IP : 边界网关协议(BGP)

使用BGP社区值控制上行供应商网络的路由策略

2015 年 8 月 28 日 - 机器翻译
其他版本: PDFpdf | 英语 (2015 年 4 月 22 日) | 反馈


目录


简介

本文展示边界网关协议(BGP)社区属性如何可以用于为了控制路由policy�in其上游服务供应商网络。

先决条件

要求

本文档要求对 BGP 路由协议及其操作有所了解。有关详细信息,请参阅 BGP 案例分析

使用的组件

本文档不限于特定的软件和硬件版本。但是,本文档中的信息基于以下软件和硬件版本:

  • Cisco IOS�软件版本12.2(27)

  • Cisco 2500 系列路由器

本文档中的信息都是基于特定实验室环境中的设备创建的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您是在真实网络上操作,请确保您在使用任何命令前已经了解其潜在影响。

背景理论

尽管社区本身不会更改 BGP 决策过程,但社区可以用作标志以标记一组路由。路由器能然后使用这些标志应用特定路由的Upstream�service供应商修正(例如,本地首选) �within他们的网络。

提供商会在客户可配置的社区值和提供商网络内对应的本地优先级值之间建立映射。其思路是,具有要求修改提供商网络中的 LOCAL_PREF 的特定策略的客户在其路由更新中设置对应的社区值。

社区是一组前缀,这些前缀共享某个公共属性,并且可以使用 BGP 社区属性进行配置。BGP 社区属性是一种长度可变的、可传递的可选属性。该属性由一组(四个)用于指定社区的八位组值组成。社区属性值用在前两个八位位组的自治系统(AS)编号编码,当剩余的两个八位位组定义由AS。前缀可具有多个社区属性。检测到前缀中的多个社区属性的 BGP 扬声器可以基于一个、一些或所有属性进行操作。在路由器将社区属性传递到其他对等体之前,路由器可以添加或修改该属性。要了解有关社区属性的详细信息,请参阅 BGP 案例分析

本地优先级属性指示 AS 以哪条路径作为首选来访问特定网络。当有多条路径对同一个目的地时,有更高的首选的�the路径被选(本地首选属性的默认值是100)。有关详细信息,请参阅本地优先级属性

规则

有关文档规则的详细信息,请参阅 Cisco 技术提示规则

配置

控制路由策略

本部分提供有关如何配置本文档所述功能的信息。

注意: 要查找本文档所用命令的其他信息,请使用命令查找工具仅限注册用户)。

为进行简化,假设要在上游服务提供商 (AS 100) 和客户 (AS 30) 之间为社区属性和本地优先级属性建立以下映射。

本地首选 社区值
130 100:300
125 100:250

如果客户宣布社区属性等于 100:300 的前缀,则上游服务提供商会将这些路由的本地优先级设置为 130;如果社区属性等于 100:250,则设置为 125。

这将使您有可能可控制服务提供商网络中的路由策略(如果您更改向服务提供商宣布的前缀的社区值)。

网络图中,客户 AS 30 希望通过社区属性实现此路由策略。

  • 从 AS 100 发往网络 6.6.6.0 /24 的入站流量通过 R1-R3 链路。如果 R1-R3 链路发生故障,所有流量将通过 R2-R3 传入。

  • 从 AS 100 发往网络 7.7.7.0/24 的入站流量通过 R2-R3 链路。如果 R2-R3 链路发生故障,所有流量将通过 R1-R3 传入。

为了实现此路由策略,R3 按如下方式宣布其前缀:

到 R1:

  • 6.6.6.0/24,社区属性为 100:300

  • 7.7.7.0/24,社区属性为 100:250

到 R2:

  • 6.6.6.0/24,社区属性为 100:250

  • 7.7.7.0/24,社区属性为 100:300

当 BGP 邻居 R1 和 R2 从 R3 收到前缀后,R1 和 R2 便会基于社区属性和本地优先级属性之间的映射(如上表中所示)应用预先配置的策略,从而实现客户 (AS 30) 指定的路由策略。R1 在 BGP 表中安装以下前缀:

  • 6.6.6.0/24,本地优先级为 130

  • 7.7.7.0/24,本地优先级为 125

R2 在其 BGP 表中安装以下前缀:

  • 6.6.6.0/24,本地优先级为 125

  • 7.7.7.0/24,本地优先级为 130

由于在 BGP 路径选择标准中首选较高的本地优先级,因此将选择本地优先级为 130(130 大于 125)的路径作为 AS 100 中的最佳路径,并安装在 R1 和 R2 的 IP 路由表中。有关 BGP 路径选择标准的详细信息,请参阅 BGP 最佳路径选择算法

网络图

本文档使用此图中所示的网络设置:

http://www.cisco.com/c/dam/en/us/support/docs/ip/border-gateway-protocol-bgp/28784-bgp-community.gif

配置

本文档使用以下配置:

R3
Current configuration : 2037 bytes
!
version 12.2
!
hostname R3
!
interface Loopback0
�ip address 6.6.6.1 255.255.255.0
!
interface Ethernet0/0
�ip address 7.7.7.1 255.255.255.0
!
interface Serial8/0
�ip address 10.10.13.3 255.255.255.0

!--- Interface connected to R1.

 !�
interface Serial9/0
�ip address 10.10.23.3 255.255.255.0

!--- Interface connected to R2.

!
router bgp 30
�network 6.6.6.0 mask 255.255.255.0
�network 7.7.7.0 mask 255.255.255.0

!--- Network commands announce prefix 6.6.6.0/24


!--- and 7.7.7.0/24.

�neighbor 10.10.13.1 remote-as 100

!--- Establishes peering with R1.

�neighbor 10.10.13.1 send-community

-
!--- Without this command, the community attributes
!--- are not sent to the neighbor.

�neighbor 10.10.13.1 route-map Peer-R1 out

!--- Configures outbound policy as defined by


!--- route-map "Peer-R1" when peering with R1.

�neighbor 10.10.23.2 remote-as 100

!--- Establishes peering with R2.

�neighbor 10.10.23.2 send-community

!--- Configures to send community attribute to R2.

�neighbor 10.10.23.2 route-map Peer-R2 out

!--- Configures outbound policy as defined by


!--- route-map "Peer-R2" when peering with R2.

�no auto-summary
!
ip classless
ip bgp-community new-format

!--- Allows you to configure the BGP community


!--- attribute in AA:NN format.

!
access-list 101 permit ip host 6.6.6.0 host 255.255.255.0
access-list 102 permit ip host 7.7.7.0 host 255.255.255.0
!
!
route-map Peer-R1 permit 10
�match ip address 101
�set community 100:300

!--- Sets community 100:300 for routes matching access-list 101.

!
route-map Peer-R1 permit 20
�match ip address 102
�set community 100:250

!--- Sets community 100:250 for routes matching access-list 102.

!
route-map Peer-R2 permit 10
�match ip address 101
�set community 100:250

!--- Sets community 100:250 for routes matching access-list 101.

!
route-map Peer-R2 permit 20
�match ip address 102
�set community 100:300

!--- Sets community 100:300 for routes matching access-list 102.

!
end

R1
Version 12.2
!
hostname R1
!
interface Loopback0
�ip address 200.200.200.1 255.255.255.0
!���������
interface Serial8/0
�ip address 10.10.13.1 255.255.255.0

!--- Connected to R3.
�
!���������
interface Serial10/0
�ip address 10.10.12.1 255.255.255.0

!--- Connected to R2.

!���������
router bgp 100
�no synchronization
�bgp log-neighbor-changes
�neighbor 10.10.12.2 remote-as 100

!--- Establishes peering with R2.

�neighbor 10.10.12.2 next-hop-self
�neighbor 10.10.13.3 remote-as 30

!--- Establishes peering with R3.

�neighbor 10.10.13.3 route-map Peer-R3 in

!--- Configures the inbound policy as defined by


!--- route-map "Peer-R3" when peering with R3.

�no auto-summary
!���������
ip bgp-community new-format

!--- Allows you to configure the BGP community


!--- attribute in AA:NN format.

ip community-list 1 permit 100:300
ip community-list 2 permit 100:250

!--- Defines community list 1 and 2.

!���������
route-map Peer-R3 permit 10
�match community 1
�set local-preference 130

!--- Sets local preference 130 for all routes


!--- matching community list 1.

!���������
route-map Peer-R3 permit 20
�match community 2
�set local-preference 125

!--- Sets local preference 125 for all routes


!--- matching community list 2.

!���������
route-map Peer-R3 permit 30


!--- Without this permit 30 statement, updates that do not 


!--- match the permit 10 or permit 20 statements are dropped.


!
end

R2
Version 12.2
!
hostname R2
!
interface Loopback0
ip address 192.168.50.1 255.255.255.0
!
interface Serial9/0
ip address 10.10.23.2 255.255.255.0

!--- Connected to R3.

!
interface Serial10/0
ip address 10.10.12.2 255.255.255.0

!--- Connected to R1.

!
router bgp 100
�no synchronization
�bgp log-neighbor-changes
�neighbor 10.10.12.1 remote-as 100

!--- Establishes iBGP peering with R1.

�neighbor 10.10.12.1 next-hop-self
�neighbor 10.10.23.3 remote-as 30

!--- Establishes peering with R3.

�neighbor 10.10.23.3 route-map Peer-R3 in

!--- Configures inbound policy as defined by


!--- route-map "Peer-R3" when peering with R3.

�no auto-summary
!
ip bgp-community new-format

!--- Allows you to configure the BGP community


!--- attribute in AA:NN format.

!
ip community-list 1 permit 100:300
ip community-list 2 permit 100:250

!--- Defines community list 1 and 2.

!
route-map Peer-R3 permit 10
�match community 1
�set local-preference 130

!--- Sets local preference 130 for all routes


!--- matching community list 1.

!�
route-map Peer-R3 permit 20
�match community 2
�set local-preference 125

!--- Sets local preference 125 for all routes


!--- matching community list 2.

!
route-map Peer-R3 permit 30


!--- Without this permit 30 statement, updates that do not 


!--- match the permit 10 or permit 20 statements are dropped.

!

end

验证

R1 将接收社区属性为 100:300 和 100:250 的前缀 6.6.6.0/24 和 7.7.7.0/24,如本部分的 show ip bgp 输出中的粗体所示。

注意: 将这些路由基于配置的策略安装到 BGP 表中后,系统会对社区属性为 100:300 的前缀分配本地优先级 130,对社区属性为 100:250 的前缀分配本地优先级 125。

R1# show ip bgp 6.6.6.0 
BGP routing table entry for 6.6.6.0/24, version 2
Paths: (1 available, best #1, table Default-IP-Routing-Table)
� Advertised to non peer-group peers:
� 10.10.12.2�
� 30
��� 10.10.13.3 from 10.10.13.3 (6.6.6.1)
����� Origin IGP, metric 0, localpref 130, valid, external, best
����� Community: 100:300

!--- Prefix 6.6.6.0/24 with community 100:300 received from


!--- 10.10.13.3 (R3) is assigned local preference 130.

R1# show ip bgp 7.7.7.0 
BGP routing table entry for 7.7.7.0/24, version 4
Paths: (2 available, best #1, table Default-IP-Routing-Table)
� Advertised to non peer-group peers:
� 10.10.13.3�
� 30
��� 10.10.12.2 from 10.10.12.2 (192.168.50.1)
����� Origin IGP, metric 0, localpref 130, valid, internal, best

!--- Received prefix 7.7.7.0/24 over iBGP from 10.10.12.2


!--- (R2) with local preference 130.

� 30
��� 10.10.13.3 from 10.10.13.3 (6.6.6.1)
����� Origin IGP, metric 0, localpref 125, valid, external
����� Community: 100:250

!--- Prefix 7.7.7.0/24 with community 100:250 received from


!--- 10.10.13.3 (R3) is assigned local preference 125.

R1# show ip bgp
BGP table version is 4, local router ID is 200.200.200.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

�� Network��������� Next Hop����������� Metric LocPrf Weight Path
*> 6.6.6.0/24������ 10.10.13.3�������������� 0��� 130����� 0 30 i
*>i7.7.7.0/24������ 10.10.12.2�������������� 0��� 130����� 0 30 i
*������������������ 10.10.13.3�������������� 0��� 125����� 0 30 i

R1 上的 show ip bgp 命令将确认在 R1 上选择的最佳路径的本地优先级 (LoclPrf) 为 130。

同样地,R2 也会接收社区属性为 100:250 和 100:300 的前缀 6.6.6.0/24 和 7.7.7.0/24,如本部分的 show ip bgp 命令输出中的粗体所示。

注意: 将这些路由基于配置的策略安装到 BGP 表中后,系统会对社区属性为 100:300 的前缀分配本地优先级 130,对社区属性为 100:250 的前缀分配本地优先级 125。

R2# show ip bgp 6.6.6.0
BGP routing table entry for 6.6.6.0/24, version 2
Paths: (2 available, best #2, table Default-IP-Routing-Table)
� Advertised to non peer-group peers:
� 10.10.23.3�
� 30
��� 10.10.23.3 from 10.10.23.3 (6.6.6.1)
����� Origin IGP, metric 0, localpref 125, valid, external
����� Community: 100:250

!--- Prefix 6.6.6.0/24 with community 100:250 received from


!--- 10.10.23.3 (R3) is assigned local preference 125.

� 30
��� 10.10.12.1 from 10.10.12.1 (200.200.200.1)
����� Origin IGP, metric 0, localpref 130, valid, internal, best

!--- Received prefix 6.6.6.0/24 over iBGP from 10.10.12.1


!--- (R1) with local preference 130.

R2# show ip bgp 7.7.7.0
BGP routing table entry for 7.7.7.0/24, version 3
Paths: (1 available, best #1, table Default-IP-Routing-Table)
� Advertised to non peer-group peers:
� 10.10.12.1�
� 30
��� 10.10.23.3 from 10.10.23.3 (6.6.6.1)
����� Origin IGP, metric 0, localpref 130, valid, external, best
����� Community: 100:300

!--- Prefix 7.7.7.0/24 with community 100:300 received from


!--- 10.10.23.3 (R3) is assigned local preference 130.

R2# show ip bgp
BGP table version is 3, local router ID is 192.168.50.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

�� Network��������� Next Hop����������� Metric LocPrf Weight Path
*� 6.6.6.0/24������ 10.10.23.3�������������� 0��� 125����� 0 30 i
*>i���������������� 10.10.12.1�������������� 0��� 130����� 0 30 i
*> 7.7.7.0/24������ 10.10.23.3�������������� 0��� 130����� 0 30 i

R2 上的此 show ip bgp 命令输出将确认在 R2 上选择的最佳路径的本地优先级 (loclPrf) 为 130。

对prefix� 6.6.6.0/24的Ip route更喜欢退出在往AS 30的AS 100外面的R1-R3链路。R1 和 R2 上的 show ip route 命令可确认这一点。

R1# show ip route 6.6.6.0
Routing entry for 6.6.6.0/24
� Known via "bgp 100", distance 20, metric 0
� Tag 30, type external
� Last update from 10.10.13.3 3d21h ago
� Routing Descriptor Blocks:
� * 10.10.13.3, from 10.10.13.3, 3d21h ago
����� Route metric is 0, traffic share count is 1
����� AS Hops 1

!--- On R1, the IP route to prefix 6.6.6.0/24 points


!--- to next hop 10.10.13.3 which is R3 serial 8/0


!--- interface on the R1-R3 link.

R2# show ip route 6.6.6.0
Routing entry for 6.6.6.0/24
� Known via "bgp 100", distance 200, metric 0
� Tag 30, type internal
� Last update from 10.10.12.1 3d21h ago
� Routing Descriptor Blocks:
� * 10.10.12.1, from 10.10.12.1, 3d21h ago
����� Route metric is 0, traffic share count is 1
����� AS Hops 1

!--- On R2, IP route to prefix 6.6.6.0/24 points


!--- to next hop R1 (10.10.12.1) on its iBGP link.


!--- Thus traffic to network 6.6.6.0/24 from R2


!--- exits through R2-R1 and then�R1-R3 link from


!--- AS 100 towards AS 30.

对prefix�7.7.7.0/24的Ip route更喜欢退出在往AS 30的AS 100外面的R2-R3链路。R1 和 R2 上的 show ip route 命令可确认这一点。

R2# show ip route 7.7.7.0�
Routing entry for 7.7.7.0/24
� Known via "bgp 100", distance 20, metric 0
� Tag 30, type external
� Last update from 10.10.23.3 3d22h ago
� Routing Descriptor Blocks:
� * 10.10.23.3, from 10.10.23.3, 3d22h ago
����� Route metric is 0, traffic share count is 1
����� AS Hops 1

!--- On R2, IP route to prefix 7.7.7.0/24 points


!--- to next hop 10.10.23.3 which is R3 serial 9/0


!--- interface on R2-R3 link.

R1# show ip route 7.7.7.0
Routing entry for 7.7.7.0/24
� Known via "bgp 100", distance 200, metric 0
� Tag 30, type internal
� Last update from 10.10.12.2 3d22h ago
� Routing Descriptor Blocks:
� * 10.10.12.2, from 10.10.12.2, 3d22h ago
����� Route metric is 0, traffic share count is 1
����� AS Hops 1


!--- On R1, IP route to prefix 7.7.7.0/24 points


!--- to next hop R2 (10.10.12.2) on its iBGP link.


!--- Thus traffic to network 7.7.7.0/24�from�R1


!--- exits through R1-R2 and then�R2-R3 link


!--- from AS 100 towards AS 30.

在一条链路(如 R1-R3 链路)出现故障的情况下,所有流量都必须经过 R2-R3 链路。如果关闭 R1-R3 之间的链路,则可以模拟这种情况。

R1# conf t
Enter configuration commands, one per line.�End with CNTL/Z.
R1(config)#int s8/0
R1(config-if)#shut
R1(config-if)#
3d22h: %BGP-5-ADJCHANGE: neighbor 10.10.13.3 Down Interface flap
3d22h: %LINK-5-CHANGED: Interface Serial8/0, changed state to
  administratively down
3d22h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial8/0,
  changed state to down

请注意 R1 和 R2 上的前缀 6.6.6.0/24 和 7.7.7.0/24 的 IP 路由表。使用 R2-R3 链路来退出 AS 100。

R1# show ip route 6.6.6.0
Routing entry for 6.6.6.0/24
� Known via "bgp 100", distance 200, metric 0
� Tag 30, type internal
� Last update from 10.10.12.2 00:01:47 ago
� Routing Descriptor Blocks:
� * 10.10.12.2, from 10.10.12.2, 00:01:47 ago
����� Route metric is 0, traffic share count is 1
����� AS Hops 1
R1# show ip route 7.7.7.0
Routing entry for 7.7.7.0/24
� Known via "bgp 100", distance 200, metric 0
� Tag 30, type internal
� Last update from 10.10.12.2 3d22h ago
� Routing Descriptor Blocks:
� * 10.10.12.2, from 10.10.12.2, 3d22h ago
����� Route metric is 0, traffic share count is 1
����� AS Hops 1

show 命令输出显示到前缀 6.6.6.0/24和 7.7.7.0/24 的路由指向下一跳 10.10.12.2 (R2),这符合预期。现在,请查看 R2 上的 IP 路由表以检查前缀 6.6.6.0/24 和 7.7.7.0/24 的下一跳。下一跳必须是 R3 才能成功运行所配置的策略。

R2# show ip route 6.6.6.0
Routing entry for 6.6.6.0/24
� Known via "bgp 100", distance 20, metric 0
� Tag 30, type external
� Last update from 10.10.23.3 00:04:10 ago
� Routing Descriptor Blocks:
� * 10.10.23.3, from 10.10.23.3, 00:04:10 ago
����� Route metric is 0, traffic share count is 1
����� AS Hops 1
R2# show ip route 7.7.7.0
Routing entry for 7.7.7.0/24
� Known via "bgp 100", distance 20, metric 0
� Tag 30, type external
� Last update from 10.10.23.3 3d22h ago
� Routing Descriptor Blocks:
� * 10.10.23.3, from 10.10.23.3, 3d22h ago
����� Route metric is 0, traffic share count is 1
����� AS Hops 1

这确认已配置的策略工作正如所料的下一跳10.10.23.3是R3在R2-R3 link.�的序列9/0接口。

相关的思科支持社区讨论

思科支持社区是您提问、解答问题、分享建议以及与工作伙伴协作的论坛。


相关信息


Document ID: 28784