使用BGP路由反射和多個群集ID
簡介
本檔案介紹邊界閘道通訊協定(BGP)路由反射和多個叢集ID使用的不同案例。
必要條件
需求
假設先前已知BGP概念,特別是群集和路由反射。
採用元件
本文件所述內容不限於特定軟體和硬體版本。
本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除(預設)的組態來啟動。如果您的網路運作中,請確保您瞭解任何指令可能造成的影響。
BGP路由反射的說明
BGP發言人是啟用BGP的路由器。預設情況下,BGP揚聲器不會向iBGP對等體通告iBGP學習的字首 — 這樣做是為了保持環路預防。RFC4456引入了路由反射功能,無需在iBGP揚聲器之間實現全網狀。當路由反射器反射字首時,它通過新增自己的集群ID來建立/修改名為CLUSTER_LIST的可選非傳遞屬性。此屬性用於環路預防:當路由器收到包含路由器自己的群集ID的CLUSTER_LIST的更新時,此更新將被丟棄。
預設情況下,集群ID設定為BGP路由器ID值,但可以設定為任意32位值。多群集ID(MCID)功能允許您為每個鄰居分配群集ID。因此,路由反射方案有3種型別。
- 在客戶端和非客戶端之間
- 同一群集中的客戶端之間(群集內)
- 不同群集中的客戶端之間(群集間)
路由反射配置示例
本節提供一些路由器反射方案和各自的設定範例。
具有預設設定的單個群集
圖1
在充當路由反射器的路由器RR上完成了下一個配置。
RR#show run | sec bgp router bgp 1 bgp log-neighbor-changes neighbor 10.0.10.2 remote-as 1 neighbor 10.0.10.2 route-reflector-client neighbor 10.0.20.2 remote-as 1 neighbor 10.0.20.2 route-reflector-client neighbor 10.0.40.2 remote-as 1
在這種情況下,S1PE1和S1PE2是RR的客戶端,而S2PE1是非客戶端。在傳統設計中,非客戶端路由器充當下一層級路由器的路由反射器,但在本示例中,為了簡便起見,僅使用另一個PE。
RR#show ip bgp cluster-ids
Global cluster-id: 172.16.3.3 (configured: 0.0.0.0)
BGP client-to-client reflection: Configured Used
all (inter-cluster and intra-cluster): ENABLED
intra-cluster: ENABLED ENABLED
List of cluster-ids:
Cluster-id #-neighbors C2C-rfl-CFG C2C-rfl-USE
RR#show ip bgp 172.16.1.1
BGP routing table entry for 172.16.1.1/32, version 2
Paths: (1 available, best #1, table default)
Advertised to update-groups:
1 2
Refresh Epoch 2
Local, (Received from a RR-client)
10.0.10.2 from 10.0.10.2 (172.16.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
rx pathid: 0, tx pathid: 0x0
RR#show ip bgp update-group 1
BGP version 4 update-group 1, internal, Address Family: IPv4 Unicast
BGP Update version : 4/0, messages 0
Topology: global, highest version: 4, tail marker: 4
Format state: Current working (OK, last not in list)
Refresh blocked (not in list, last not in list)
Update messages formatted 2, replicated 2, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 1, min 0
Minimum time between advertisement runs is 0 seconds
Has 1 member:
10.0.40.2
RR#show ip bgp update-group 2
BGP version 4 update-group 2, internal, Address Family: IPv4 Unicast
BGP Update version : 4/0, messages 0
Route-Reflector Client
Topology: global, highest version: 4, tail marker: 4
Format state: Current working (OK, last not in list)
Refresh blocked (not in list, last not in list)
Update messages formatted 3, replicated 6, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 1, min 0
Minimum time between advertisement runs is 0 seconds
Has 2 members:
10.0.10.2 10.0.20.2這些輸出顯示,RR從S1PE1收到172.16.1.1/32字首,並將其反映到客戶端S1PE2和非客戶端S2PE1。在這種情況下,更新也會傳送回S1PE1,但發生這種情況是因為S1PE1和S1PE2具有相同的路由策略,因此形成了相同的更新組。
禁用了客戶端到客戶端反射的單個群集
圖2
在充當路由反射器的路由器RR上完成了下一個配置。
RR#show run | sec bgp router bgp 1 no bgp client-to-client reflection bgp log-neighbor-changes neighbor 10.0.10.2 remote-as 1 neighbor 10.0.10.2 route-reflector-client neighbor 10.0.20.2 remote-as 1 neighbor 10.0.20.2 route-reflector-client neighbor 10.0.40.2 remote-as 1
假設AS1部分網格化:S1PE1和S1PE2形成iBGP鄰居關係(例如,它們位於同一站點上,您希望最佳化網路處理更新的方式)。 在這種情況下,RR禁用了客戶端到客戶端的反射,它只將172.16.1.1/32從S1PE1反射到非客戶端S2PE1。
RR#show ip bgp cluster-ids
Global cluster-id: 172.16.3.3 (configured: 0.0.0.0)
BGP client-to-client reflection: Configured Used
all (inter-cluster and intra-cluster): DISABLED
intra-cluster: ENABLED DISABLED
List of cluster-ids:
Cluster-id #-neighbors C2C-rfl-CFG C2C-rfl-USE
RR#show ip bgp 172.16.1.1
BGP routing table entry for 172.16.1.1/32, version 5
Paths: (1 available, best #1, table default, RIB-failure(17))
Advertised to update-groups:
1
Refresh Epoch 2
Local, (Received from a RR-client)
10.0.10.2 from 10.0.10.2 (172.16.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
rx pathid: 0, tx pathid: 0x0
RR#show ip bgp update-group 1
BGP version 4 update-group 1, internal, Address Family: IPv4 Unicast
BGP Update version : 7/0, messages 0
Topology: global, highest version: 7, tail marker: 7
Format state: Current working (OK, last not in list)
Refresh blocked (not in list, last not in list)
Update messages formatted 4, replicated 4, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 1, min 0
Minimum time between advertisement runs is 0 seconds
Has 1 member:
10.0.40.2兩個集群,站點內和站點間路由反射
圖3
在充當路由反射器的路由器RR上完成了下一個配置。
RR#show run | sec bgp router bgp 1 no bgp client-to-client reflection intra-cluster cluster-id 192.168.1.1 bgp log-neighbor-changes neighbor 10.0.10.2 remote-as 1 neighbor 10.0.10.2 cluster-id 192.168.1.1 neighbor 10.0.10.2 route-reflector-client neighbor 10.0.20.2 remote-as 1 neighbor 10.0.20.2 cluster-id 192.168.1.1 neighbor 10.0.20.2 route-reflector-client neighbor 10.0.40.2 remote-as 1 neighbor 10.0.40.2 cluster-id 192.168.2.2 neighbor 10.0.40.2 route-reflector-client neighbor 10.0.50.2 remote-as 1 neighbor 10.0.50.2 cluster-id 192.168.2.2 neighbor 10.0.50.2 route-reflector-client neighbor 10.0.70.2 remote-as 1
在這種情況下,站點1上的兩個PE組成了群集192.168.1.1,站點2上的兩個PE組成了群集192.168.2.2。 S3PE1是非客戶端。站點1上的PE具有直接iBGP會話,群集192.168.1.1禁用了群集內反射,但群集192.168.2.2仍啟用了該反射。啟用了群集間反射。
RR#show ip bgp cluster-ids
Global cluster-id: 172.16.3.3 (configured: 0.0.0.0)
BGP client-to-client reflection: Configured Used
all (inter-cluster and intra-cluster): ENABLED
intra-cluster: ENABLED ENABLED
List of cluster-ids:
Cluster-id #-neighbors C2C-rfl-CFG C2C-rfl-USE
192.168.1.1 2 DISABLED DISABLED
192.168.2.2 2 ENABLED ENABLED
RR#show ip bgp 172.16.1.1
BGP routing table entry for 172.16.1.1/32, version 5
Paths: (1 available, best #1, table default, RIB-failure(17))
Advertised to update-groups:
3 5
Refresh Epoch 9
Local, (Received from a RR-client)
10.0.10.2 from 10.0.10.2 (172.16.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
rx pathid: 0, tx pathid: 0x0
RR#show ip bgp update-group 3
BGP version 4 update-group 3, internal, Address Family: IPv4 Unicast
BGP Update version : 11/0, messages 0
Topology: global, highest version: 11, tail marker: 11
Format state: Current working (OK, last not in list)
Refresh blocked (not in list, last not in list)
Update messages formatted 20, replicated 20, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 1, min 0
Minimum time between advertisement runs is 0 seconds
Has 1 member:
10.0.70.2
RR#show ip bgp update-group 5
BGP version 4 update-group 5, internal, Address Family: IPv4 Unicast
BGP Update version : 11/0, messages 0
Route-Reflector Client
Configured with cluster-id 192.168.2.2
Topology: global, highest version: 11, tail marker: 11
Format state: Current working (OK, last not in list)
Refresh blocked (not in list, last not in list)
Update messages formatted 22, replicated 34, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 3, min 0
Minimum time between advertisement runs is 0 seconds
Has 2 members:
10.0.40.2 10.0.50.2從S1PE1接收的字首172.16.1.1/32將反映到群集192.168.2.2中的客戶端和非客戶端。同時,從S2PE1接收的字首172.16.4.4/32將反映到所有客戶端和非客戶端。
RR#show ip bgp 172.16.4.4
BGP routing table entry for 172.16.4.4/32, version 9
Paths: (1 available, best #1, table default, RIB-failure(17))
Advertised to update-groups:
3 4 5
Refresh Epoch 6
Local, (Received from a RR-client)
10.0.40.2 from 10.0.40.2 (172.16.4.4)
Origin IGP, metric 0, localpref 100, valid, internal, best
rx pathid: 0, tx pathid: 0x0
RR#show ip bgp update-group 3
BGP version 4 update-group 3, internal, Address Family: IPv4 Unicast
BGP Update version : 11/0, messages 0
Topology: global, highest version: 11, tail marker: 11
Format state: Current working (OK, last not in list)
Refresh blocked (not in list, last not in list)
Update messages formatted 20, replicated 20, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 1, min 0
Minimum time between advertisement runs is 0 seconds
Has 1 member:
10.0.70.2
RR#show ip bgp update-group 4
BGP version 4 update-group 4, internal, Address Family: IPv4 Unicast
BGP Update version : 11/0, messages 0
Route-Reflector Client
Configured with cluster-id 192.168.1.1
Topology: global, highest version: 11, tail marker: 11
Format state: Current working (OK, last not in list)
Refresh blocked (not in list, last not in list)
Update messages formatted 26, replicated 47, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 3, min 0
Minimum time between advertisement runs is 0 seconds
Has 2 members:
10.0.10.2 10.0.20.2
RR#show ip bgp update-group 5
BGP version 4 update-group 5, internal, Address Family: IPv4 Unicast
BGP Update version : 11/0, messages 0
Route-Reflector Client
Configured with cluster-id 192.168.2.2
Topology: global, highest version: 11, tail marker: 11
Format state: Current working (OK, last not in list)
Refresh blocked (not in list, last not in list)
Update messages formatted 22, replicated 34, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 3, min 0
Minimum time between advertisement runs is 0 seconds
Has 2 members:
10.0.40.2 10.0.50.2您也可以禁用集群192.168.2.2的站點內路由反射,但是在這種情況下,該集群中的客戶端必須全網狀iBGP會話:
RR(config-router)#no bgp client-to-client reflection intra-cluster cluster-id 192.168.2.2
RR#sh ip bgp cluster-ids
Global cluster-id: 172.16.3.3 (configured: 0.0.0.0)
BGP client-to-client reflection: Configured Used
all (inter-cluster and intra-cluster): ENABLED
intra-cluster: ENABLED ENABLED
List of cluster-ids:
Cluster-id #-neighbors C2C-rfl-CFG C2C-rfl-USE
192.168.1.1 2 DISABLED DISABLED
192.168.2.2 2 DISABLED DISABLED
還可以對所有群集禁用站點內反射:
RR(config-router)#no bgp client-to-client reflection intra-cluster cluster-id any
兩個群集,無客戶端到客戶端反射
圖4
在充當路由反射器的路由器RR上完成了下一個配置。
RR#show run | sec bgp router bgp 1 no bgp client-to-client reflection bgp log-neighbor-changes neighbor 10.0.10.2 remote-as 1 neighbor 10.0.10.2 cluster-id 192.168.1.1 neighbor 10.0.10.2 route-reflector-client neighbor 10.0.20.2 remote-as 1 neighbor 10.0.20.2 cluster-id 192.168.1.1 neighbor 10.0.20.2 route-reflector-client neighbor 10.0.40.2 remote-as 1 neighbor 10.0.40.2 cluster-id 192.168.2.2 neighbor 10.0.40.2 route-reflector-client neighbor 10.0.50.2 remote-as 1 neighbor 10.0.50.2 cluster-id 192.168.2.2 neighbor 10.0.50.2 route-reflector-client neighbor 10.0.70.2 remote-as 1
可以禁用集群內和集群間反射。在這種情況下,僅執行客戶端和非客戶端之間的反射。
RR#show ip bgp cluster-ids Global cluster-id: 172.16.3.3 (configured: 0.0.0.0) BGP client-to-client reflection: Configured Used all (inter-cluster and intra-cluster): DISABLED intra-cluster: ENABLED DISABLED List of cluster-ids: Cluster-id #-neighbors C2C-rfl-CFG C2C-rfl-USE 192.168.1.1 2 ENABLED DISABLED 192.168.2.2 2 ENABLED DISABLED
RR#show ip bgp 172.16.1.1
BGP routing table entry for 172.16.1.1/32, version 5
Paths: (1 available, best #1, table default, RIB-failure(17))
Advertised to update-groups:
3
Refresh Epoch 9
Local, (Received from a RR-client)
10.0.10.2 from 10.0.10.2 (172.16.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
rx pathid: 0, tx pathid: 0x0
RR#show ip bgp 172.16.4.4
BGP routing table entry for 172.16.4.4/32, version 9
Paths: (1 available, best #1, table default, RIB-failure(17))
Advertised to update-groups:
3
Refresh Epoch 6
Local, (Received from a RR-client)
10.0.40.2 from 10.0.40.2 (172.16.4.4)
Origin IGP, metric 0, localpref 100, valid, internal, best
rx pathid: 0, tx pathid: 0x0
RR#show ip bgp update-group 3
BGP version 4 update-group 3, internal, Address Family: IPv4 Unicast
BGP Update version : 11/0, messages 0
Topology: global, highest version: 11, tail marker: 11
Format state: Current working (OK, last not in list)
Refresh blocked (not in list, last not in list)
Update messages formatted 20, replicated 20, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 1, min 0
Minimum time between advertisement runs is 0 seconds
Has 1 member:
10.0.70.2
字首172.16.1.1/32和172.16.4.4/32分別源自群集192.168.1.1和192.168.2.2。這兩個字首只反映到非客戶端S3PE1。在這種情況下,所有客戶端都必須完全網格化。通常,在此特定場景中,MCID實際上沒有意義(同一行為可以在單個集群中實現),但是,如果您希望來自不同鄰居的路由具有不同的集群清單,則仍可以使用它們。
叢集清單和回圈防止
當RR反映字首時,它將集群ID新增到可選的非傳遞屬性CLUSTER_LIST。此外,它還將可選的非傳遞屬性ORIGINATOR_ID設定為對等體的路由器ID,該對等體已經將字首通告給RR。
當使用MCID且RR反映字首時,它使用為向RR通告該字首的對等體配置的集群ID。如果該對等體未配置特定群集ID,則使用全域性群集ID。
讓我們看一些例子。RR啟用所有形式的路由反射。全域性群集ID為172.16.3.3,群集ID 192.168.1.1和192.168.2.2分別設定為站點1和站點2上的PE(請參閱上面的拓撲圖)。
RR#show ip bgp cluster-ids Global cluster-id: 172.16.3.3 (configured: 0.0.0.0) BGP client-to-client reflection: Configured Used all (inter-cluster and intra-cluster): ENABLED intra-cluster: ENABLED ENABLED List of cluster-ids: Cluster-id #-neighbors C2C-rfl-CFG C2C-rfl-USE 192.168.1.1 2 ENABLED ENABLED 192.168.2.2 2 ENABLED ENABLED
客戶端與非客戶端之間的思考
S2PE3#show ip bgp 172.16.1.1
BGP routing table entry for 172.16.1.1/32, version 2
Paths: (1 available, best #1, table default, RIB-failure(17))
Not advertised to any peer
Refresh Epoch 1
Local
10.0.10.2 (metric 20) from 10.0.70.1 (172.16.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 172.16.1.1, Cluster list: 192.168.1.1
rx pathid: 0, tx pathid: 0x0
S2PE3#show ip bgp 172.16.4.4
BGP routing table entry for 172.16.4.4/32, version 4
Paths: (1 available, best #1, table default, RIB-failure(17))
Not advertised to any peer
Refresh Epoch 1
Local
10.0.40.2 (metric 20) from 10.0.70.1 (172.16.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 172.16.4.4, Cluster list: 192.168.2.2
rx pathid: 0, tx pathid: 0x0非客戶端S2PE3接收由群集192.168.1.1產生的字首172.16.1.1/32 — 群集ID 192.168.1.1被新增到群集清單中。它還會接收由群集192.168.2.2產生的字首172.16.4.4/32 — 群集ID 192.168.2.2已新增到群集清單中。
S1PE1#show ip bgp 172.16.6.6
BGP routing table entry for 172.16.6.6/32, version 5
Paths: (1 available, best #1, table default, RIB-failure(17))
Not advertised to any peer
Refresh Epoch 1
Local
10.0.70.2 (metric 20) from 10.0.10.1 (172.16.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 172.16.6.6, Cluster list: 172.16.3.3
rx pathid: 0, tx pathid: 0x0客戶端S1PE1接收由非客戶端發起的字首172.16.6.6/32 — 將全域性群集ID 172.16.3.3新增到群集清單中。
叢集內反射
S1PE2#show ip bgp 172.16.1.1/32
BGP routing table entry for 172.16.1.1/32, version 8
Paths: (1 available, best #1, table default, RIB-failure(17))
Not advertised to any peer
Refresh Epoch 1
Local
10.0.10.2 (metric 20) from 10.0.20.1 (172.16.3.3)
Origin IGP, metric 0, localpref 100, valid, internal
Originator: 172.16.1.1, Cluster list: 192.168.1.1
rx pathid: 0, tx pathid: 0S1PE2屬於群集192.168.1.1,接收由S1PE1發起的字首172.16.1.1/32,該字首也屬於群集192.168.1.1。群集ID 192.168.1.1將新增到群集清單中。
叢集間反射
S2PE1#show ip bgp 172.16.1.1/32
BGP routing table entry for 172.16.1.1/32, version 4
Paths: (1 available, best #1, table default, RIB-failure(17))
Not advertised to any peer
Refresh Epoch 1
Local
10.0.10.2 (metric 20) from 10.0.40.1 (172.16.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 172.16.1.1, Cluster list: 192.168.1.1
rx pathid: 0, tx pathid: 0x0
S1PE1#show ip bgp 172.16.4.4/32
BGP routing table entry for 172.16.4.4/32, version 4
Paths: (1 available, best #1, table default, RIB-failure(17))
Not advertised to any peer
Refresh Epoch 1
Local
10.0.40.2 (metric 20) from 10.0.10.1 (172.16.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 172.16.4.4, Cluster list: 192.168.2.2
rx pathid: 0, tx pathid: 0x0S2PE1屬於集群192.168.2.2,接收由集群192.168.1.1產生的字首172.16.1.1/32 — 集群ID設定為192.168.1.1。
S1PE1屬於群集192.168.1.1,並接收由群集192.168.2.2產生的字首172.16.4.4/32 — 群集ID設定為192.168.2.2。
MCIDs和環路預防
如果路由器收到包含路由器自己的群集ID的群集清單字首的更新,則丟棄該更新。如果使用MCID,將丟棄包含任何已配置群集ID(全域性或每個鄰居)的更新。
相關資訊
修訂記錄
| 修訂 | 發佈日期 | 意見 |
|---|---|---|
2.0 |
20-May-2025
|
已更新標題、簡介、替代文本、技術內容、語法和格式。 |
1.0 |
21-Apr-2016
|
初始版本 |
意見