 1.0.0.1 255.255.255.0
!
interface Loopback1
ip address 1.0.1.1 255.255.255.0
!
interface Loopback2
ip address 1.0.2.1 255.255.255.0
!
interface Loopback3
ip address 1.0.3.1 255.255.255.0
!
interface Serial0/0
description To Gateway R2
ip address 172.16.12.1 255.255.255.0
!
interface Serial0/1
description To Gateway R3
ip address 172.16.13.1 255.255.255.0
!
router eigrp 65001
passive-interface Loopback0
passive-interface Loopback1
passive-interface Loopback2
passive-interface Loopback3
network 1.0.0.0 0.0.3.255
network 172.16.12.1 0.0.0.0
network 172.16.13.1 0.0.0.0
no auto-summary
eigrp router-id 1.1.1.1
!
end
-------------------------------------------
hostname R2
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Serial0/0
ip address 172.16.12.2 255.255.255.0
!
interface Serial0/1
ip address 172.16.23.2 255.255.255.0
!
interface Serial0/2
description To ISP R4
ip address 24.0.0.2 255.255.255.0
!
router eigrp 65001
network 2.2.2.2 0.0.0.0
network 172.16.12.2 0.0.0.0
network 172.16.23.2 0.0.0.0
passive-interface Loopback0
no auto-summary
eigrp router-id 2.2.2.2
!
router bgp 65001
no synchronization
bgp router-id 2.2.2.2
bgp log-neighbor-changes
network 1.0.0.0 mask 255.255.255.0
network 1.0.1.0 mask 255.255.255.0
network 1.0.2.0 mask 255.255.255.0
network 1.0.3.0 mask 255.255.255.0
aggregate-address 1.0.0.0 255.255.252.0 summary-only
neighbor Local_AS peer-group
neighbor Local_AS remote-as 65001
neighbor Local_AS update-source Loopback0
neighbor Local_AS next-hop-self
neighbor REMOTE_1 peer-group
neighbor REMOTE_1 remote-as 1
neighbor REMOTE_1 route-map SET_LOCAL_PREF in
neighbor REMOTE_1 route-map SET_MED out
neighbor 3.3.3.3 peer-group Local_AS
neighbor 24.0.0.4 peer-group REMOTE_1
no auto-summary
!
ip as-path access-list 10 permit ^$
!
ip prefix-list BGP_AGGREGATE seq 5 permit 1.0.0.0/22
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
!
route-map SET_LOCAL_PREF permit 10
match ip address prefix-list DEFAULT
set local-preference 200
!
route-map SET_LOCAL_PREF permit 20
!
route-map SET_MED permit 10
match ip address prefix-list BGP_AGGREGATE
set metric 200
!
route-map SET_MED permit 20
match as-path 10
!
end
-------------------------------------------------------
hostname R4
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface Serial0/0
ip address 24.0.0.4 255.255.255.0
!
interface Serial0/1
ip address 45.0.0.4 255.255.255.0
!
router bgp 1
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
neighbor REMOTE_65001 peer-group
neighbor REMOTE_65001 remote-as 65001
neighbor REMOTE_65001 default-originate
neighbor LOCAL_AS peer-group
neighbor LOCAL_AS remote-as 1
neighbor LOCAL_AS update-source Loopback0
neighbor LOCAL_AS next-hop-self
neighbor 5.5.5.5 peer-group LOCAL_AS
neighbor 24.0.0.2 peer-group REMOTE_65001
no auto-summary
!
ip route 5.5.5.5 255.255.255.255 Serial0/1
!
end
说明:当没有红色字体部分语句时,R4、R5接收所有AS内部路由:
R4#show ip route bgp
1.0.0.0/24 is subnetted, 4 subnets
B 1.0.1.0 [20/ 2297856] via 24.0.0.2, 00:04:01 //BGP使用EIGRP作为其metric
B 1.0.0.0 [20/2297856] via 24.0.0.2, 00:04:01
B 1.0.3.0 [20/2297856] via 24.0.0.2, 00:04:01
B 1.0.2.0 [20/2297856] via 24.0.0.2, 00:04:01
R5#show ip route bgp
1.0.0.0/24 is subnetted, 4 subnets
B 1.0.1.0 [20/2297856] via 35.0.0.3, 00:00:55
B 1.0.0.0 [20/2297856] via 35.0.0.3, 00:00:55
B 1.0.3.0 [20/2297856] via 35.0.0.3, 00:00:55
B 1.0.2.0 [20/2297856] via 35.0.0.3, 00:00:55
采用了aggregate-address summary-only后,所有具体路由均被抑制,并产生atomic-aggregate标记,以表示该路由为汇总路由;
R2#show ip bgp 1.0.0.0 255.255.255.0
BGP routing table entry for 1.0.0.0/24, version 13
Paths: (1 available, best #1, table Default-IP-Routing-Table, Advertisements suppressed by an aggregate.)
Not advertised to any peer
Local
172.16.12.1 from 0.0.0.0 (2.2.2.2)
Origin IGP, metric 2297856, localpref 100, weight 32768, valid, sourced, local, best
R2#show ip bgp 1.0.0.0 255.255.252.0
BGP routing table entry for 1.0.0.0/22, version 12
Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to update-groups:
1 2
Local, (aggregated by 65001 3.3.3.3)
3.3.3.3 (metric 2297856) from 3.3.3.3 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, atomic-aggregate
Local, (aggregated by 65001 2.2.2.2)
0.0.0.0 from 0.0.0.0 (2.2.2.2)
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, atomic-aggregate, best
ISP端R4、R5的路由表减少了路由数目:
R4#show ip route bgp
1.0.0.0/22 is subnetted, 1 subnets
B 1.0.0.0 [20/ 0] via 24.0.0.2, 00:01:13 ////BGP使用Connected作为其metric
R5#show ip route bgp
1.0.0.0/22 is subnetted, 1 subnets
B 1.0.0.0 [20/0] via 35.0.0.3, 00:00:51
虽然成功减少了ISP路由表的大小,但是这里并没有实现主备链路的功能,所有R5接收到的数据包仍旧通过eBGP转发到R3,我们的目的是所有数据包都往R2发送。因此我们使用绿色字体的配置修改从ISP发送过来默认路由的local-pref值,使本地所有出流量发送至R2;使用蓝色字体的配置修改发送到ISP汇总路由的MED值,使其选择R2为本地目的地的下一跳。
R4#show ip bgp
Network Next Hop Metric LocPrf Weight Path
*> 1.0.0.0/22 24.0.0.2 200 0 65001 i
show ip bgp
Network Next Hop Metric LocPrf Weight Path
*>i1.0.0.0/22 4.4.4.4 200 100 0 65001 i
* 35.0.0.3 300 0 65001 i
案例总结:采用多链路(主备)形式作为出口的,可使所有出口通告同样的汇聚路由,并修改MED属性使外部路由器选择最优路由。