IP : 边界网关协议(BGP)

在单宿主和多宿主环境中加载 BGP 共享:示例配置

2015 年 8 月 28 日 - 机器翻译
其他版本: PDFpdf | 英语 (2015 年 4 月 22 日) | 反馈


目录


简介

负载共享允许路由器在多个路径中分配传出和传入流量。路径以静态方式或采用动态协议进行派生,如:

  • 路由信息协议 (RIP)

  • 增强型内部网关路由协议 (EIGRP)

  • 开放最短路径优先 (OSPF) 协议

  • 增强型内部网关路由协议(EIGRP)

在缺省情况下,边界网关协议(BGP)只选择一个最佳路径而不进行负载均衡。本文档说明如何使用 BGP 在不同情况下执行负载共享。有关负载均衡的其他信息,请参阅负载均衡的工作原理

先决条件

要求

尝试进行此配置之前,请确保满足以下要求:

使用的组件

本文档不限于特定的软件和硬件版本。

本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。

规则

有关文档规则的详细信息,请参阅 Cisco 技术提示规则

使用环回地址作为 BGP 邻居的负载共享

此方案显示有多个(最多六个)等成本链路时如何实现负载共享。链路终止在本地自治系统(AS)的一个路由器和在一远程AS的另一个路由器在一个单址的BGP环境。以网络图为例。

注意: 有关本文档所用命令的详细信息,请使用命令查找工具仅限注册用户)。

网络图

本部分使用以下网络设置:

/image/gif/paws/13762/40a.gif

配置

本部分使用以下配置:

路由器A
interface loopback 0
 ip address 1.1.1.1 255.255.255.0

interface serial 0
 ip address 160.20.20.1 255.255.255.0
 no ip route-cache
  
interface serial 1
 ip address 150.10.10.1 255.255.255.0
 no ip route-cache
  
router bgp 11
neighbor 2.2.2.2 remote-as 10
neighbor 2.2.2.2 update-source loopback 0

!--- Use the IP address of the loopback interface for TCP connections.

neighbor 2.2.2.2 ebgp-multihop

!--- You must configure ebgp-multihop whenever the external BGP (eBGP)
!--- connections are not on the same network address.


router eigrp 12
network 1.0.0.0
network 150.10.0.0
network 160.20.0.0
no auto-summary

路由器B
interface loopback 0
 ip address 2.2.2.2 255.255.255.0

interface serial 0
 ip address 160.20.20.2 255.255.255.0
 no ip route-cache

interface serial 1
 ip address 150.10.10.2 255.255.255.0
 no ip route-cache

router bgp 10
neighbor 1.1.1.1 remote-as 11
neighbor 1.1.1.1 update-source loopback 0

!--- Use the IP address of the loopback interface for TCP connections.


neighbor 1.1.1.1 ebgp-multihop

!--- You must configure ebgp-multihop whenever the eBGP connections
!--- are not on the same network address.

router eigrp 12
network 2.0.0.0
network 150.10.0.0
network 160.20.0.0
no auto-summary

注意: 可以使用静态路由代替路由协议,以便引入两个等成本路径以到达目标。在这种情况下,路由协议为 EIGRP。

验证

使用本部分可确认配置能否正常运行。

命令输出解释程序仅限注册用户)(OIT) 支持某些 show 命令。使用 OIT 可查看对 show 命令输出的分析。

show ip route 命令的输出表示,指向 2.2.2.0 网络的两个路径都是通过 EIGRP 获知的。traceroute 命令的输出结果表明负载被分配到两条串行链路上。在此方案中,负载共享是针对每个数据包逐一进行的。可以在串行接口发出 ip route-cache 命令,针对每个目标逐一执行负载共享。您还可以使用 Cisco 快速转发功能来配置基于包和目的地的负载均衡。有关如何配置 Cisco 快速转发的更多信息,请参阅配置 Cisco 快速转发

RouterA# show ip route

!--- Output suppressed.

Gateway of last resort is not set

     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
     2.0.0.0/24 is subnetted, 1 subnets
D       2.2.2.0 [90/2297856] via 150.10.10.2, 00:00:45, Serial1
                [90/2297856] via 160.20.20.2, 00:00:45, Serial0
     160.20.0.0/24 is subnetted, 1 subnets
C       160.20.20.0 is directly connected, Serial0
     150.10.0.0/24 is subnetted, 1 subnets
C       150.10.10.0 is directly connected, Serial1

RouterA# traceroute 2.2.2.2 

Type escape sequence to abort.
Tracing the route to 2.2.2.2

1 160.20.20.2 16 msec
    150.10.10.2 8 msec *

故障排除

目前没有针对此配置的故障排除信息。

通过一个本地路由器双重归属到一个网络 服务 提供商 (ISP)时的负载均衡

此方案显示当远程 AS 与本地 AS 之间存在多条链路时,如何实现负载共享。这些链路在本地 AS 的一个路由器中终止,并在单宿主 BGP 环境中远程 AS 的多个路由器中终止。我们使用下列网络图为例。

本示例配置采用 maximum-paths 命令。默认情况下,BGP 在通过一个 AS 获知的可能的等成本路径中选择一个最佳路径。但是,您可以更改允许的并行等成本路径的最大数量。为进行此更改,请在 BGP 配置中包括 maximum-paths paths 命令。对于 paths 参数,可使用 1 和 6 之间的数字。

网络图

本部分使用以下网络设置:

40b.gif

配置

本部分使用以下配置:

路由器A
interface Loopback0
 ip address 1.1.1.1 255.255.255.0
!
interface Serial 0
 ip address 160.20.20.1 255.255.255.0
!
!  
interface Serial 1
 ip address 150.10.10.1 255.255.255.0
!
! 
router bgp 11
neighbor 160.20.20.2 remote-as 10
neighbor 150.10.10.2 remote-as 10
network 1.0.0.0
maximum-paths 2

!--- This command specifies the maximum number of paths
!--- to install in the routing table for the specific destination.

路由器B
interface Ethernet0 
 ip address 2.2.2.1 255.255.255.0
!
interface Serial 0
 ip address 160.20.20.2 255.255.255.0
!
!
router bgp 10
neighbor 160.20.20.1 remote-as 11
network 2.0.0.0
auto-summary

RouterC
interface Ethernet0 
 ip address 2.2.2.2 255.255.255.0
!
interface Serial 1
 ip address 150.10.10.2 255.255.255.0
!
!
router bgp 10
neighbor 150.10.10.1 remote-as 11
network 2.0.0.0 
auto-summary

验证

使用本部分可确认配置能否正常运行。

命令输出解释程序仅限注册用户)(OIT) 支持某些 show 命令。使用 OIT 可查看对 show 命令输出的分析。

show ip route 命令的输出表示,指向 2.2.2.0 网络的两个路径都是通过 BGP 获知的。traceroute 命令的输出结果表明负载被分配到两条串行链路上。在此方案中,负载共享是针对每个目标逐一进行的。show ip bgp 命令可生成用于 2.0.0.0 网络的有效条目。

RouterA# show ip route

!--- Output suppressed.

Gateway of last resort is not set

     1.0.0.0/24 is subnetted, 1 subnets
C       1.1.1.0 is directly connected, Loopback0
B    2.0.0.0/8 [20/0] via 150.10.10.2, 00:04:23
               [20/0] via 160.20.20.2, 00:04:01
     160.20.0.0/24 is subnetted, 1 subnets
C       160.20.20.0 is directly connected, Serial0
     150.10.0.0/24 is subnetted, 1 subnets
C       150.10.10.0 is directly connected, Serial1
 
RouterA# traceroute 2.2.2.2 

Type escape sequence to abort.
Tracing the route to 2.2.2.2

1 160.20.20.2 16 msec
    150.10.10.2 8 msec * 

RouterA# show ip bgp

BGP table version is 3, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete 
	
Network 	Next Hop 	Metric 	LocPrf 	Weight Path    
*> 1.0.0.0 	0.0.0.0 	        	0 	32768  i    
*> 2.0.0.0 	160.20.20.2  0 			0 	10 i    
*               150.10.10.2  0 			0 	10 i

故障排除

目前没有针对此配置的故障排除信息。

通过多个本地路由器双重归属到一个ISP时的负载均衡

本节演示在通过多个本地路由器与同一个 ISP 有多个连接时如何实现负载平衡。两个 eBGP 对等体在两个单独的本地路由器终止。不可能实现这两条链路的负载均衡,因为 BGP 将在通过 eBGP 和内部 BGP (iBGP) 获知的网络中选择单一最佳路径。在指向 AS 10 的多个路径中进行负载共享是次佳选项。采用这种类型的负载共享,流向特定网络的流量将根据预定义的策略通过两条链路进行传输。此外,如果一条链路发生故障,另一条将充当其备份。

为简单起见,假定 AS 11 的 BGP 路由策略如下:

  • AS 11 接受来自 AS 10 的本地路由以及缺省情况下的其余互联网路由。

  • 出局数据流策略如下:

    • 所有从 R101 发往 Internet 的流量都经过 R101-R103 链路。

    • 如果 R101 至 R103 的链路中断,那么所有从 R101 发往互联网的业务就通过 R102 传输到 AS 10。

    • 同样,所有从 R102 发往 Internet 的流量都经过 R102-R104 链路。

    • 如果 R101 至 R104 间的链路中断,那么所有从 R102 发往互联网的业务就通过 R101 传输到 AS 10。

  • 入站数据流策略如下:

    • 从 Internet 发往网络 192.168.11.0/24 的流量应出自 R103-R101 链路。

    • 从 Internet 发往网络 192.168.12.0/24 的流量应出自 R104-R102 链路。

    • 如果指向 AS 10 的一条链路发生故障,另一条链路应将发往所有网络的流量从 Internet 路由回 AS 11。

为实现这一点,192.168.11.0 从 R101 到 R103 宣布的 AS_PATH 比从 R102 到 R104 宣布的更短。AS 10 找到了通过 R103-R101 链路的最佳路径。同样,192.168.12.0 通过 R102-R104 链路宣布的路径较短。对于绑定到 AS 11 中 192.168.12.0 的流量,AS 10 首选 R104-R102 链路。

对于出站流量,BGP 根据通过 eBGP 获知的路由确定最佳路径。与通过 iBGP 获知的路由相比,这些路由更为可取。因此,R101 通过 eBGP 从 R103 获知 10.10.34.0,通过 iBGP 从 R102 获知 10.10.34.0。选择外部路径而不是内部路径。因此,如果查看 R101 配置中的 BGP 表,指向 10.10.34.0 的路由将通过 R101-R103 链路,下一跳为 10.10.13.3。在 R102 中,指向 10.10.34.0 的路由将通过 R102-R104 链路,下一跳为 10.10.24.4。这样便可以实现发往 10.10.34.0 的流量的负载共享。类似的推论也适用于 R101 和 R102 的默认路由。有关 BGP 路径选择标准的详细信息,请参阅 BGP 最佳路径选择算法

网络图

本部分使用以下网络设置:

40c.gif

配置

本部分使用以下配置:

R101
hostname R101

!
interface Ethernet0/0
 ip address 192.168.11.1 255.255.255.0 secondary
 ip address 192.168.12.1 255.255.255.0
!
interface Serial8/0
 ip address 10.10.13.1 255.255.255.0
!
router bgp 11
 no synchronization
 bgp log-neighbor-changes
 network 192.168.11.0
 network 192.168.12.0
 neighbor 10.10.13.3 remote-as 10
 neighbor 10.10.13.3 route-map R101-103-MAP out

!--- The AS_PATH is increased for 192.168.12.0.

 neighbor 192.168.12.2 remote-as 11
 neighbor 192.168.12.2 next-hop-self
 maximum-paths 2
 no auto-summary
!
access-list 1 permit 192.168.12.0
access-list 2 permit 192.168.11.0
route-map R101-103-MAP permit 10
 match ip address 1
 set as-path prepend 11 11 11
!         
route-map R101-103-MAP permit 20
 match ip address 2

R102
hostname R102
!

interface Ethernet0/0
 ip address 192.168.11.2 255.255.255.0 secondary
 ip address 192.168.12.2 255.255.255.0
!
interface Serial8/0
 ip address 10.10.24.2 255.255.255.0
!
router bgp 11
 no synchronization
 bgp log-neighbor-changes
 network 192.168.11.0
 network 192.168.12.0
 neighbor 10.10.24.4 remote-as 10
 neighbor 10.10.24.4 route-map R102-104-MAP out

!--- The AS_PATH is increased for 192.168.11.0.

 neighbor 192.168.12.1 remote-as 11
 neighbor 192.168.12.1 next-hop-self
 no auto-summary
!
access-list 1 permit 192.168.11.0
access-list 2 permit 192.168.12.0
route-map R102-104-MAP permit 10
 match ip address 1
 set as-path prepend 11 11 11
!         
route-map R102-104-MAP permit 20
 match ip address 2
!

R103
hostname R103
!
interface Ethernet0/0
 ip address 10.10.34.3 255.255.255.0
!
interface Serial8/0
 ip address 10.10.13.3 255.255.255.0
!
router bgp 10
no synchronization
 bgp log-neighbor-changes
 network 10.10.34.0 mask 255.255.255.0
 neighbor 10.10.13.1 remote-as 11
 neighbor 10.10.13.1 default-originate
 neighbor 10.10.34.4 remote-as 10
 neighbor 10.10.34.4 next-hop-self
 no auto-summary
 !

R104
hostname R104
!

interface Ethernet0/0
 ip address 10.10.34.4 255.255.255.0

!
interface Serial8/0
 ip address 10.10.24.4 255.255.255.0
!
router bgp 10
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.10.24.2 remote-as 11
 neighbor 10.10.24.2 default-originate
 neighbor 10.10.34.3 remote-as 10
 neighbor 10.10.34.3 next-hop-self
 no auto-summary
!

验证

本部分所提供的信息可用于确认您的配置是否正常工作。

命令输出解释程序工具仅限注册用户)支持某些 show 命令,使用此工具可以查看对 show 命令输出的分析。

AS11 和 AS10 之间的两条链路都启动时验证

出站流量验证

注意: show ip bgp command output 中的大于号 (>) 表示可能的路径中用于该网络的最佳路径。有关详细信息,请参阅“BGP 最佳路径选择算法”。

R101 中的 BGP 表显示发往 Internet 的所有传出流量的最佳路径是通过 R101-R103 链路。show ip route 命令输出将确认路由表中的路由。

R101# show ip bgp

BGP table version is 5, local router ID is 192.168.12.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i0.0.0.0          192.168.12.2                  100      0 10 i
*>                  10.10.13.3                             0 10 i  
!--- This is the next hop of R103.

* i10.10.34.0/24    192.168.12.2                  100      0 10 i
*>                  10.10.13.3               0             0 10 i  
!--- This is the next hop of R103.

* i192.168.11.0     192.168.12.2             0    100      0 i
*>                  0.0.0.0                  0         32768 i
* i192.168.12.0     192.168.12.2             0    100      0 i
*>                  0.0.0.0                  0         32768 i

R101# show ip route

!--- Output suppressed.

Gateway of last resort is 10.10.13.3 to network 0.0.0.0

C    192.168.12.0/24 is directly connected, Ethernet0/0
C    192.168.11.0/24 is directly connected, Ethernet0/0
     10.0.0.0/24 is subnetted, 2 subnets
C       10.10.13.0 is directly connected, Serial8/0
B       10.10.34.0 [20/0] via 10.10.13.3, 00:08:53 
!--- This is the next hop of R103.

B*   0.0.0.0/0 [20/0] via 10.10.13.3, 00:08:53     
!--- This is the next hop of R103.

下面是 R102 的 BGP 和路由表。根据策略,R102 应通过 R102-R104 链路将所有流量路由到 AS 10:

R102# show ip bgp

BGP table version is 7, local router ID is 192.168.12.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          10.10.24.4                             0 10 i   
!--- This is the next hop of R104.

* i                 192.168.12.1                  100      0 10 i
*> 10.10.34.0/24    10.10.24.4                             0 10 i   
!--- This is the next hop of R104.

* i                 192.168.12.1             0    100      0 10 i
* i192.168.11.0     192.168.12.1             0    100      0 i
*>                  0.0.0.0                  0         32768 i
* i192.168.12.0     192.168.12.1             0    100      0 i
*>                  0.0.0.0                  0         32768 i

R102# show ip route

!--- Output suppressed.

Gateway of last resort is 10.10.24.4 to network 0.0.0.0

C    192.168.12.0/24 is directly connected, Ethernet0/0
C    192.168.11.0/24 is directly connected, Ethernet0/0
     10.0.0.0/24 is subnetted, 2 subnets
C       10.10.24.0 is directly connected, Serial8/0
B       10.10.34.0 [20/0] via 10.10.24.4, 00:11:21   
!--- This is the next hop of R104.

B*   0.0.0.0/0 [20/0] via 10.10.24.4, 00:11:21       
!--- This is the next hop of R104.

从 AS 10 到 AS 11 的入站流量验证

网络 192.168.11.0 和 192.168.12.0 都属于 AS 11。根据策略,对于发往网络 192.168.11.0 的流量,AS 11 应首选 R103-R101 链路,对于发往网络 192.168.12.0 的流量,则首选 R104-R102 链路。

R103# show ip bgp

BGP table version is 4, local router ID is 10.10.34.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.34.0/24    0.0.0.0                  0         32768 i
*> 192.168.11.0     10.10.13.1               0             0 11 i             
!--- The next hop is R101.

*  192.168.12.0     10.10.13.1               0             0 11 11 11 11 i   
*>i                 10.10.34.4               0    100      0 11 i             
!--- The next hop is R104.


R103# show ip route

!--- Output suppressed.

Gateway of last resort is not set

B    192.168.12.0/24 [200/0] via 10.10.34.4, 00:04:46  
!--- The next hop is R104.

B    192.168.11.0/24 [20/0] via 10.10.13.1, 00:04:46   
!--- The next hop is R101.

     10.0.0.0/24 is subnetted, 2 subnets
C       10.10.13.0 is directly connected, Serial8/0
C       10.10.34.0 is directly connected, Ethernet0/0

网络 192.168.11.0 在 R103 上的最佳路径是通过 R103-R101 链路,而网络 192.168.12.0 的最佳路径是通过 R104 至 AS 11。在这个案例中,最短路径的长度决定了最佳路径。

同样,在 R104 中,BGP 和路由表与此类似:

R104# show ip bgp

BGP table version is 13, local router ID is 10.10.34.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i10.10.34.0/24    10.10.34.3               0    100      0 i
*>i192.168.11.0     10.10.34.3               0    100      0 11 i
*                   10.10.24.2               0             0 11 11 11 11 i
*> 192.168.12.0     10.10.24.2               0             0 11 i

R104# show ip route

!--- Output suppressed.

Gateway of last resort is not set

B    192.168.12.0/24 [20/0] via 10.10.24.2, 00:49:06    
!--- The next hop is R102.

B    192.168.11.0/24 [200/0] via 10.10.34.3, 00:07:36   
!--- The next hop is R103.

     10.0.0.0/24 is subnetted, 2 subnets
C       10.10.24.0 is directly connected, Serial8/0
C       10.10.34.0 is directly connected, Ethernet0/0

R101 - R103 链路失败时验证

当 R101-R103 链路中断时,所有通信都应通过 R102 重新路由。下图说明了这一更改:

40d.gif

关闭 R103 上的 R103-R101 链路以模拟这种情况。

R103(config)# interface serial 8/0
R103(config-if)# shutdown

*May 1 00:52:33.379: %BGP-5-ADJCHANGE: neighbor 10.10.13.1 Down Interface flap  
*May 1 00:52:35.311: %LINK-5-CHANGED: Interface Serial8/0, changed state to 
 administratively down
*May 1 00:52:36.127: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial8/0, changed 
 state to down

校验到 AS 10 的出局路由。

R101# show ip bgp

BGP table version is 17, local router ID is 192.168.12.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i0.0.0.0          192.168.12.2                  100      0 10 i   
!--- This is the next hop of R102.

*>i10.10.34.0/24    192.168.12.2                  100      0 10 i   
!--- This is the next hop of R102.

* i192.168.11.0     192.168.12.2             0    100      0 i
*>                  0.0.0.0                  0         32768 i
* i192.168.12.0     192.168.12.2             0    100      0 i
*>                  0.0.0.0                  0         32768 i

R101# show ip route

!--- Output suppressed.

Gateway of last resort is 192.168.12.2 to network 0.0.0.0

C    192.168.12.0/24 is directly connected, Ethernet0/0
C    192.168.11.0/24 is directly connected, Ethernet0/0
     10.0.0.0/24 is subnetted, 1 subnets
B       10.10.34.0 [200/0] via 192.168.12.2, 00:01:34
B*   0.0.0.0/0 [200/0] via 192.168.12.2, 00:01:34      
!--- All outbound traffic goes through R102.

     
R102# show ip route

!--- Output suppressed.

Gateway of last resort is 10.10.24.4 to network 0.0.0.0

C    192.168.12.0/24 is directly connected, Ethernet0/0
C    192.168.11.0/24 is directly connected, Ethernet0/0
     10.0.0.0/24 is subnetted, 2 subnets
C       10.10.24.0 is directly connected, Serial8/0
B       10.10.34.0 [20/0] via 10.10.24.4, 00:13:22
B*   0.0.0.0/0 [20/0] via 10.10.24.4, 00:55:22         
!--- All outbound traffic on R102 goes through R104.

在 R101-R103 关闭时校验入站数据流路由。

R103# show ip bgp

BGP table version is 6, local router ID is 10.10.34.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.34.0/24    0.0.0.0                  0         32768 i
*>i192.168.11.0     10.10.34.4               0    100      0 11 11 11 11 i
*>i192.168.12.0     10.10.34.4               0    100      0 11 i

R103# show ip route

!--- Output suppressed.

Gateway of last resort is not set

B    192.168.12.0/24 [200/0] via 10.10.34.4, 00:14:55      
!--- The next hop is R104.

B    192.168.11.0/24 [200/0] via 10.10.34.4, 00:05:46      
!--- The next hop is R104.

     10.0.0.0/24 is subnetted, 1 subnets
C       10.10.34.0 is directly connected, Ethernet0/0

在 R104 上,发往 192.168.11.0 和 192.168.12.0 的业务通过 R104-R102 链路传输。

R104# show ip route

!--- Output suppressed.

Gateway of last resort is not set

B    192.168.12.0/24 [20/0] via 10.10.24.2, 00:58:35    
!--- The next hop is R102.

B    192.168.11.0/24 [20/0] via 10.10.24.2, 00:07:57    
!--- The next hop is R102.

     10.0.0.0/24 is subnetted, 2 subnets
C       10.10.24.0 is directly connected, Serial8/0
C       10.10.34.0 is directly connected, Ethernet0/0

故障排除

目前没有针对此配置的故障排除信息。

通过单个本地路由器多重归属于两个 ISP 时的负载分摊

在此方案中,负载均衡不适用于多宿主环境,因此只能进行负载共享。您不能进行负载均衡,因为在从不同 AS 获知的 BGP 路由中,BGP 仅选择一个指向目标的最佳路径。基本思想是为通过 ISP(A) 获知的范围从 1.0.0.0 到 128.0.0.0 的路由和通过 ISP(B) 获知的其余路由设置更好的度量标准。以下面的网络图为例:

有关其他信息,请参阅两个不同服务提供商(多宿主)间的 BGP 的配置示例

网络图

本部分使用以下网络设置:

40e.gif

配置

本部分使用以下配置:

路由器A
interface Serial 0
 ip address 160.20.20.1 255.255.255.0
 no ip route-cache
    
interface Serial 1
 ip address 150.10.10.1 255.255.255.0
 no ip route-cache
   
router bgp 11
neighbor 160.20.20.2 remote-as 10
neighbor 160.20.20.2 route-map UPDATES-1 in

!--- This allows only the networks up to 128.0.0.0.

neighbor 150.10.10.2 remote-as 12
neighbor 150.10.10.2 route-map UPDATES-2 in

!--- This allows anything above the 128.0.0.0 network.

auto-summary
  
route-map UPDATES-1 permit 10
match ip address 1
set weight 100
 
route-map UPDATES-1 permit 20
match ip address 2
  
route-map UPDATES-2 permit 10
match ip address 1
  
route-map UPDATES-2 permit 20
match ip address 2
set weight 100
  
access-list 1 permit 0.0.0.0  127.255.255.255
access-list 2 deny 0.0.0.0 127.255.255.255
access-list 2 permit any

路由器B
interface Loopback0
 ip address 2.2.2.2 255.255.255.0
int loopback 1
 ip address 170.16.6.5 255.255.255.0
 
interface Serial 0
 ip address 160.20.20.2 255.255.255.0
 no ip route-cache
  
router bgp 10
neighbor 160.20.20.1 remote-as 11
network 2.0.0.0
network 170.16.0.0
auto-summary

RouterC
interface Loopback0 
 ip address 170.16.6.6 255.255.255.0
 
interface Loopback1 
 ip address 2.2.2.1 255.255.255.0
  
interface Serial 1
 ip address 150.10.10.2 255.255.255.0
 no ip route-cache
  
router bgp 12
neighbor 150.10.10.1 remote-as 11
network 2.0.0.0 
network 170.16.0.0
auto-summary

验证

使用本部分可确认配置能否正常运行。

命令输出解释程序仅限注册用户)(OIT) 支持某些 show 命令。使用 OIT 可查看对 show 命令输出的分析。

show ip route 命令和 traceroute 命令的输出显示,低于 128.0.0.0 的所有网络均通过 160.20.20.2 退出 RouterA。此路由是跳出 serial 0 接口的下一跳。其余网络通过 150.10.10.2 退出,这是跳出 serial 1 接口的下一跳。

RouterA# show ip route

!--- Output suppressed.

Gateway of last resort is not set
B 	170.16.0.0/16 [20/0] via 150.10.10.2, 00:43:43		 
!--- This is the next hop out through serial 1.

B 	2.0.0.0/8 [20/0] via 160.20.20.2, 00:43:43			 
!--- This is the next hop out through serial 0.

    160.20.0.0/24 is subnetted, 1 subnets
C 		160.20.20.0 is directly connected, Serial0
    150.10.0.0/24 is subnetted, 1 subnets
C 		150.10.10.0 is directly connected, Serial1

RouterA# show ip bgp

BGP table version is 3, local router ID is 160.20.20.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
 Network Next Hop Metric LocPrf Weight Path
   Network          Next Hop            Metric LocPrf Weight Path
*  2.0.0.0          150.10.10.2              0             0 12 i
*>                  160.20.20.2              0           100 10 i
*  170.16.0.0       160.20.20.2              0             0 10 i
*>                  150.10.10.2              0           100 12 i
  
RouterA# traceroute  2.2.2.2

Type escape sequence to abort.
Tracing the route to 2.2.2.2 

1   160.20.20.2 16 msec * 16 msec 

RouterA# traceroute  170.16.6.6

Type escape sequence to abort.
Tracing the route to 170.16.6.6

1   150.10.10.2 4 msec * 4 msec

故障排除

目前没有针对此配置的故障排除信息。

通过多个本地路由器多宿主到两个 ISP 时的负载平衡

在具有两个 ISP 的多宿主环境中,不可能实现负载均衡。在通过不同 AS 获知的 BGP 路径中,BGP 仅选择一个指向目标的最佳路径,因此不可能实现负载均衡。但是,负载共享是可能的在这样多宿主BGP网络。根据预先确定的策略,使用不同的 BGP 属性控制流量。

本部分讨论最常用的多宿主配置。配置显示如何实现负载共享。请参阅网络图,其中 AS 100 的多宿主实现了可靠性和负载共享。

注意: 在本例中,IP 地址遵循私有地址空间的 RFC 1918 标准,在 Internet 中不可路由。leavingcisco.com

为简单起见,假定 AS 100 的 BGP 路由策略如下:

  • AS 100 接受两个提供商提供的本地路由以及一条缺省的互联网路由。

  • 出局数据流策略如下:

    • 发往 AS 300 的流量通过 R1-ISP(A) 链路。

    • 发往 AS 400 的流量通过 R2-ISP(B) 链路。

    • 所有其他流量都应采用通过 R1 - ISP(A) 链路的缺省路由 0.0.0.0。

    • 如果 R1 - ISP(A) 链路中断,所有业务都通过 R2 - ISP(B) 链路传输。

  • 入站数据流策略如下:

    • 从 Internet 发往网络 10.10.10.0/24 的流量应出自 ISP(A)-R1 链路。

    • 从 Internet 发往网络 10.10.20.0/24 的流量应出自 ISP(B)-R2 链路。

    • 如果一个 ISP 发生故障,另一个 ISP 应针对所有网络将流量从 Internet 路由回 AS 100。

网络图

本部分使用以下网络设置:

40f.gif

配置

本部分使用以下配置:

R2
interface Ethernet0
 ip address 192.168.21.2 255.255.255.0
 !
interface Serial0
  ip address 192.168.42.2 255.255.255.0  
router bgp 100  
 no synchronization  
 bgp log-neighbor-changes  

!--- The next two lines announce the networks to BGP peers.

 network 10.10.10.0 mask 255.255.255.0  
 network 10.10.20.0 mask 255.255.255.0  

!--- The next line configures iBGP on R1.
 
  neighbor 192.168.21.1 remote-as 100  
  neighbor 192.168.21.1 next-hop-self  

!--- The next line configures eBGP with ISP(B).
 
 neighbor 192.168.42.4 remote-as 400  

!--- This is the incoming policy route map for the application 
!--- of attributes to specific routes.
 
 neighbor 192.168.42.4 route-map AS-400-INCOMING in  

!--- This is the outgoing policy route map for the application 
!--- of attributes to specific routes.
 
 neighbor 192.168.42.4 route-map AS-400-OUTGOING out  
 no auto-summary  
!  
!  

!--- This line sets the AS path access list.
!--- The line permits all routes within the routing domain of the provider.

ip as-path access-list 1 permit ^400$  
!  

!--- These two lines set the access list.
 
access-list 10 permit 10.10.10.0 0.0.0.255  
access-list 20 permit 10.10.20.0 0.0.0.255  

!--- The next three lines configure LOCAL_PREF for routes 
!--- that match AS path access list 1.
 
route-map AS-400-INCOMING permit 10  
 match as-path 1  
 set local-preference 150  

!--- Here, the route map prepends AS 100 to BGP updates for networks 
!--- that are permitted by access list 10.
 
route-map AS-400-OUTGOING permit 10  
 match ip address 10  
 set as-path prepend 100  

!--- This line announces the network that is permitted by
!--- access list 20 without any changes in BGP attributes.
 
route-map AS-400-OUTGOING permit 20  
 match ip address 20

R1
interface Serial0/0   
 ip address 192.168.31.1 255.255.255.0  
!  
interface Ethernet1/0  
 ip address 192.168.21.1 255.255.255.0  
!  
router bgp 100  
 no synchronization  
 bgp log-neighbor-changes  
 network 10.10.10.0 mask 255.255.255.0  
 network 10.10.20.0 mask 255.255.255.0
   
!--- IBGP peering with R2 
neighbor 192.168.21.2 remote-as 100  
neighbor 192.168.21.2 next-hop-self  
! 

!--- This line sets eBGP peering with ISP(A).
 
neighbor 192.168.31.3 remote-as 300  
!  

!--- This is the incoming policy route map for the application 
!--- of attributes to specific routes.
 
 neighbor 192.168.31.3 route-map AS-300-INCOMING in  
!  

!--- This is the outgoing policy route map for the application 
!--- of attributes to specific routes.
 
neighbor 192.168.31.3 route-map AS-300-OUTGOING out  
 no auto-summary  
  

!--- This line sets the AS path access list.
!--- The line permits all routes within the routing domain of the provider.

ip as-path access-list 1 permit ^300$  
!  

!--- These two lines set the IP access list.

access-list 10 permit 10.10.20.0 0.0.0.255  
access-list 20 permit 10.10.10.0 0.0.0.255  


!--- The next three lines configure LOCAL_PREF for routes that match 
!--- AS path access list 1.
 
route-map AS-300-INCOMING permit 10  
 match as-path 1  
 set local-preference 200  
!  

!--- Here, the route map prepends AS 100 to BGP updates for networks 
!--- that are permitted by access list 10.
 
route-map AS-300-OUTGOING permit 10  
 match ip address 10  
 set as-path prepend 100  
!  

!--- This line announces the network that is permitted 
!--- by access list 20 without any changes in BGP attributes.
 
route-map AS-300-OUTGOING permit 20  
 match ip address 20  
!

验证

使用本部分可确认配置能否正常运行。

命令输出解释程序仅限注册用户)(OIT) 支持某些 show 命令。使用 OIT 可查看对 show 命令输出的分析。

发出 show ip bgp 命令以验证出站/入站策略是否有效。

注意: show ip bgp output 中的大于号 (>) 表示可能的路径中用于该网络的最佳路径。有关详细信息,请参阅“BGP 最佳路径选择算法”。

R1# show ip bgp

BGP table version is 6, local router ID is 192.168.31.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

BGP table version is 6, local router ID is 192.168.31.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          192.168.31.3                  200      0 300 i

!--- This line shows that the default route 0.0.0.0/0 is preferred 
!--- through AS 300, ISP(A).

* i10.10.10.0/24    192.168.21.2             0    100      0 i
*>                  0.0.0.0                  0         32768 i
* i10.10.20.0/24    192.168.21.2             0    100      0 i
*>                  0.0.0.0                  0         32768 i
*> 30.30.30.0/24    192.168.31.3             0    200      0 300 i
*>i40.40.40.0/24    192.168.21.2             0    150      0 400 i

!--- The route to network 30.30.30.0/24 (AS 300) is preferred 
!--- through the R1-ISP(A) link.
!--- The route to network 40.40.40.0/24 (AS 400) is preferred 
!--- through the R2-ISP(B) link.

现在,请看 R2 上的 show ip bgp output

R2# show ip bgp 

BGP table version is 8, local router ID is 192.168.42.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*  0.0.0.0          192.168.42.4                  150      0 400 i  
*>i                 192.168.21.1                  200      0 300 i

!--- This line shows that the default route 0.0.0.0/0 is preferred
!--- through AS 300, through the R2-ISP(B) link.

*> 10.10.10.0/24    0.0.0.0                  0         32768 i
* i                 192.168.21.1             0    100      0 i
*> 10.10.20.0/24    0.0.0.0                  0         32768 i
* i                 192.168.21.1             0    100      0 i
*>i30.30.30.0/24    192.168.21.1             0    200      0 300 i 
*> 40.40.40.0/24    192.168.42.4             0    150      0 400 i

!--- The route to network 30.30.30.0/24 (AS 300) is preferred 
!--- through the R1-ISP(A) link.
!--- The route to network 40.40.40.0/24 (AS 400) is preferred 
!--- through the R2-ISP(B) link.

在 Router 6 上发出 show ip bgp 命令,以观察网络 10.10.10.0/24 和 10.10.20.0/24 的入站策略:

R6# show ip bgp

BGP table version is 15, local router ID is 192.168.64.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.10.0/24    192.168.63.3                           0 300 100 100 i

!--- This line shows that network 10.10.10.0/24 is routed through AS 300
!--- with the ISP(A)-R1 link.

*                   192.168.64.4                           0 400 100 100 100 i
*  10.10.20.0/24    192.168.63.3                           0 300 100 100 i
*>                  192.168.64.4                           0 400 100 i

!--- This line shows that network 10.10.20.0/24 is routed through AS 400
!--- with the ISP(B)-R2 link.

*> 30.30.30.0/24    192.168.63.3             0             0 300 i
*> 40.40.40.0/24    192.168.64.4             0             0 400 i

关闭 R1 上的 R1-ISP(A) 链路并观察 BGP 表。发往 Internet 的所有流量均应通过 R2-ISP(B) 链路进行路由:

R1(config)# interface serial 0/0
R1(config-if)# shutdown
 
*May  2 19:00:47.377: %BGP-5-ADJCHANGE: neighbor 192.168.31.3 Down Interface flap 
*May  2 19:00:48.277: %LINK-5-CHANGED: Interface Serial0/0, changed state to 
 administratively  down 
*May 23 12:00:51.255: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed 
 state to down 

R1# show ip bgp 

BGP table version is 12, local router ID is 192.168.31.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i0.0.0.0          192.168.21.2                  150      0 400 i  

!--- The best default path is now through the R2-ISP(B) link.

* i10.10.10.0/24    192.168.21.2             0    100      0 i
*>                  0.0.0.0                  0         32768 i
* i10.10.20.0/24    192.168.21.2             0    100      0 i
*>                  0.0.0.0                  0         32768 i
*>i40.40.40.0/24    192.168.21.2             0    150      0 400 i

R2# show ip bgp 

BGP table version is 14, local router ID is 192.168.42.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          192.168.42.4                  150      0 400 i  

!--- The best default route is now through ISP(B) with a 
!--- local preference of 150.

* i10.10.10.0/24    192.168.21.1             0    100      0 i
*>                  0.0.0.0                  0         32768 i
* i10.10.20.0/24    192.168.21.1             0    100      0 i
*>                  0.0.0.0                  0         32768 i
*> 40.40.40.0/24    192.168.42.4             0    150      0 400 i

请看 Router 6 中网络 10.10.10.0/24 的路由:

R6# show ip bgp 

BGP table version is 14, local router ID is 192.168.64.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.10.0/24    192.168.64.4                           0 400 100 100 i  

!--- Network 10.10.10.0 is reachable through ISP(B), which announced
!--- the network with AS path prepend.
 
*> 10.10.20.0/24    192.168.64.4                           0 400 100 i
*> 30.30.30.0/24    192.168.63.3             0             0 300 i
*> 40.40.40.0/24    192.168.64.4             0             0 400 i

故障排除

目前没有针对此配置的故障排除信息。

相关的思科支持社区讨论

思科支持社区是您提问、解答问题、分享建议以及与工作伙伴协作的论坛。


相关信息


Document ID: 13762