为什么iBGP的回环网络在AS中无效?
为什么iBGP的回环网络在AS中无效?
提问于 2021-03-24 12:38:56
这是我的测试拓扑:
这是我的路由器的详细配置:
display current-configuration
#
sysname R1
#
router id 1.1.1.1
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
#
firewall zone Local
priority 16
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Serial0/0/0
link-protocol ppp
#
interface Serial0/0/1
link-protocol ppp
#
interface Serial0/0/2
link-protocol ppp
#
interface Serial0/0/3
link-protocol ppp
#
interface GigabitEthernet0/0/0
ip address 10.1.12.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
wlan
#
interface NULL0
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface LoopBack1
ip address 100.1.1.1 255.255.255.255
#
interface LoopBack2
ip address 100.1.2.1 255.255.255.255
#
bgp 100
peer 10.1.12.2 as-number 200
#
ipv4-family unicast
undo synchronization
network 1.1.1.1 255.255.255.255
network 100.1.1.1 255.255.255.255
network 100.1.2.1 255.255.255.255
peer 10.1.12.2 enable
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
returndis current-configuration
#
sysname R2
#
router id 2.2.2.2
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
#
firewall zone Local
priority 16
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Serial0/0/0
link-protocol ppp
#
interface Serial0/0/1
link-protocol ppp
#
interface Serial0/0/2
link-protocol ppp
#
interface Serial0/0/3
link-protocol ppp
#
interface GigabitEthernet0/0/0
ip address 10.1.12.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 10.1.23.2 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
wlan
#
interface NULL0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
bgp 200
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
peer 10.1.12.1 as-number 100
#
ipv4-family unicast
undo synchronization
network 2.2.2.2 255.255.255.255
peer 3.3.3.3 enable
peer 3.3.3.3 next-hop-local
peer 4.4.4.4 enable
peer 4.4.4.4 next-hop-local
peer 10.1.12.1 enable
#
ospf 1
area 0.0.0.1
network 2.2.2.2 0.0.0.0
network 10.1.23.0 0.0.0.255
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
returndis current-configuration
#
sysname R3
#
router id 3.3.3.3
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
#
firewall zone Local
priority 16
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Serial0/0/0
link-protocol ppp
#
interface Serial0/0/1
link-protocol ppp
#
interface Serial0/0/2
link-protocol ppp
#
interface Serial0/0/3
link-protocol ppp
#
interface GigabitEthernet0/0/0
ip address 10.1.34.3 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 10.1.23.3 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
wlan
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
bgp 200
peer 2.2.2.2 as-number 200
peer 2.2.2.2 connect-interface LoopBack0
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 3.3.3.3 255.255.255.255
peer 2.2.2.2 enable
peer 4.4.4.4 enable
#
ospf 1
area 0.0.0.1
network 3.3.3.3 0.0.0.0
network 10.1.23.0 0.0.0.255
network 10.1.34.0 0.0.0.255
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
returndis current-configuration
#
sysname R4
#
router id 4.4.4.4
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
#
firewall zone Local
priority 16
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Serial0/0/0
link-protocol ppp
#
interface Serial0/0/1
link-protocol ppp
#
interface Serial0/0/2
link-protocol ppp
#
interface Serial0/0/3
link-protocol ppp
#
interface GigabitEthernet0/0/0
ip address 10.1.34.4 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
wlan
#
interface NULL0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
bgp 200
peer 2.2.2.2 as-number 200
peer 2.2.2.2 connect-interface LoopBack0
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
network 4.4.4.4 255.255.255.255
peer 2.2.2.2 enable
peer 3.3.3.3 enable
#
ospf 1
area 0.0.0.1
network 4.4.4.4 0.0.0.0
network 10.1.34.0 0.0.0.255
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
return问题是:
在我的选择中,所有的loopback's网络都将是valid(*),为什么会这样呢?
dis bgp routing-table
BGP Local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 4
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 1.1.1.1/32 0.0.0.0 0 0 i
*> 2.2.2.2/32 10.1.12.2 0 0 200i
*> 100.1.1.1/32 0.0.0.0 0 0 i
*> 100.1.2.1/32 0.0.0.0 0 0 idis bgp routing-table
BGP Local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 1.1.1.1/32 10.1.12.1 0 0 100i
*> 2.2.2.2/32 0.0.0.0 0 0 i
i 3.3.3.3/32 3.3.3.3 0 100 0 i
i 4.4.4.4/32 4.4.4.4 0 100 0 i
*> 100.1.1.1/32 10.1.12.1 0 0 100i
*> 100.1.2.1/32 10.1.12.1 0 0 100idis bgp routing-table
BGP Local router ID is 3.3.3.3
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 1.1.1.1/32 2.2.2.2 0 100 0 100i
i 2.2.2.2/32 2.2.2.2 0 100 0 i
*> 3.3.3.3/32 0.0.0.0 0 0 i
i 4.4.4.4/32 4.4.4.4 0 100 0 i
*>i 100.1.1.1/32 2.2.2.2 0 100 0 100i
*>i 100.1.2.1/32 2.2.2.2 0 100 0 100idis bgp routing-table
BGP Local router ID is 4.4.4.4
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 1.1.1.1/32 2.2.2.2 0 100 0 100i
i 2.2.2.2/32 2.2.2.2 0 100 0 i
i 3.3.3.3/32 3.3.3.3 0 100 0 i
*> 4.4.4.4/32 0.0.0.0 0 0 i
*>i 100.1.1.1/32 2.2.2.2 0 100 0 100i
*>i 100.1.2.1/32 2.2.2.2 0 100 0 100i编辑-01
我有几个问题:
- 当我在iBGP路由器R3上宣布
network 3.3.3.3 32时,是否意味着R3-iBGP学会了3.3.3.3/32? - 如果R1想访问
10.1.34.4/24,那么我需要在R2而不是R4或R3中宣布10.1.34.0/24,对吗? - 我仍然有一个疑问,当我在R3或R4
network 10.1.34.0 24,在R1,这是一个有效的路线,但为什么不3.3.3.3/32或4.4.4.4/32?我认为网络在AS方面没有什么不同。
回答 2
Network Engineering用户
发布于 2021-03-25 16:49:07
你的补充问题:
当我在iBGP路由器R3上宣布网络3.3.3.3 32时,是否意味着R3-iBGP学会了3.3.3.3/32?
您正在宣布3.3.3.3,所以是的,它在BGP表中。
如果R1想要访问10.1.34.4/24,那么我需要在R2而不是R4或R3中宣布10.1.34.0/24,对吗?
不是的。通常,您会从所有连接的路由器(R3和R4)上为网络做广告。但在这种情况下,R4依赖于R3来与R2对话,因此R4做广告的意义不大。R2将为通往R1的路线做广告,因为R1是一个eBGP对等方。
一个更好的解决方案是使R3成为路由反射器。
Network Engineering用户
发布于 2021-03-25 12:34:26
你知道iBGP规则吗?从iBGP学到的路由不能通过iBGP传递到另一个路由器。这是为了防止路由循环,以及为什么应该在AS中使用IGP。通过eBGP学习的路由可以在没有问题的情况下通过iBGP传递,但是通过iBGP学习的路由不能。
例如,R3通过iBGP学习R4回送不能通过iBGP告诉R2该回送,反之亦然。
有一些缓解措施,例如路由反射器和联盟,以绕过规则而不导致可能的循环。您可以将R3配置为路由反射器。实际上,您将在内部路由中使用IGP,并使用iBGP告诉路由器有关eBGP学习的路由。
页面原文内容由Network Engineering提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://networkengineering.stackexchange.com/questions/73144
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号