1:通常情况下,BGP会检查对等体发来的路由的AS_PATH属性,如果其中已存在本地AS号,则BGP会忽略此路由,以免形成路由环路。
但是,在某些特殊的组网环境下(如MPLS L3VPN的Hub&Spoke组网),需要允许本地AS号在接收路由的AS_PATH属性中出现,否则无法正确发布路由。通过本配置,可以允许本地AS号在所接收的路由的AS_PATH属性中出现,并可同时配置允许出现的次数。
2: 在MPLS L3VPN中,如果PE和CE之间运行EBGP,由于BGP使用AS号检测路由环路,为保证路由信息的正确发送,需要为物理位置不同的站点分配不同的AS号。
如果物理分散的CE复用相同的AS号,就应该在PE上配置BGP的AS号替换功能。此功能是BGP的出口策略,在发布路由时有效。
使能了BGP的AS号替换功能后,当PE向指定对等体(CE)发布路由时,如果路由的AS_PATH中存在CE所在的AS号,则PE将该AS号替换成PE的AS号后,再发布该路由
R1配置:
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface GigabitEthernet0/0
port link-mode route
ip address 12.1.1.1 255.255.255.0
bgp 100
network 1.1.1.1 255.255.255.255
undo synchronization
peer 12.1.1.2 as-number 200
R2配置:
version 5.20, Release 2509, Standard
#
sysname R2
#
mpls lsr-id 2.2.2.2
#
ip vpn-instance vpn1
route-distinguisher 1:1
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
mpls
#
mpls ldp
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
interface GigabitEthernet0/0
port link-mode route
ip binding vpn-instance vpn1
ip address 12.1.1.2 255.255.255.0
#
interface GigabitEthernet0/1
port link-mode route
ip address 24.1.1.1 255.255.255.0
mpls
mpls ldp
#
bgp 200 //和R4建立普通BGP邻居
undo synchronization
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
#
ipv4-family vpn-instance vpn1 //和R1建立邻居
peer 12.1.1.1 as-number 100
#
ipv4-family vpnv4 //和R4使能传递VPNv4能力
peer 4.4.4.4 enable
#
ospf 1
area 0.0.0.0
network 24.1.1.0 0.0.0.255
network 2.2.2.2 0.0.0.0
#
上述配置形成的邻居关系分别是:
* - Dynamically created peer
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
4.4.4.4 200 23 29 0 0 00:25:33 Established
BGP local router ID : 24.1.1.1
Local AS number : 200
Total number of peers : 1 Peers in established state : 1
* - Dynamically created peer
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
BGP local router ID : 24.1.1.1
Local AS number : 200
Total number of peers : 1 Peers in established state : 1
* - Dynamically created peer
Peer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
12.1.1.1 100 34 30 0 1 00:31:52 Established
R3和R4配置对称,不赘述
此时查看BGP路由表:
Total Number of Routes: 1
BGP Local router ID is 34.1.1.1
Status codes: * - valid, ^ - VPN best, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 3.3.3.3/32 0.0.0.0 0 0 i
Total Number of Routes: 2
BGP Local router ID is 34.1.1.2
Status codes: * - valid, ^ - VPN best, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 1.1.1.1/32 2.2.2.2 0 100 0 100i
*^> 3.3.3.3/32 34.1.1.1 0 0 100i
//而R4上能学习到1.1.1.1路由,最优
下面三种方式可以让R3学习到1.1.1.1的路由:
1) 号码变换
[R4-bgp-ipv4-vpn1]peer 34.1.1.1 substitute-as //R4上配置
Total Number of Routes: 2
BGP Local router ID is 34.1.1.1
Status codes: * - valid, ^ - VPN best, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 1.1.1.1/32 34.1.1.2 0 200 200i
2) Allow-as-loop
[R3-bgp]peer 34.1.1.2 allow-as-loop //在R3配置
[R3-bgp]display bgp routing-table
Total Number of Routes: 2
BGP Local router ID is 34.1.1.1
Status codes: * - valid, ^ - VPN best, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 1.1.1.1/32 34.1.1.2 0 200 100i
* > 3.3.3.3/32 0.0.0.0 0 0 i
3)route-policy //R4配置,改变原始AS编号
#
ip ip-prefix 1 index 10 permit 1.1.1.1 32
route-policy ggx permit node 10
if-match ip-prefix 1
apply as-path 300 400 replace
ipv4-family vpn-instance vpn1
peer 34.1.1.1 as-number 100
peer 34.1.1.1 route-policy ggx export
[R3]display bgp routing-table
Total Number of Routes: 2
BGP Local router ID is 34.1.1.1
Status codes: * - valid, ^ - VPN best, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 1.1.1.1/32 34.1.1.2 0 200 300
400i
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作