交换机BGP对等体组路由策略和对等体策略发布机制

不涉及

BGP视图下可以同时对对等体组和对等体发布路由策略，这两个策略是如何相互影响的

A和B直连建立EBGP邻居关系，配置如下

[A]dis cu c bgp

#

bgp 100

router-id 1.1.1.1

group vpna external

peer vpna as-number 200

peer 11.1.1.2 group vpna

peer 12.1.1.2 group vpna

peer 13.1.1.2 group vpna

#

address-family ipv4 unicast

 network 10.0.0.1 255.255.255.255//引入路由

  peer vpna enable

#

return

[B]dis cu  c bgp

#

bgp 200

router-id 2.2.2.2

#

ip vpn-instance vpna

  peer 11.1.1.1 as-number 100

  #

  address-family ipv4 unicast

   peer 11.1.1.1 enable

#

ip vpn-instance vpnb

  peer 12.1.1.1 as-number 100

  #

  address-family ipv4 unicast

   peer 12.1.1.1 enable

#

ip vpn-instance vpnc

  peer 13.1.1.1 as-number 100

  #

  address-family ipv4 unicast

   peer 13.1.1.1 enable

#

return

B上看所有路由med为0

[B]dis bgp routing-table ipv4 vpn-instance vpna

…

* >e 10.0.0.1/32        11.1.1.1        0                     0       100i

[B]dis bgp routing-table ipv4 vpn-instance vpnb

…

* >e 10.0.0.1/32        12.1.1.1        0                     0       100i

[B]dis bgp routing-table ipv4 vpn-instance vpnc

…

* >e 10.0.0.1/32        13.1.1.1        0                     0       100i

A建两个策略，设cost值为200和400

[A]dis route-policy

Route-policy: 123

  Permit : 10

         if-match ip address acl 3001

         apply cost 200

Route-policy: 234

  Permit : 10

         if-match ip address acl 3001

         apply cost 400

A上对对等体组发布策略

[A-bgp-default-ipv4]peer vpna route-policy 123 export

B上看med均为200

<B>dis bgp rou ipv4 vpn-instance vpnb

…

* >e 10.0.0.1/32        12.1.1.1        200                   0       100i

<B>dis bgp rou ipv4 vpn-instance vpnc

…

* >e 10.0.0.1/32        13.1.1.1        200                   0       100i

<B>dis bgp rou ipv4 vpn-instance vpna

…

* >e 10.0.0.1/32        11.1.1.1        200                   0       100i

A上继续对13.1.1.1对等体发布路由策略

[A-bgp-default-ipv4]peer 13.1.1.2 route-policy 234 export

B上看VPNC的med变为400，精细控制生效

<B>dis bgp rou ipv4 vpn-instance vpna

…

* >e 10.0.0.1/32        11.1.1.1        200                   0       100i

<B>dis bgp rou ipv4 vpn-instance vpnb

…

* >e 10.0.0.1/32        12.1.1.1        200                   0       100i

<B>dis bgp rou ipv4 vpn-instance vpnc

…

* >e 10.0.0.1/32        13.1.1.1        400                   0       100i

对等体组策略增删会导致单一对等体策略被删除

[spine-bgp-default-ipv4]dis th

#

 #

 address-family ipv4 unicast

  network 1.1.1.1 255.255.255.255

  peer ebgp enable

  peer ebgp route-policy 123 export

  peer 11.1.1.2 route-policy 234 export

#

return

[spine-bgp-default-ipv4]undo peer ebgp route-policy 123 export//删除组策略

[spine-bgp-default-ipv4]dis th

#

 #

 address-family ipv4 unicast//对等体策略被删除

  network 1.1.1.1 255.255.255.255

  peer ebgp enable

#

return

[spine-bgp-default-ipv4]peer 11.1.1.2 route-policy 234 export//添加对等体策略

[spine-bgp-default-ipv4]dis th

#

 #

 address-family ipv4 unicast

  network 1.1.1.1 255.255.255.255

  peer ebgp enable

  peer 11.1.1.2 route-policy 234 export//已添加

#

return

[spine-bgp-default-ipv4]peer ebgp route-policy 123 export//添加对等体组策略

[spine-bgp-default-ipv4]dis th

#

 #

 address-family ipv4 unicast

  network 1.1.1.1 255.255.255.255

  peer ebgp enable

  peer ebgp route-policy 123 export//对等体策略添加成功，对等体策略被删除

#

return

1）经实验验证，对单一对等体邻居发布的策略优于对对等体组发布的策略

2）对等体组增删策略会导致对单一对等体策略被删除 

上述实验的得出的结论本质是由于交换价实现方式决定的：

1）后发布的策略生效

2）对对等体组发布策略时，底层会对每个对等体发布一次相同的策略

先发布对等体组（对等体ABC）发布策略1，底层对每个对等体发布了策略1，然后对对等体A发布策略2，此时对等体A的策略刷新为策略2，BC仍为侧略1，最后删除对等体组策略1，此时ABC的全部策略都被删除；

先发布对等体A发布策略2，此时底层对A发布了策略2，然后对等体组发布策略1，此时，ABC全部刷新为策略1。