簡介
本檔案介紹使用邊界閘道通訊協定(BGP)路由和來源地點(SoO)時,如何避免SD-WAN網狀架構中的路由回圈。
必要條件
需求
思科建議您瞭解以下主題:
- 對重疊管理通訊協定(OMP)的基本瞭解
- 對BGP有基礎認識
- SD-WAN元件和它們之間的互動
採用元件
為了演示目的,使用了以下軟體路由器:
- 3台軟體版本17.2.1v的Cisco IOS® XE CSR1000v路由器,以控制器模式(SD-WAN)執行
- 2台軟體版本為16.7.3的Cisco IOS XE CSR1000v路由器
本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除(預設)的組態來啟動。如果您的網路運作中,請確保您瞭解任何指令可能造成的影響。
背景資訊
就本檔案而言,使用以下拓撲:
拓撲
R1和R2是通用的Cisco IOS XE路由器(或能夠運行BGPv4的任何其他路由器)。 cE1、cE2和cE3在控制器(SD-WAN)模式下運行Cisco IOS XE。您可以在此處找到每個SD-WAN路由器分配的site-id和system-ip引數的摘要:
SD-WAN路由器 |
site-id |
system-ip |
cE1 |
214 |
192.168.30.214 |
cE2 |
215 |
192.168.30.215 |
cE3 |
216 |
192.168.30.216 |
下面是一組最初發生的事件:
- R1和R2與cE1、cE2和cE3建立相應的eBGP對等。 cE1和cE2建立iBGP對等。
- R2建立BGP路由10.1.1.0/24,並通過eBGP將其通告到cE3。
- cE3在VRF 1地址系列的服務端收到此BGP路由,然後將此路由重新分配到OMP。
- cE3將10.1.1.0/24 OMP路由通告到SD-WAN重疊(vSmart控制器負責通過OMP協定將路由資訊傳播到加入到SD-WAN重疊的所有其他邊緣路由器)。
- cE1和cE2接收OMP路由,並通過VRF 1中的eBGP將其重新分發回R1。
組態
以下是cE1的相關配置。請注意 send-comminity 沒有為鄰居192.168.160.215配置:
router bgp 65401
bgp log-neighbor-changes
distance bgp 20 200 20
!
address-family ipv4 vrf 1
redistribute omp
propagate-aspath
neighbor 192.168.140.10 remote-as 65300
neighbor 192.168.140.10 activate
neighbor 192.168.140.10 send-community both
neighbor 192.168.160.215 remote-as 65400
neighbor 192.168.160.215 activate
exit-address-family
!
sdwan
omp
no shutdown
send-path-limit 4
ecmp-limit 4
graceful-restart
no as-dot-notation
timers
holdtime 60
advertisement-interval 1
graceful-restart-timer 43200
eor-timer 300
exit
address-family ipv4 vrf 1
advertise bgp
!
address-family ipv4
advertise connected
advertise static
!
address-family ipv6
advertise connected
advertise static
cE2:
router bgp 65401
bgp log-neighbor-changes
distance bgp 20 200 20
!
address-family ipv4 vrf 1
redistribute omp
propagate-aspath
neighbor 192.168.150.10 remote-as 65300
neighbor 192.168.150.10 activate
neighbor 192.168.150.10 send-community both
neighbor 192.168.160.214 remote-as 65401
neighbor 192.168.160.214 activate
neighbor 192.168.160.214 send-community both
exit-address-family
!
sdwan
omp
no shutdown
send-path-limit 4
ecmp-limit 4
graceful-restart
no as-dot-notation
timers
holdtime 60
advertisement-interval 1
graceful-restart-timer 43200
eor-timer 300
exit
address-family ipv4 vrf 1
advertise bgp
!
address-family ipv4
advertise connected
advertise static
!
address-family ipv6
advertise connected
advertise static
cE3:
router bgp 65401
bgp log-neighbor-changes
timers bgp 5 15
!
address-family ipv4 vrf 1
redistribute omp
propagate-aspath
neighbor 192.168.60.11 remote-as 65500
neighbor 192.168.60.11 activate
exit-address-family
!
sdwan
omp
no shutdown
send-path-limit 4
ecmp-limit 4
graceful-restart
no as-dot-notation
timers
holdtime 60
advertisement-interval 1
graceful-restart-timer 43200
eor-timer 300
exit
address-family ipv4 vrf 1
advertise bgp
!
address-family ipv4
advertise connected
advertise static
!
address-family ipv6
advertise connected
advertise static
!
驗證
1.在初始狀態下,路由從cE3通告並通過cE1和cE2通過OMP獲知。將路由重新分發到BGP,並通告給彼此和R1:
cE1#
show bgp vpnv4 unicast vrf 1 10.1.1.1/24
BGP routing table entry for 1:1:10.1.1.1/24, version 342041
Paths: (2 available, best #2, table 1)
Advertised to update-groups:
4 5
Refresh Epoch 1
65500
192.168.160.215 (via vrf 1) from 192.168.160.215 (192.168.109.215)
Origin incomplete, metric 1000, localpref 50, valid, internal
Extended Community: SoO:0:215 RT:1:1
rx pathid: 0, tx pathid: 0
Updated on Aug 21 2020 11:23:32 GMT
Refresh Epoch 1
65500
192.168.30.216 (via default) from 0.0.0.0 (192.168.109.214)
Origin incomplete, metric 1000, localpref 50, valid, sourced, best
Extended Community: SoO:0:214 RT:1:1
rx pathid: 0, tx pathid: 0x0
Updated on Aug 21 2020 11:23:32 GMT
cE2#
show bgp vpnv4 unicast vrf 1 10.1.1.1/24
BGP routing table entry for 1:1:10.1.1.1/24, version 327810
Paths: (2 available, best #2, table 1)
Advertised to update-groups:
5 6
Refresh Epoch 1
65500
192.168.160.214 (via vrf 1) from 192.168.160.214 (192.168.109.214)
Origin incomplete, metric 1000, localpref 50, valid, internal
Extended Community: RT:1:1
rx pathid: 0, tx pathid: 0
Updated on Aug 21 2020 11:23:32 GMT
Refresh Epoch 1
65500
192.168.30.216 (via default) from 0.0.0.0 (192.168.109.215)
Origin incomplete, metric 1000, localpref 50, valid, sourced, best
Extended Community: SoO:0:215 RT:1:1
rx pathid: 0, tx pathid: 0x0
Updated on Aug 21 2020 11:23:32 GMT
2.在cE2上,WAN介面斷開連線或與SD-WAN交換矩陣的連線丟失,因此OMP對等體(vSmart連線)關閉。只有一條路由仍然從iBGP獲知:
ce2(config)#
interface GigabitEthernet 2
ce2(config-if)#
關機
ce2(config-if)#
end
Uncommitted changes found, commit them? [yes/no/CANCEL] yes
Commit complete.
ce2#
show bgp vpnv4 unicast vrf 1 10.1.1.1/24
BGP routing table entry for 1:1:10.1.1.1/24, version 345276
Paths: (1 available, best #1, table 1)
Advertised to update-groups:
6
Refresh Epoch 1
65500
192.168.160.214 (via vrf 1) from 192.168.160.214 (192.168.109.214)
Origin incomplete, metric 1000, localpref 50, valid, internal, best
Extended Community: RT:1:1
rx pathid: 0, tx pathid: 0x0
Updated on Aug 21 2020 11:23:32 GMT
cE1仍優先使用通過OMP(這是唯一保留的路由)發起於cE3的路由:
ce1#
show bgp vpnv4 unicast vrf 1 10.1.1.1/24
BGP routing table entry for 1:1:10.1.1.1/24, version 342041
Paths: (1 available, best #1, table 1)
Advertised to update-groups:
4 5
Refresh Epoch 1
65500
192.168.30.216 (via default) from 0.0.0.0 (192.168.109.214)
Origin incomplete, metric 1000, localpref 50, valid, sourced, best
Extended Community: SoO:0:214 RT:1:1
rx pathid: 0, tx pathid: 0x0
Updated on Aug 21 2020 11:23:32 GMT
3.在cE2的WAN介面上再次建立連線。由於管理距離(AD)更佳,因此仍首選通過iBGP從cE1路由。
ce2(config)#
interface GigabitEthernet 2
ce2(config-if)#
no shut
ce2(config-if)#
end
Uncommitted changes found, commit them? [yes/no/CANCEL] yes
Commit complete.
ce2#
show bgp vpnv4 unicast vrf 1 10.1.1.1/24
BGP routing table entry for 1:1:10.1.1.1/24, version 345276
Paths: (1 available, best #1, table 1)
Advertised to update-groups:
6
Refresh Epoch 1
65500
192.168.160.214 (via vrf 1) from 192.168.160.214 (192.168.109.214)
Origin incomplete, metric 1000, localpref 50, valid, internal, best
Extended Community: RT:1:1
rx pathid: 0, tx pathid: 0x0
Updated on Aug 21 2020 11:23:32 GMT
cE1仍優先使用通過cE3始發的OMP的路由。請記住,cE1將OMP重新分發到BGP:
ce1#
show bgp vpnv4 unicast vrf 1 10.1.1.1/24
BGP routing table entry for 1:1:10.1.1.1/24, version 569358
Paths: (1 available, best #1, table 1)
Advertised to update-groups:
4 5
Refresh Epoch 1
65500
192.168.30.216 (via default) from 0.0.0.0 (192.168.109.214)
Origin incomplete, metric 1000, localpref 50, valid, sourced, best
Extended Community: SoO:0:214 RT:1:1
rx pathid: 0, tx pathid: 0x0
Updated on Aug 21 2020 15:13:09 GMT
4.與R2的cE3連線會發生一些情況。要進行測試,介面關閉,R2 BGP對等體丟失:
ce3(config)#
interface GigabitEthernet 6
ce3(config-if)#
關機
ce3(config-if)#
commit
5.因此,在cE1和cE2之間形成了路由環路(cE2將來自OMP的路由重分佈並通過BGP通告給cE1,cE1將BGP重分佈到OMP並通告給cE2):
ce1#
show bgp vpnv4 unicast vrf 1 10.1.1.1/24
BGP routing table entry for 1:1:10.1.1.1/24, version 732548
Paths: (1 available, best #1, table 1)
Advertised to update-groups:
5
Refresh Epoch 1
65500
192.168.160.215 (via vrf 1) from 192.168.160.215 (192.168.109.215)
Origin incomplete, metric 1000, localpref 50, valid, internal, best
Extended Community: SoO:0:215 RT:1:1
rx pathid: 0, tx pathid: 0x0
Updated on Aug 21 2020 15:38:47 GMT
ce2#
show bgp vpnv4 unicast vrf 1 10.1.1.1/24
BGP routing table entry for 1:1:10.1.1.1/24, version 639650
Paths: (1 available, best #1, table 1)
Advertised to update-groups:
5 6
Refresh Epoch 1
65500
192.168.30.214 (via default) from 0.0.0.0 (192.168.109.215)
Origin incomplete, metric 1000, localpref 50, valid, sourced, best
Extended Community: SoO:0:215 RT:1:1
rx pathid: 1, tx pathid: 0x0
Updated on Aug 21 2020 15:38:47 GMT
疑難排解
有兩種可能的解決方案。
解決方案1
為OMP配置overlay-as。然後為OMP覆蓋本身分配一些自治系統(AS)編號。舉例來說:
config-transaction
sdwan
omp
overlay-as 64512
exit
預設情況 propagate-aspath 下,OMP對BGP是透明 overlay-as 的,即使已配置。這是一項功能,它會將指定為此命令引數的AS附加到從OMP匯出到BGP的路由的BGP AS_PATH屬性之前。如果在重疊網路中的多個裝置上配置相同的重疊AS編號,則所有這些裝置都被視為同一AS的一部分。因此,它們不會轉發包含重疊AS編號的任何路由,因此可以防止路由環路。
請記住, overlay-as 和 propagate-aspath 彼此依賴。詳細討論此功能。
存在以下兩種情況:
Overlay-AS案例1
overlay-as 在 sdwan omp section下的全域性級別上配置 propagate-aspath advertise bgp 且未配置(rest配置與最初描述的一樣:在section下的 omp address-family ipv4 vrf 1 configured redistribute omp 下啟 router bgp <AS> address-family ipv4 vrf 1 用)。
overlay-as 64512在cE1/cE2和cE3上配置。
重疊示範
為了演示目的,更改了cE1、cE2和cE3上的BGP AS。
R1 - cE1/cE2仍通過eBGP對等,分別使用AS 65300和65401。
cE3 - R2仍通過eBGP對等,分別使用AS 65402和65500。
R1將路由(例如192.168.41.11/32)傳送到cE1/cE2。 cE1/cE2將此路由重新分發到OMP,沒有任何AS_PATH屬性。
cE3收到此封包並將其通告到BGP中傳給R2,但只會使用它自己的AS(正常的eBGP行為)。
R2上的路由route1具有AS_PATH: "65402"。
R2#
sh ip bgp | i 192.168.41.11/32
*> 192.168.41.11/32 192.168.60.216 1000 0 65402 ?
Overlay-AS案例2
propagate-aspath 在「」 router bgp 部分下為特定服務端VPN(address-family ipv4 vrf 1)配置。這裡也有子案例。
案例 2.1.在 overlay-as cE3上啟用 propagate-aspath 後,在cE1/ router bgp 65401 address-family ipv4 vrf 1 cE2下也啟用。
R1將路由route1傳送到cE1/cE2。 cE1/cE2使用來自R1站點的as-path將此路由重新分發到OMP。
vSmart上的OMP路由具有AS-Path:「65300」。
vsmart1#
show omp routes vpn 1 192.168.41.11/32 | nomore | 不排除集
--------------------------------------------------- omp route entries for vpn 1 route 192.168.41.11/32 --------------------------------------------------- RECEIVED FROM: peer 192.168.30.214 path-id 81 label 1001 status C,R Attributes: originator 192.168.30.214 type installed tloc 192.168.30.214, biz-internet, ipsec overlay-id 1 site-id 25 origin-proto eBGP origin-metric 0 as-path "65300" RECEIVED FROM: peer 192.168.30.215 path-id 68 label 1002 status C,R Attributes: originator 192.168.30.215 type installed tloc 192.168.30.215, biz-internet, ipsec overlay-id 1 site-id 25 origin-proto eBGP origin-metric 0 as-path "65300"
案例2.1.a.在cE3上禁用 propagate-aspath 後,cE3將作為OMP路由接收它,並將其通告到BGP,忽略任何as-path屬性,作為R2重疊,並僅新增自己的BGP AS(正常eBGP行為)。
R2上的Route1 AS-path:「65402」。
R2#
sh ip bgp | i 192.168.41.11/32
*> 192.168.41.11/32 192.168.60.216 1000 0 65402 ?
案例2.1.b.在cE3上啟用 propagate-aspath 後,cE3會以OMP路由的形式接收它,並將其通告到BGP中,將接收的as-path屬性預置到R2上,然後向R2新增Overlay-AS,接著新增它自己的BGP AS。
R2上的Route1 AS-path:「65402 64512 65300」。
R2#
sh ip bgp | i 192.168.41.11/32
*> 192.168.41.11/32 192.168.60.216 1000 0 65402 64512 65300 ?
案例2.1.c.在cE1/cE2上禁用 propagate-aspath 後,cE3將作為OMP路由接收它,而無任何as-path屬性,並將它通告到BGP中,指向R2,預置Overlay-AS並僅新增其自己的BGP AS。
R2上的Route1 AS-path:「65402 64512」。
R2#
sh ip bgp | i 192.168.41.11/32
*> 192.168.41.11/32 192.168.60.216 1000 0 65402 64512 ?
案例 2.2.在cE3 overlay-as 上沒有配置, propagate-aspath 在cE1/cE2的router bgp 65401 address-family ipv4 vrf 1下啟用。
案例2.2.a.僅 propagate-aspath 在cE3上禁用時,cE3會收到它作為OMP路由並將其通告到BGP,忽略指向R2的任何AS_PATH屬性,新增它自己的BGP AS(正常的eBGP行為)。
R2上的Route1 AS-path:「65402」。
R2#
sh ip bgp | i 192.168.41.11/32
*> 192.168.41.11/32 192.168.60.216 1000 0 65402 ?
案例2.2.b.在cE3 propagate-aspath 上啟用時,cE3將作為OMP路由接收它,並將它通告到BGP中,在接收的AS_PATH屬性之前向R2新增它自己的AS。
R2上的Route1 AS-path:「65402」、「65300」。
R2#
sh ip bgp | i 192.168.41.11/32
*> 192.168.41.11/32 192.168.60.216 1000 0 65402 65300 ?
要點:
將AS-Path屬性傳送到OMP時,邊緣路由器不會新增自己的AS(如vEdge Does Not Advertise Its Own AS When BGP Routes Are Advertised Into OMP一文所示)。如果遠端邊緣路由器在AS_PATH屬性中收到具有其自己的AS的OMP路由,它不會執行環路檢測,並將具有所收到的AS路徑的路由傳送到服務端上的路由器。
解決方案2
在路由器cE1和cE2上配置相同的site-id。儘管vSmart使用與路由本身相同的站點ID將路由通告回站點,但由於路由的發起方屬性不同,因此不會觸發環路預防,但控制平面路由環路不會形成,因為OMP路由未安裝到RIB中。這是因為OMP路由處於Inv,U(無效,未解析)狀態。預設情況下,除非配置資料平面隧道,否則無法在具有相同站點ID的站點之間 allow-same-site-tunnels 建立資料平面隧道。如果資料平面隧道BFD會話處於關閉狀態,則TLOC保持未解析狀態。在本例中,在路 site-id 214215 由器ce1和ce2上均進行了配置。由cE2和cE1通告的路由10.0.0.2/32不會將其安裝到路由表中,因為cE1和cE2之間不存在資料平面會話:
ce1#
show sdwan omp route 10.0.0.2/32 det | 未設定exc
--------------------------------------------------- omp route entries for vpn 3 route 10.0.0.2/32 --------------------------------------------------- RECEIVED FROM: peer 192.168.30.113 path-id 3 label 1004 status Inv,U Attributes: originator 192.168.30.215 type installed tloc 192.168.30.215, mpls, ipsec overlay-id 1 site-id 214215 origin-proto connected origin-metric 0 RECEIVED FROM: peer 192.168.30.113 path-id 4 label 1004 status Inv,U loss-reason tloc-id lost-to-peer 192.168.30.113 lost-to-path-id 3 Attributes: originator 192.168.30.215 type installed tloc 192.168.30.215, biz-internet, ipsec overlay-id 1 site-id 214215 origin-proto connected origin-metric 0
ce1#
show sdwan omp tlocs "ip 192.168.30.215" | 未設定exclude not set
--------------------------------------------------- tloc entries for 192.168.30.215 mpls ipsec --------------------------------------------------- RECEIVED FROM: peer 192.168.30.113 status C,I,R Attributes: attribute-type installed encap-proto 0 encap-spi 256 encap-auth sha1-hmac,ah-sha1-hmac encap-encrypt aes256 public-ip 192.168.110.215 public-port 12347 private-ip 192.168.110.215 private-port 12347 public-ip :: public-port 0 private-ip :: private-port 0 bfd-status down site-id 214215 preference 0 weight 1 version 3 gen-id 0x80000026 carrier default restrict 0 groups [ 0 ] bandwidth 0 qos-group default-group --------------------------------------------------- tloc entries for 192.168.30.215 biz-internet ipsec --------------------------------------------------- RECEIVED FROM: peer 192.168.30.113 status C,I,R Attributes: attribute-type installed encap-proto 0 encap-spi 256 encap-auth sha1-hmac,ah-sha1-hmac encap-encrypt aes256 public-ip 192.168.109.215 public-port 12347 private-ip 192.168.109.215 private-port 12347 public-ip :: public-port 0 private-ip :: private-port 0 bfd-status down site-id 214215 preference 0 weight 1 version 3 gen-id 0x80000026 carrier default restrict 0 groups [ 0 ] bandwidth 0 qos-group default-group ce1#
您可以在vSmart控制器上檢查此命令,以瞭解哪些路由收到了特定的字首(請參閱「通告到」部分):
vsmart1#
show omp routes 10.1.1.0/24 detail | nomore | 不排除集
--------------------------------------------------- omp route entries for vpn 1 route 10.1.1.0/24 --------------------------------------------------- RECEIVED FROM: peer 192.168.30.216 path-id 68 label 1002 status C,R Attributes: originator 192.168.30.216 type installed tloc 192.168.30.216, biz-internet, ipsec overlay-id 1 site-id 216 origin-proto eBGP origin-metric 0 as-path 65500 ADVERTISED TO: peer 192.168.30.214 Attributes: originator 192.168.30.216 label 1002 path-id 5525 tloc 192.168.30.216, biz-internet, ipsec site-id 216 overlay-id 1 origin-proto eBGP origin-metric 0 as-path 65500 ADVERTISED TO: peer 192.168.30.215 Attributes: originator 192.168.30.216 label 1002 path-id 5287 tloc 192.168.30.216, biz-internet, ipsec site-id 216 overlay-id 1 origin-proto eBGP origin-metric 0 as-path 65500
site-id 也保留為BGP原產地(SoO)擴展社群屬性(您可以在先前的輸出中注意到SoO:0:<site-id>)。用於標識源自站點的路由,以便可以阻止重新通告該字首。為了使該社群正常工作,路由器必須傳送擴展社群。配置cE1將擴展社群傳送到路由器cE2:
router bgp 65401 address-family ipv4 vrf 1 neighbor 192.168.160.215 send-community both
SoO環路預防說明
對於同一站點上的兩台路由器是iBGP鄰居的情況,SD-WAN具有內建的環路預防機制,以防止路由環路從OMP到BGP以及從BGP返回到OMP。為了演示這一點,拓撲稍有更新,並且在運行BGP AS65400(cE1/cE2)的兩台路由器上配置了相同的site-id 214215。在本示例中,10.1.1.0/24字首從遠端站點(cE3)通告到OMP中,並在站點214215(cE1-cE2)的OMP中獲知。
SoO演示的拓撲
為了完成環路預防,BGP擴展社群SoO用於顯示哪個站點發出字首。此群體從OMP重新分發到BGP時,會新增到首碼。
如所 send-community <both|extended> 示,必須在兩台裝置的neighbor語句上配置命令,才能使此功能正常工作。
cEdge1#
show run | sec路由器bgp
router bgp 65400 bgp log-neighbor-changes ! address-family ipv4 vrf 1 redistribute omp neighbor 192.168.160.215 remote-as 65400 neighbor 192.168.160.215 activate neighbor 192.168.160.215 send-community both exit-address-family cEdge2#
show run | sec路由器bgp
router bgp 65400 bgp log-neighbor-changes ! address-family ipv4 vrf 1 neighbor 192.168.160.214 remote-as 65400 neighbor 192.168.160.214 activate neighbor 192.168.160.214 send-community both exit-address-family
可以使用來自廣告或接收站 show bgp vpnv4 unicast vrf 1 <prefix> 點的輸出來檢視擴展社群。
範例:
cEdge1#
show bgp vpnv4 unicast vrf 1 10.1.1.1
BGP routing table entry for 1:10:10.1.1.1/24, version 4 Paths: (1 available, best #1, table 1) Advertised to update-groups: 1 Refresh Epoch 1 Local 192.168.30.215 (via default) from 0.0.0.0 (192.168.109.215) Origin incomplete, metric 1000, localpref 50, valid, sourced, best Extended Community: SoO:0:214215 RT:1:1 rx pathid: 0, tx pathid: 0x0 Updated on Jul 5 2152 23:30:55 UTC
在將字首從OMP通告到BGP(在本例中為cEdge1)的路由器上,RIB中必須僅有OMP路由。
範例:
cEdge1#
show ip route vrf 1 10.1.1.1
Routing Table: 1
Routing entry for 10.1.1.1/32
Known via "omp", distance 251, metric 0, type omp
Redistributing via bgp 65400
Advertised by bgp 65400
Last update from 192.168.30.215 on Sdwan-system-intf, 15:59:54 ago
Routing Descriptor Blocks:
* 192.168.30.215 (default), from 192.168.30.215, 15:59:54 ago, via Sdwan-system-intf
Route metric is 0, traffic share count is 1
但是,可能會發生爭用情況發生在接收通告字首的第二台路由器上,並且導致BGP路由在獲知OMP路由之前被安裝到RIB中。
在cEdge2上,sh bpg vpnv4 unicast vrf 1 <prefix>的輸出顯示以下內容:
- 未通告給任何對等體。
- 擴展社群包括站點ID地214215,該站點與此路由器所在的站點相同。
範例:
cEdge2#
show bgp vpnv4 unicast vrf 1 10.1.1.1
BGP routing table entry for 1:1:10.1.1.1/24, version 32
Paths: (1 available, best #1, table 1)
Not advertised to any peer
Refresh Epoch 1
Local
192.168.160.214 (via vrf 1) from 192.168.160.214 (192.168.54.11)
Origin incomplete, metric 1000, localpref 50, valid, internal, best
Extended Community:
SoO:0:214215
RT:65512:10
rx pathid: 0, tx pathid: 0x0
Updated on Jul 6 2152 17:26:19 UTC
在cEdge2上,的輸出顯 sh ip route vrf <vrf_number> <prefix> 示如下:
- 可以看到「SDWAN關閉」標誌,表明檢測到該事件源自同一站點。
- 路由的管理距離為252(高於OMP,與預期的iBGP AD 200不同)。
範例:
cEdge2#
show ip route vrf 1 10.1.1.1
Routing Table: 1
Routing entry for 10.1.1.0/24
Known via "bgp 65400",
距離252
, metric 1000, type internal
Redistributing via omp
Last update from 192.168.160.214 00:15:13 ago
Routing Descriptor Blocks:
* 192.168.160.214, from 192.168.160.214, 00:15:13 ago
opaque_ptr 0x7F9DD0B86818
SDWAN關閉
Route metric is 1000, traffic share count is 1
AS Hops 0
MPLS label: none
當站點路由器檢測到BGP獲知的路由來自同一站點ID時,不會將該路由通告回OMP。
相關資訊