1. BGP announcement issue
1. In the BGP protocol, on each device running BGP, announce the local direct route
2. The device running the BGP protocol in the BGP protocol announces the routes learned through IGP and generated by the device not running the BGP protocol;
When the routing entries in the local routing table are announced in the BGP protocol, the local IGP metric values for reaching these targets will be carried; passed to the BGP neighbor; other AS devices can easily select the EBGP neighbor closest to the target;
If a BGP device learns a route through an IBGP neighbor and has a metric value; at the same time, when the local needs to transmit these routes to other local EBGP neighbors, it can only cancel the metric and transmit it as 0; resulting in the route selection reference value being inconsistent. excellent;
Therefore, it is recommended that if a BGP device is required to announce a certain route in an AS, then all devices running the BGP protocol in the AS should announce it ; - it is convenient for BGP devices in other ASs to determine their own EBGP neighbors, which ones are further away from the target. close;
2. BGP automatic summary problem
Contemporary router equipment has the BGP automatic summary function turned off by default;
[r1-bgp]undo summary //Turn on automatic summary
Automatic summary rules have nothing to do with routes shared by normal BGP protocol neighbors, or routing entries generated through network announcement commands in BGP protocol;
Only for routing entries redistributed from IGP to BGP
The announcement in BGP can be understood as re-publishing I GP routes to B GP one by one ;
Republishing I GP to B GP in BGP can be understood as announcing I GP routes to the BGP protocol in batches ;
However, the routing entries generated by the two operations have different origin attributes, and announcement is better than re-publication.
Under the premise that automatic summary is turned on, the incoming route that is republished will not carry the subnet mask and will be entered according to the main class mask; it will not carry the metric value of the local destination, and the metric will be 0; if automatic summarization is turned off, the incoming route will be Normally, the mask is carried and the metric is carried; at this time, only the origin attribute is different from the advertised route; therefore, it is recommended not to enable automatic summarization;
Since it is recommended that all devices running the BGP protocol in an AS advertise the same route, if redistribution is configured, it is also recommended that all devices running the BGP protocol redistribute it.
3. BGP authentication
How to verify identity between neighbors
[r1-bgp]peer 12.1.1.2 password cipher cisco123
//Neighbors need to have the same secret key, and the secret key passed must be encrypted.
4. BGP aggregation (summary)
1. It is not the standard summary idea of BGP, but uses the announcement characteristics of BGP to simplify the summary configuration amount;
(1) Advertisement feature—Routes generated in any way in the local routing table can be announced by BGP;
(2) Instead of announcing detailed routes one by one, only configure an air interface anti-loop route to the aggregate address on the update source BGP device, and then announce it to the BGP protocol;
(3) In actual projects, there must be a large number of EBGP neighbor relationships between ASs; therefore, only aggregation cannot achieve the optimal path, and part of the detailed routes must be transmitted at the same time as the aggregation entries for route selection control ;
[r1]ip route-static 1.1.0.0 14 NULL 0
[r1-bgp]network 1.1.0.0 14 Summary
[r1-bgp]network 1.1.1.0 16 details
After the above summary configuration is completed, if you still need to transmit some detailed routes at the same time, just announce the detailed routes that need to be transmitted one by one;
2. Standard BGP aggregation configuration
1) First declare all detailed routes one by one
2) Then perform aggregation configuration on the updated source route to automatically generate an empty interface anti-loop route.
[r5-bgp]aggregate 100.100.0.0 22
//At this time, the aggregation and all detailed entries are passed
[r5-bgp]aggregate 100.100.0.0 22 detail-suppressed
//Only aggregate entries are passed, all detailed routes are suppressed
If it is necessary to transmit partial detailed routes while transmitting aggregation entries, a path delivery intervention strategy is required;
3. Route delivery interference strategy
(1) Suppression list: First let the device pass all routes out, and then call the suppression policy
[r5]ip ip-prefix a permit 100.100.1.0 24
[r5]route-policy a permit node 10
[r5-route-policy]if-match ip-prefix a
[r5-route-policy]q
[r5]bgp 3
[r5-bgp]aggregate 100.100.0.0 22 suppress-policy a
When called with suppression, the traffic allowed in the table is eventually suppressed for transmission.
Deny 100.100.1.0 24
(2) Route-map uses route-map as a distribution list in BGP
[r5]ip ip-prefix b permit 100.100.1.0 24
[r5]route-policy b deny node 10
[r5-route-policy]if-match ip-prefix b
[r5-route-policy]q
[r5]route-policy b permit node 20
[r5-route-policy]q
[r5]bgp 3
[r5-bgp]peer 4.4.4.4 route-policy b ?
export Specify export policy control level export items
import Specify import policy control level entry
[r5-bgp]peer 4.4.4.4 route-policy b export
(3) Distribution list
[r5]ip ip-prefix c deny 100.100.1.0 24
[r5]ip ip-prefix c permit 0.0.0.0 0 le 32
[r5]bgp 3
[r5-bgp]filter-policy ip-prefix c export (control plane direction)
(4) Prefix list: The prefix list can be directly called as a distribution list in the BGP protocol
[r5]ip ip-prefix d deny 100.100.1.0 24
[r5]ip ip-prefix d permit 0.0.0.0 0 le 32
[r5]bgp 3
[r5-bgp]peer 4.4.4.4 ip-prefix d export
5. Conditionally break the IBGP split horizon
If a device in an AS runs the BGP protocol, it should normally be connected to other ASs and have EBGP neighbor relationships. Due to the split horizon rules of IBGP, when the routes learned from the outside are passed to the local AS, they need to be communicated with the local AS. All devices running the BGP protocol in this AS establish IBGP neighbor relationships one by one;----Two of them are IBGP neighbor relationships, and the number established increases exponentially;
The so-called conditional break refers to the elimination of the IBGP split horizon mechanism on the premise of ensuring no loop; --AS-BY-AY
【1】Route reflector
Role: RR Reflector Client Non-Client
Both clients and non-clients must be IBGP neighbors of the RR; the RR serves as the central point and forms a cluster (group) with multiple clients and non-clients; there is one RR and at least one client in a cluster ;It can also be one RR with multiple clients and multiple non-clients; or one RR with multiple clients and no non-clients;
Reflection rules: Suboptimal routes cannot be transmitted, and naturally they cannot be reflected (non-non-property will not be transmitted)
1. The route learned by the RR from an EBGP neighbor can be transmitted to the client, non-client, and other local EBGP neighbors;
2. The route learned by RR from one client can be passed to other local clients, non-clients, and other EBGP neighbors;
3. The route learned by RR from a non-client can be passed to other local clients and EBGP neighbors; it cannot be passed to other non-clients;
[r3-bgp]peer 2.2.2.2 reflect-client Neighbor 2.2.2.2 becomes the local client, and the local becomes RR.
【2】Federation
Logically divide an AS into multiple small ASs; externally still follow the large AS number transfer rules;
However, the EBGP neighbor relationship between small ASs within the federation can transmit routes like the EBGP relationship, but the attributes are not modified by default;
(1) All operations are performed based on the small AS number;
(2) All devices within the AS need to define their own large AS number
(3) The BGP equipment between small ASs needs to inform the other end of the small AS number.
[r3]bgp 64512
[r3-bgp]router-id 3.3.3.3
[r3-bgp]confederation id 2 declares the local large AS number
[r3-bgp]confederation peer-as 64513 Inform other small AS numbers that are directly connected locally. If there are no direct connections to other small AS numbers,
AS does not need to be configured
[r3-bgp]peer 2.2.2.2 as-number 64512
[r3-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[r3-bgp]peer 4.4.4.4 as-number 64513
[r3-bgp]peer 4.4.4.4 connect-interface LoopBack 0
[r3-bgp]peer 4.4.4.4 ebgp-max-hop
Note: In actual engineering, reflectors and federated technology work together in a network topology;
6. BGP next hop problem in MA network
AR2, 3 ibgp establish neighbor
AR1, 2 bgp neighbor establishment
AR3, 4 bgp neighbor establishment
In the figure, 1, 2, and 3 are in the same MA network segment, but not in the same AS. Normally, when R1 learns the route of R4 from R2, the next hop is automatically displayed as R3 (the best path).
principle:
1) R1/2/3 must use the physical interface of the MA network segment to establish neighbor relationships.
2) ICMP redirection is enabled (enabled by default). When a router forwards a traffic and finds that the local ingress of the traffic and the egress of the routing table are on the same interface, it informs the previous hop device of the local next hop address. ; Help the previous hop device find the best next hop address;
In BGP, only view the BGP routes sent or received by a certain neighbor
[r1]display bgp routing-table peer 10.1.1.2 received-routes
Only view the BGP routes received locally from neighbor 10.1.1.2
[r1]display bgp routing-table peer 10.1.1.2 advertised-routes
View only the BGP routes sent locally to neighbor 10.1.1.2