BGP advanced experiment

Summary of experiment related knowledge points ：

1) stay BGP Agreement , There is a routing entry that cannot be excellent ; hypothesis R4 There is a non in the routing table BGP The resulting arrival 5.5.5.5 The routing entry for , And this entry is used for R4 And R5 establish BGP Neighborhood ; After that R5 Let's talk about it again 5.5.5.5 The route of is BGP The agreement was declared , The entry arrives at R4 There will be no superior , Unavailable ;
adopt BGP Learned routing , And local and peer establishment BGP The routing entries of neighbors are consistent , The entry will not be good , Can't pass, can't add table ;

2）BGP The announcement problem ：

AS Internal operation IGP The router of carries out network segment announcement internally , adopt AS Other operations in BGP The router of the protocol turns the way
— BGP The device can declare routing entries from any source in the local routing table ;
Suggest a AS All operations in BGP Protocol routing , All declare this AS The routing ;

3）BGP Of summary automatic problem -- Auto summarize questions
stay BGP The automatic summary function in the agreement is off by default ; After opening , Yes BGP The route announced normally has no effect ;
For from IGP Republish to BGP The routing , An impact ;
[r2]bgp 2
[r2-bgp]import-route ospf 1

stay BGP The understanding of announcement and reissue in the agreement ：
The declaration is to list the local route in the local route table one by one IGP The route generated by the protocol is republished to BGP in ;
Republishing is to batch the local routing table IGP The route of the protocol origin is announced to BGP Agreement ;
Routes generated in two ways , Among its attributes, only the origin attribute is different , The route origin code declared one by one is better ;

from IGP Reissue BGP The routing entry for ,ASBR If automatic summary is enabled for the equipment , This route will not carry the original mask , Pass by main class mask , Do not carry ASBR Metrics for reaching these routes ; After auto summary is turned off , Will carry the mask and metrics ; Therefore, it is recommended not to turn on automatic summary , Off by default ;

4）BGP Manual summary of – polymerization
【1】 No BGP The summary scheme provided by the agreement , It's using BGP The characteristics of the announcement — Routes from any source in the local routing table , Can be declared to bgp Agreement
Do not declare details item by item , Instead, configure the... That arrives at the summary network segment on the summary router first Static empty interface routing ; And then because of BGP You can declare routing entries from any source in the local routing table , Therefore, the summary equipment can directly announce the empty interface routing network segment in the local routing table ;

If the first aggregation configuration scheme is used , Need to be in EBGP Send aggregation entries between neighbors at the same time , Then send the detailed items , Just announce it directly ;— Because it is announced that the detailed equipment will carry cost value , Lead to other AS, Wrong route , Therefore, the administrator needs to make a clear judgment before announcing ;
Announcement is not good , Those who do not declare are better

【2】BGP Self contained aggregation scheme ：
First declare the local detailed route one by one , Then aggregate configuration ; The local will be controlled by BGP agreement Automatically generate air interface anti ring route ;

[r1]bgp 1
[r1-bgp]aggregate 100.1.0.0 22 At this time, details and aggregation items are shared to neighbors at the same time
[r1-bgp]aggregate 100.1.0.0 22 detail-suppressed Send only aggregate entries , All details are suppressed

【3】 Based on the second aggregation scheme , Interference method of routing transmission – Send aggregation entries simultaneously , Then send the detailed route of the part

「1」 Suppress list -- Use suppression list , Mark inhibited routes , After being marked , This route will not be delivered
「2」 Routing strategy
「3」 The prefix list -- When the distribution list and routing policy use

5） Conditional break IBGP Horizontal segmentation ;
for fear of IBGP Loop in environment , Therefore, using IBGP Horizontal segmentation ; From a IBGP Routes learned from neighbors cannot be passed to other local IBGP neighbor ; Lead in a AS In order to realize the normal transmission of routing , All operations are required BGP The devices of the protocol are established in pairs IBGP Neighborhood ;IBGP The amount of neighbor building configuration varies with BGP The increase in equipment increases exponentially , After breaking, the neighbor building configuration can be greatly reduced ;
The so-called conditional break means , When the administrator determines that there is no ring , And the neighbor relationship has the premise of backup , To break IBGP Horizontal segmentation ;

Breaking technology ：
**1、 Routing reflectors – RR（ Reflector ） Can be passed through IBGP The route passed by the neighbor is reflected to other local IBGP neighbor ; The properties of the reflected route remain unchanged ;RR Bad route received , Lost transitivity , Nature cannot be reflected ;
In the reflector protocol , There are three roles RR client Non client
requirement RR With local clients or non clients IBGP Neighborhood ;

Reflection rules ：
「1」RR From local EBGP Routes learned from neighbors , Can be shared with local clients 、 Non client 、 other EBGP neighbor
「2」RR Routes learned from local clients , It can be shared with other local clients 、 Non client 、EBGP neighbor
「3」RR Routes learned from local non clients , Can be shared to local clients 、EBGP neighbor , Cannot be shared with other non clients locally ;

2、 The federal
Through in a real AS in , Build small as（ Within the Federation AS） ; Small AS The number of is valid only in the Federation ; Can't tell the big AS; Small AS Inter federal EBGP Neighborhood .

summary ： When the reflector is used separately from the Federation , Both have a large amount of configuration ; Therefore, it is used in practical engineering , The two schemes are configured simultaneously after collaboration ;

The knowledge reserve is complete , Start the experiment —>>>

The experimental requirements ：


First step ：
planning IP As well as the configuration IP
AS2 Each internal router loopback interface IP Respectively
R2: 172.16.2.0 24
R3: 172.16.3.0 24
R4: 172.16.4.0 24
R5: 172.16.5.0 24
R6: 172.16.6.0 24
R7: 172.16.7.0 24

Interface between internal links IP The network number is ：
R2—R3: 172.16.0.0/30
R3—R4: 172.16.0.4/30
R2—R5: 172.16.0.8/30
R5—R6: 172.16.0.12/30
R6—R7: 172.16.0.16/30
R4—R7: 172.16.0.20/30

IP To configure ：

R1:
GigabitEthernet0/0/0              12.1.1.1/24          up         up          
LoopBack0                         192.168.1.1/24       up         up(s)     
LoopBack1                         10.1.1.1/24          up         up(s)    
R2:
GigabitEthernet0/0/0              12.1.1.2/24          up         up        
GigabitEthernet0/0/1              172.16.0.1/30        up         up        
GigabitEthernet0/0/2              172.16.0.9/30        up         up        
LoopBack0                         172.16.2.1/24        up         up(s)  
R3:
GigabitEthernet0/0/0              172.16.0.2/30        up         up        
GigabitEthernet0/0/1              172.16.0.5/30        up         up          
LoopBack0                         172.16.3.1/24        up         up(s) 
R4:
GigabitEthernet0/0/0              172.16.0.6/30        up         up        
GigabitEthernet0/0/1              172.16.0.21/30       up         up        
LoopBack0                         172.16.4.1/24        up         up(s)  
R5:
GigabitEthernet0/0/0              172.16.0.13/30       up         up        
GigabitEthernet0/0/1              172.16.0.10/30       up         up          
LoopBack0                         172.16.5.1/24        up         up(s) 
R6:
GigabitEthernet0/0/0              172.16.0.13/30       up         up        
GigabitEthernet0/0/1              172.16.0.10/30       up         up             
LoopBack0                         172.16.5.1/24        up         up(s) 
R7:
GigabitEthernet0/0/0              172.16.0.22/30       up         up        
GigabitEthernet0/0/1              172.16.0.18/30       up         up        
GigabitEthernet0/0/2              78.1.1.1/24          up         up        
LoopBack0                         172.16.7.1/24        up         up(s)
R8:
GigabitEthernet0/0/0              78.1.1.2/24          up         up         
LoopBack0                         192.168.2.1/24       up         up(s)     
LoopBack1                         10.1.2.1/24          up         up(s) 

The second step ：
stay AS2 Run in OSPF agreement ：
Because the physical interface network segment and loopback of each router are 172.16.0.0 In segment , Therefore, only one route table can be declared ：

[r3]ospf 1 router-id 3.3.3.3 
[r3-ospf-1]area 0
[r3-ospf-1-area-0.0.0.0]net 172.16.0.0 0.0.255.255
 The rest is except Router-ID outside , All the same 

test ：

The third step ：
Next run BGP agreement ：
Apply routing reflectors and Federation solutions BGP Horizontal segmentation of

AS1 Of R1 On ：
bgp 1
router-id 1.1.1.1
peer 12.1.1.2 as-number 2 

AS2：
R2：
bgp 64512
 router-id 2.2.2.2
 confederation id 2
 confederation peer-as 64513
 peer 12.1.1.1 as-number 1 
 peer 172.16.3.1 as-number 64512 
 peer 172.16.3.1 connect-interface LoopBack0
 peer 172.16.5.1 as-number 64513 
 peer 172.16.5.1 ebgp-max-hop 2 
 peer 172.16.5.1 connect-interface LoopBack0
 #
  peer 172.16.3.1 next-hop-local 
  peer 172.16.5.1 next-hop-local
 
R3：
bgp 64512
 router-id 3.3.3.3
 confederation id 2
 peer 172.16.2.1 as-number 64512 
 peer 172.16.2.1 connect-interface LoopBack0
 peer 172.16.4.1 as-number 64512 
 peer 172.16.4.1 connect-interface LoopBack0

R4：
bgp 64512
 router-id 4.4.4.4
 confederation id 2
 confederation peer-as 64513
 peer 172.16.3.1 as-number 64512 
 peer 172.16.3.1 connect-interface LoopBack0
 peer 172.16.7.1 as-number 64513 
 peer 172.16.7.1 ebgp-max-hop 2 
 peer 172.16.7.1 connect-interface LoopBack0

R5:
bgp 64513
 router-id 5.5.5.5
 confederation id 2
 confederation peer-as 64512
 peer 172.16.2.1 as-number 64512 
 peer 172.16.2.1 ebgp-max-hop 2 
 peer 172.16.2.1 connect-interface LoopBack0
 peer 172.16.6.1 as-number 64513 
 peer 172.16.6.1 connect-interface LoopBack0

R6:
bgp 64513
 confederation id 2
 peer 172.16.5.1 as-number 64513 
 peer 172.16.5.1 connect-interface LoopBack0
 peer 172.16.7.1 as-number 64513 
 peer 172.16.7.1 connect-interface LoopBack0
 #
  peer 172.16.7.1 reflect-client  # RR 172.16.7.1 by R6 The customer 

R7:
bgp 64513
 router-id 7.7.7.7
 confederation id 2
 confederation peer-as 64512
 peer 78.1.1.2 as-number 3 
 peer 172.16.4.1 as-number 64512 
 peer 172.16.4.1 ebgp-max-hop 2 
 peer 172.16.4.1 connect-interface LoopBack0
 peer 172.16.6.1 as-number 64513 
 peer 172.16.6.1 connect-interface LoopBack0
 #
  network 172.16.0.0 255.255.248.0 
  peer 172.16.4.1 next-hop-local  #  Modify the lower body bar jump 
  peer 172.16.6.1 next-hop-local  
R8:
bgp 3
 router-id 8.8.8.8
 peer 78.1.1.1 as-number 2 

testing bgp Neighborhood ：
R1:

R2:

R3:

R4:

R5:

R6:

R7:

R8:
Step four ：
stay BGP Declare the network segment ：

[r2]ip route-static 172.16.0.0 21 NULL 0 # R2 Configure empty interface on 
network 172.16.0.0 255.255.248.0 # stay R2 To announce IP
 In order to reduce the link bandwidth occupied by black hole routing , stay R7 Make the same configuration on 
[r7]ip route-static 172.16.0.0 21 NULL 0 

network 10.1.1.0 255.255.255.0 
network 10.1.2.0 255.255.255.0 

test ：
stay R1 On :ping -a 10.1.1.1 10.1.2.1

Step five ：
Next , We are not announcing 192.168.1.0 and 192.168.2.0 In the case of network segment , Let it pass ：
First , We are R1 and R8 On the establishment of VPN, Achieve communication , By writing static routes , With Tunnel For the next communication

[r1]int t0/0/0
[r1-Tunnel0/0/0]ip add 10.1.3.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre
[r1-Tunnel0/0/0]source 10.1.1.1
[r1-Tunnel0/0/0]destination 10.1.2.1

[R8]int t0/0/0
[R8-Tunnel0/0/0]ip add 10.1.3.2 24
[R8-Tunnel0/0/0]tunnel-protocol gre
[R8-Tunnel0/0/0]source 10.1.2.1
[R8-Tunnel0/0/0]destination 10.1.1.1

 static state ：
[r1]ip route-static 192.168.2.0 24 10.1.3.2
[R8]ip route-static 192.168.1.0 24 10.1.3.1

The last step , test ：

thus , End of experimental configuration ！