• Using the most influential attribute, configure SW1 so that traffic from AS 300 going to AS 54 prefixes originated in AS 54 exits towards R3, and that traffic from AS 300 going to networks originated in AS 254 networks exits towards R6.
Notes
The purpose of the BGP bestpath procedure is to select optimal paths based on administrative preferences while maintaining the following properties:
1) Routing Loop detection. The best paths selected should form a loop-free topology. BGP implements this by filtering prefixes with the AS number matching the local AS in the AS_PATH attributes.
2) Deterministic path selection. All BGP routers under the same conditions (e.g. all IBGP speakers configured similarly) must select the same best paths.
3) Routing table stability. The best path selection procedure should not result in constant oscillating route insertion and removals.
4) Information flooding minimization. A BGP speaker only sends the best paths to its neighbors. This significantly reduces the amount of update flooding, saving bandwidth and CPU cycles.
Before the procedure runs, the bestpath process excludes some prefixes based on the following criteria:
1) No valid next hop. This is the most common cause for the prefix being ignored by the selection process. BGP prefixes carry their next-hop is a separate attribute (NEXT_HOP attribute). If the next-hop address is NOT reachable via IGP, the prefix is marked as invalid and is not considered. Most often this happens with eBGP learned prefixes when you forget to enter the command nex-hop-self
or advertise the link subnet into IGP/BGP.
2) BGP Synchronization enabled and the prefix is not in the IGP table. The bestpath process will ignore this prefix. This is a legacy restriction, but you may occasionally run into it, when using BGP synchronization.
3) Prefixes from the neighbor that has the local AS number in the AS_PATH attribute are dropped. This is the well-known BGP loop detection mechanism.
For every group, BGP must elect the best path. Here is a short outline of the steps performed by the selection process.
Every step is tried if the previous one cannot reveal the best path:
1) Ignore invalid paths (no valid next hop, not synchronized, looped).
2) Prefer path with the highest locally assigned weight value.
3) Prefer path with the highest Local Preference attribute value.
4) Prefer locally originated prefixes (i.e. originated via the network, aggregate address or redistribution commands).
5) Prefer path with the shortest AS_PATH attribute length
6) Prefer path with the lowest numerical value of the Origin code (IGP < EGP < Incomplete)
7) Prefer path with the lowest MED attribute value (provided that the first AS in the list is the same).
8) Prefer external BGP paths over Internal
9) Prefer path with the smallest IGP metric to reach the NEXT_HOP IP address
10) Prefer path originated from the router with the lowest BGP Router ID
Configuration
SW1:
no ip as-path access-list 1
no ip as-path access-list 2
ip as-path access-list 1 permit _54$
ip as-path access-list 2 permit _254$
!
route-map FROM_R6 permit 10
match as-path 2
set weight 1000
!
route-map FROM_R6 permit 100
!
route-map FROM_R3 permit 10
match as-path 1
set weight 1000
!
route-map FROM_R3 permit 100
!
router bgp 300
neighbor 155.1.67.6 route-map FROM_R6 in
neighbor 155.1.37.3 route-map FROM_R3 in
--------------------------------------------------------------
在這個Lab裡透過控制SW1的BGP weight就可以改變路由。
例如原本SW1原本路徑為:
(AS300)SW1-----AS100(R6)-----AS54
(AS300)SW1-----AS200(R3)-----AS254
因為某些因素所以我們想改變SW路徑為:
(AS300)SW1-----AS200(R3)-----AS100-----AS54
(AS300)SW1-----AS100(R6)-----AS200-----AS254
最後結果如下:
Rack1SW1#show ip bgp
BGP table version is 19, local router ID is 150.1.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 28.119.16.0/24 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 28.119.17.0/24 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
* 112.0.0.0 155.1.37.3 0 200 100 54 50 60 i
*> 155.1.67.6 0 100 54 50 60 i
* 113.0.0.0 155.1.37.3 0 200 100 54 50 60 i
*> 155.1.67.6 0 100 54 50 60 i
*> 114.0.0.0 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 115.0.0.0 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 116.0.0.0 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 117.0.0.0 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 118.0.0.0 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 119.0.0.0 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 155.1.0.0 155.1.37.3 155 200 100 i
* 155.1.67.6 0 0 100 i
* 205.90.31.0 155.1.37.3 0 200 254 ?
*> 155.1.67.6 1000 100 200 254 ?
* 220.20.3.0 155.1.37.3 0 200 254 ?
*> 155.1.67.6 1000 100 200 254 ?
* 222.22.2.0 155.1.37.3 0 200 254 ?
*> 155.1.67.6 1000 100 200 254 ?
Rack1SW1#
這叫做捨近求遠...但很奇怪的是
(AS300)SW1-----AS200(R3)-----AS100-----AS54
Rack1SW1# traceroute 28.119.16.1
Type escape sequence to abort.
Tracing the route to 28.119.16.1
1 155.1.37.3 [AS 100] 17 msec 8 msec 17 msec
2 155.1.13.1 [AS 100] 33 msec 17 msec 25 msec
3 155.1.146.4 [AS 100] 34 msec 34 msec 42 msec
4 204.12.1.254 50 msec 42 msec 50 msec
Rack1SW1#
(AS300)SW1-----AS100(R6)-----AS200-----AS254
Rack1SW1# traceroute 222.22.2.1
Type escape sequence to abort.
Tracing the route to 222.22.2.1
1 155.1.67.6 [AS 100] 9 msec 16 msec 9 msec
2 155.1.146.1 [AS 100] 25 msec 25 msec 25 msec
3 155.1.13.3 [AS 100] 25 msec 9 msec 8 msec
4 155.1.23.2 [AS 100] 25 msec 17 msec 25 msec
5 192.10.1.254 34 msec 42 msec 33 msec
Rack1SW1#
啊怎麼都是[AS100],上網查了一下,
發現SW1針對回應的IP是參考BGP Table裡的原生AS Number
----------> 而是參考BGP Table裡的最短路徑。
於是我又做了一個小動作。。。讓R2與AS254間的介面路由 inject BGP...
Rack1R2#sh run | b router eigrp
router eigrp 1
redistribute connected metric 1 1 1 1 1 route-map BGP_NEXT_HOP
passive-interface FastEthernet0/0
network 150.1.0.0
network 155.1.0.0
network 192.10.1.2 0.0.0.0
no auto-summary
!
router bgp 200
no synchronization
bgp log-neighbor-changes
network 192.10.1.0
neighbor 155.1.0.5 remote-as 200
neighbor 155.1.23.3 remote-as 200
neighbor 192.10.1.254 remote-as 254
neighbor 192.10.1.254 password CISCO
no auto-summary
!
這樣子一來就會讓SW1上的BGP Table呈現如下的狀態:
Rack1SW1#show ip bgp
BGP table version is 20, local router ID is 150.1.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 28.119.16.0/24 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 28.119.17.0/24 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
* 112.0.0.0 155.1.37.3 0 200 100 54 50 60 i
*> 155.1.67.6 0 100 54 50 60 i
* 113.0.0.0 155.1.37.3 0 200 100 54 50 60 i
*> 155.1.67.6 0 100 54 50 60 i
*> 114.0.0.0 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 115.0.0.0 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 116.0.0.0 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 117.0.0.0 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 118.0.0.0 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 119.0.0.0 155.1.37.3 1000 200 100 54 i
* 155.1.67.6 0 100 54 i
*> 155.1.0.0 155.1.37.3 155 200 100 i
* 155.1.67.6 0 0 100 i
* 192.10.1.0 155.1.67.6 0 100 200 i
*> 155.1.37.3 0 200 i
* 205.90.31.0 155.1.37.3 0 200 254 ?
*> 155.1.67.6 1000 100 200 254 ?
* 220.20.3.0 155.1.37.3 0 200 254 ?
*> 155.1.67.6 1000 100 200 254 ?
Network Next Hop Metric LocPrf Weight Path
* 222.22.2.0 155.1.37.3 0 200 254 ?
*> 155.1.67.6 1000 100 200 254 ?
Rack1SW1#
所以剛剛的trace就變成:
(AS300)SW1-----AS200(R3)-----AS100-----AS54
Rack1SW1#traceroute 28.119.16.1
Type escape sequence to abort.
Tracing the route to 28.119.16.1
1 155.1.37.3 [AS 100] 16 msec 9 msec 8 msec
2 155.1.13.1 [AS 100] 42 msec 17 msec 17 msec
3 155.1.146.4 [AS 100] 33 msec 34 msec 33 msec
4 204.12.1.254 51 msec 50 msec 42 msec
(AS300)SW1-----AS100(R6)-----AS200-----AS254
Rack1SW1#traceroute 222.22.2.1
Type escape sequence to abort.
Tracing the route to 222.22.2.1
1 155.1.67.6 [AS 100] 17 msec 9 msec 8 msec
2 155.1.146.1 [AS 100] 34 msec 16 msec 26 msec
3 155.1.13.3 [AS 100] 16 msec 25 msec 9 msec
4 155.1.23.2 [AS 100] 17 msec 25 msec 17 msec
5 192.10.1.254 [AS 200] 50 msec 33 msec 26 msec
Rack1SW1#
沒有留言:
張貼留言