BGP 路径属性
{Back to Index}
Table of Contents
1 概述
| Well-Known Mandatory | Well-Known Discretionay | Optional Transitive | Optional Non-Transitive |
|---|---|---|---|
| Origin | Local-Preference | Community | MED |
| AS-Path | Atomic Aggregate | Aggreator | Originator ID |
| Next Hop | Cluster List | ||
| Weight |
Well-Known Mandatory
BGP 必须都能识别 ,且在更新消息 必须包含
Well-Known Discretionay
BGP 必须都能识别 ,更新消息 可不包含
Optional Transitive
可以不支持 该属性,但即使不支持也应当接受包含该属性的路由并 传递给其他邻居
Optional Non-Transitive
可以不支持 该属性,BGP 可以忽略包含这个属性的更新消息并且 不传递 给其他邻居
2 Weight
| 传播范围 | 取值范围 | 默认值 | 备注 |
|---|---|---|---|
| 本地 | 0-65535 | 32768 | 值越大越优先 |
- 路由器本地始发的路径(network 通告/重发布直连/重发布静态/本地汇总)默认 weight 值为
32768 - 从其他 BGP 邻居学习到的路由,其 weight 值为
0
2.1 选路实验(#1)1
Figure 1: 实验环境(在 R2 上部署策略)
初始配置
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 8.8.8.8 255.255.255.255 exit int e0/0 ip address 10.1.12.1 255.255.255.0 no sh exit router bgp 130 bgp router-id 1.1.1.1 neighbor 10.1.12.2 remote-as 200 network 8.8.8.8 mask 255.255.255.255 exit end ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int e0/0 ip address 10.1.12.2 255.255.255.0 no sh exit int e0/1 ip address 10.1.23.2 255.255.255.0 no sh exit router bgp 200 bgp router-id 2.2.2.2 neighbor 10.1.12.1 remote-as 130 neighbor 10.1.23.3 remote-as 130 exit end ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 8.8.8.8 255.255.255.255 exit int e0/0 ip address 10.1.23.3 255.255.255.0 no sh exit router bgp 130 bgp router-id 3.3.3.3 neighbor 10.1.23.2 remote-as 200 network 8.8.8.8 mask 255.255.255.255 exit end
初始 R2 选路信息
R2#sh ip bgp
BGP table version is 2, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 8.8.8.8/32 10.1.23.3 0 0 130 i
*> 10.1.12.1 0 0 130 i
R2 上执行策略调整 weight
因为 weight 只是本地有效,因此只能在 R2 上部署策略。
ip prefix-list P seq 10 permit 8.8.8.8/32
!
route-map R permit 10
match ip address prefix-list p
set weight 333
exit
route-map R permit 20 ! permit any other
!
router bgp 200
neighbor 10.1.23.3 route-map R in
exit
再次查看选路结果
R2#sh ip bgp
BGP table version is 2, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 8.8.8.8/32 10.1.12.1 0 0 130 i
*> 10.1.23.3 0 333 130 i
3 Local-Preference
| 传播范围 | 默认值 | 备注 |
|---|---|---|
| AS 内 的 iBGP 路由器之间 | 100 | 值越大越优先 |
当一个 AS 收到一个去往同一目的地的,但经过两个 AS 的路由,则根据两条路由的 LP 值来决定选择哪条作为最优路径(优选 LP 值大的路由),即 LP 影响离开 AS 的业务量 。
策略一般做在 AS 边界,告诉 AS 内部从本路由走的 LP 值。
- 只能在 IBGP Peer 之间传递 (除非做了策略否则 LP 值在 AS 内的 IBGP 邻居间传递不会丢失)
- 不能在 EBGP Peer 之间传递,如果在 EBGP Peer 之间收到的路由的路径属性中携带了 LP ,则会触发 Notifacation 报文,造成会话中断(但是可以再 AS 边界路由器上使用 IN 方向的策略)
- BGP 路由器在向其 EBGP 邻居发送路由更新时,不能携带 LP 属性,但是邻居会在本地为这条路由设置一个默认值,也就是
100,然后再传递给自己的 IBGP - 本地 network 通告及重发布的路由,LP 值默认为
100,并能在 AS 内向其他 IBGP 邻居传输,传输过程中除非部署策略,否则值保持不变
3.1 选路实验(#2)
Figure 3: 实验环境
初始配置
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int e0/0 ip address 10.1.12.1 255.255.255.0 no sh exit int e0/1 ip address 10.1.14.1 255.255.255.0 no sh exit router bgp 123 bgp router-id 1.1.1.1 neighbor 10.1.12.2 remote-as 123 neighbor 10.1.14.4 remote-as 400 exit end ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int e0/0 ip address 10.1.12.2 255.255.255.0 no sh exit int e0/1 ip address 10.1.23.2 255.255.255.0 no sh exit ip route 10.1.34.0 255.255.255.0 10.1.23.3 ip route 10.1.14.0 255.255.255.0 10.1.12.1 router bgp 123 bgp router-id 2.2.2.2 neighbor 10.1.12.1 remote-as 123 neighbor 10.1.23.3 remote-as 123 exit end ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int e0/0 ip address 10.1.23.3 255.255.255.0 no sh exit int e0/1 ip address 10.1.34.3 255.255.255.0 no sh exit router bgp 123 bgp router-id 3.3.3.3 neighbor 10.1.23.2 remote-as 123 neighbor 10.1.34.4 remote-as 400 exit end ----------------- R4 ---------------------- en conf t hostname R4 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 8.8.8.8 255.255.255.255 exit int e0/0 ip address 10.1.14.4 255.255.255.0 no sh exit int e0/1 ip address 10.1.34.4 255.255.255.0 no sh exit router bgp 400 bgp router-id 4.4.4.4 neighbor 10.1.14.1 remote-as 123 neighbor 10.1.34.3 remote-as 123 network 8.8.8.8 mask 255.255.255.255 exit end
初始 R2 的选路信息
R2#sh ip bgp
BGP table version is 3, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* i 8.8.8.8/32 10.1.34.4 0 100 0 400 i
*>i 10.1.14.4 0 100 0 400 i
在 R3 上做 lp 策略
ip prefix-list P seq 10 permit 8.8.8.8/32
!
route-map R permit 10
match ip address prefix-list p
set local-preference 200
exit
route-map R permit 20 ! permit any other
!
router bgp 123
neighbor 10.1.23.2 route-map R out
exit
再次查看选路结果
R2#sh ip bgp
BGP table version is 2, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 8.8.8.8/32 10.1.34.4 0 200 0 400 i
* i 10.1.14.4 0 100 0 400 i
4 Next Hop
Figure 4: 路由传递自 EBGP
Figure 5: 路由传递自 IBGP
优选本地起源的路由,本地起源的方式有:network/redistribute/aggregate ,且优先级为:
network > redistribute > aggregate > 学习到的路由
4.1 选路实验(#3, 优选本地产生的路由)
Figure 6: 实验环境
配置清单
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 8.8.8.8 255.255.255.255 exit int e0/0 ip address 10.1.12.1 255.255.255.0 no sh exit router bgp 100 bgp router-id 1.1.1.1 neighbor 10.1.12.2 remote-as 200 network 8.8.8.8 mask 255.255.255.255 exit end ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 8.8.8.8 255.255.255.255 exit int e0/0 ip address 10.1.12.2 255.255.255.0 no sh exit router bgp 200 bgp router-id 2.2.2.2 neighbor 10.1.12.1 remote-as 100 network 8.8.8.8 mask 255.255.255.255 exit end
观察选路信息
R2#sh ip bgp
BGP table version is 2, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 8.8.8.8/32 10.1.12.1 0 0 100 i
*> 0.0.0.0 0 32768 i
5 AS-Path
- 是前往目标网络的路由经过的自制系统号列表,通告该路由的自治系统号位于列表末尾
- 用于确保无环,通告给 EBGP 时会加上自己的 AS 号,通告给 IBGP 时不修改 AS-Path
5.1 选路实验(#4, 优选 as-path 较少的路径)
Figure 7: 实验环境
初始配置清单
----------------- R1 ---------------------- en conf t hostname R1 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 8.8.8.8 255.255.255.255 exit int e0/0 ip address 10.1.12.1 255.255.255.0 no sh exit router bgp 100 bgp router-id 1.1.1.1 neighbor 10.1.12.2 remote-as 200 network 8.8.8.8 mask 255.255.255.255 exit end ----------------- R2 ---------------------- en conf t hostname R2 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int e0/0 ip address 10.1.12.2 255.255.255.0 no sh exit int e0/1 ip address 10.1.23.2 255.255.255.0 no sh exit router bgp 200 bgp router-id 2.2.2.2 neighbor 10.1.12.1 remote-as 100 neighbor 10.1.23.3 remote-as 300 exit end ----------------- R3 ---------------------- en conf t hostname R3 no ip do lo line con 0 exec-timeout 0 0 logging synchronous exit int lo0 ip address 8.8.8.8 255.255.255.255 exit int e0/0 ip address 10.1.23.3 255.255.255.0 no sh exit router bgp 300 bgp router-id 3.3.3.3 neighbor 10.1.23.2 remote-as 200 network 8.8.8.8 mask 255.255.255.255 exit end
最初选路
R2#sh ip bgp
BGP table version is 2, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 8.8.8.8/32 10.1.23.3 0 0 300 i
*> 10.1.12.1 0 0 100 i
R1 上调整 AS-PATH
ip prefix-list P seq 10 permit 8.8.8.8/32 ! route-map R permit 10 match ip address prefix-list p set as-path prepend 100 100 exit route-map R permit 20 ! permit any other ! router bgp 100 neighbor 10.1.12.2 route-map R out exit
再次查看选路结果
R2#sh ip bgp
BGP table version is 3, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 8.8.8.8/32 10.1.23.3 0 0 300 i
* 10.1.12.1 0 0 100 100 100 i
6 Origin
标识路由的起源:
i表示 IGP ,此处 并非 指的是 OSPF/EIGRP 之类的,而是表示 由 BGP(包括eBGP和iBGP) 传递过来的路由 (由 network 通告进入 BGP)
e由 EGP 这种早期的协议重发布而来
?标识 Incomplete ,是从其他渠道学习到的,路由来源的信息不完整,通常是 重发布 的路由
6.1 观察不同 Origin
6.1.1 设备配置
R1
router bgp 100 bgp router-id 1.1.1.1 bgp log-neighbor-changes neighbor 10.1.12.2 remote-as 200
R2
ip prefix-list pfx22 seq 5 permit 22.22.22.22/32 match ip address prefix-list pfx22 route-map rtmap22 permit 10 match ip address prefix-list pfx22 router bgp 200 bgp router-id 2.2.2.2 bgp log-neighbor-changes network 2.2.2.2 mask 255.255.255.255 redistribute connected metric 20 route-map rtmap22 neighbor 10.1.12.1 remote-as 100
6.1.2 结果分析
R1
R1#show ip bgp BGP table version is 3, local router ID is 1.1.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, t secondary path, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 2.2.2.2/32 10.1.12.2 0 0 200 i *> 22.22.22.22/32 10.1.12.2 20 0 200 ?R2
R2#show ip bgp BGP table version is 3, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, t secondary path, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 2.2.2.2/32 0.0.0.0 0 32768 i *> 22.22.22.22/32 0.0.0.0 20 32768 ?
6.2 选路实验 (#5, i>e>?)
Figure 9: \(i > e > ?\)
6.2.1 实验配置
R1
ip prefix-list PRX_SUBNET_192 seq 5 permit 192.168.12.0/24 route-map RTMAP_NETWORK_SUBNET_192 permit 10 match ip address prefix-list PRX_SUBNET_192 set metric 2 router bgp 120 bgp router-id 1.1.1.1 network 192.168.12.0 route-map RTMAP_NETWORK_SUBNET_192 # network 方式通告,Origin 为 i neighbor 10.1.13.3 remote-as 300R2
ip prefix-list subnet192 seq 5 permit 192.168.12.0/24 route-map BGP_REDIS_CONNECTED permit 10 match ip address prefix-list subnet192 router bgp 120 bgp router-id 2.2.2.2 redistribute connected metric 2 route-map BGP_REDIS_CONNECTED # 重发布直连,Origin 为 ? neighbor 10.1.23.3 remote-as 300R3
router bgp 300 bgp router-id 3.3.3.3 neighbor 10.1.13.1 remote-as 120 neighbor 10.1.23.2 remote-as 120
6.2.2 结果分析
R3
R3#show ip bgp summary BGP router identifier 3.3.3.3, local AS number 300 BGP table version is 5, main routing table version 5 1 network entries using 144 bytes of memory 2 path entries using 168 bytes of memory 2/1 BGP path/bestpath attribute entries using 320 bytes of memory 1 BGP AS-PATH entries using 24 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 656 total bytes of memory BGP activity 1/0 prefixes, 3/1 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 10.1.13.1 4 120 16 19 5 0 0 00:10:04 1 10.1.23.2 4 120 24 26 5 0 0 00:17:52 1 # 分别从 R1 和 R2 收到 1 条路由信息 R3#show ip bgp BGP table version is 5, local router ID is 3.3.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, t secondary path, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 192.168.12.0 10.1.13.1 2 0 120 i # R1 传递过来的路由优先级更高 * 10.1.23.2 2 0 120 ?
7 MED
| 传播范围 | 默认值 | 备注 |
|---|---|---|
| AS 间的 eBGP ,仅能传递一个 AS | 0 | 值越小越优先 |
- 度量值越小路径越优
- 用于 向外部邻居告知进入本 AS 的首选路径 ,即当入口有多个时,自治系统可以使用 MED 动态的影响其他 AS 如何选择去往本 AS 的路径
- MED 是在 AS 之间交换,发送给 EBGP 对等体,并可以在 AS 内传播,但 不传递给下一个 AS
- 仅当路径 来自同一个 AS 中的不同 EBGP 邻居 时,路由器才会比较他们的 MED 属性
- 可以这样理解:MED 是为了 向外部告知 进入 本 AS 的路由优先级,而 LP 是 在内部传播 去往 外部 AS 的路由优先级
7.1 实验之 MED 传递
7.1.1 设备配置
R1
router bgp 100 bgp router-id 1.1.1.1 bgp log-neighbor-changes redistribute connected route-map RTMAP_BGP_REDIS neighbor 10.1.12.2 remote-as 230 ! ip prefix-list PFX_LOOPBACK0 seq 5 permit 1.1.1.1/32 ! route-map RTMAP_BGP_REDIS permit 10 match ip address prefix-list PFX_LOOPBACK0 set metric 33R2
router bgp 230 bgp router-id 2.2.2.2 bgp log-neighbor-changes neighbor 10.1.12.1 remote-as 100 neighbor 10.1.23.3 remote-as 230 neighbor 10.1.23.3 next-hop-selfR3
router bgp 230 bgp router-id 3.3.3.3 bgp log-neighbor-changes neighbor 10.1.23.2 remote-as 230 neighbor 10.1.34.4 remote-as 400
R4
router bgp 400 bgp router-id 4.4.4.4 bgp log-neighbor-changes neighbor 10.1.34.3 remote-as 230
7.1.2 结果分析
R1
R1#show ip bgp BGP table version is 5, local router ID is 1.1.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, t secondary path, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 1.1.1.1/32 0.0.0.0 33 32768 ?R2
R2#show ip bgp BGP table version is 2, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, t secondary path, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 1.1.1.1/32 10.1.12.1 33 0 100 ?R3
R3#show ip bgp BGP table version is 2, local router ID is 3.3.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, t secondary path, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *>i 1.1.1.1/32 10.1.23.2 33 100 0 100 ? # IBGP 间可以传递R4
R4#show ip bgp BGP table version is 2, local router ID is 4.4.4.4 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, t secondary path, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 1.1.1.1/32 10.1.34.3 0 230 100 ? # EBGP 间不传递
8 Community
| 传播范围 | 备注 |
|---|---|
| 只对邻居有效 | 须先执行 neighbor x.x.x.x send-community |
该属性的作用可以理解为 打TAG ,对路由进行标记,以简化策略的定义和执行。 即可以将某些路由分配一个特定的 COMMUNITY 属性,之后可以基于 COMMUNITY 值而不是每条路由进行 BGP 属性的设置。
8.1 set community 参数
Figure 13: 实验拓扑
8.1.1 无参
8.1.1.1 设备配置
R1
router bgp 100 bgp router-id 1.1.1.1 bgp log-neighbor-changes redistribute connected metric 3 neighbor 10.1.12.2 remote-as 230 neighbor 10.1.12.2 send-community # 必须手动指定发送 neighbor 10.1.12.2 route-map RTMAP_COMMUNITY_1111 out ! ip bgp-community new-format ! ip prefix-list PFX_LOOPBACK0 seq 5 permit 1.1.1.1/32 ! route-map RTMAP_COMMUNITY_1111 permit 10 match ip address prefix-list PFX_LOOPBACK0 set community 100:1111 ! route-map RTMAP_COMMUNITY_1111 permit 20
R2
router bgp 230 bgp router-id 2.2.2.2 bgp log-neighbor-changes neighbor 10.1.12.1 remote-as 100 neighbor 10.1.23.3 remote-as 230 neighbor 10.1.23.3 send-community neighbor 10.1.24.4 remote-as 400 neighbor 10.1.24.4 send-community
8.1.1.2 实验现象
IBGP 和 EBGP 都能收到 COMMUNITY ,以 R4 为例:
R4#show ip bgp
BGP table version is 6, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 10.1.24.2 0 230 100 ?
*> 10.1.12.0/24 10.1.24.2 0 230 100 ?
R4#show ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 6
Paths: (1 available, best #1, table default)
Not advertised to any peer
Refresh Epoch 4
230 100
10.1.24.2 from 10.1.24.2 (2.2.2.2)
Origin incomplete, localpref 100, valid, external, best
Community: 100:1111
rx pathid: 0, tx pathid: 0x0
R4#show ip bgp 10.1.12.0
BGP routing table entry for 10.1.12.0/24, version 5
Paths: (1 available, best #1, table default)
Not advertised to any peer
Refresh Epoch 4
# 这条路由信息并没有打上标签
230 100
10.1.24.2 from 10.1.24.2 (2.2.2.2)
Origin incomplete, localpref 100, valid, external, best
rx pathid: 0, tx pathid: 0x0
8.1.2 no-adv
收到该 COMMUNITY 的路由器不会将 该路由 通告给任何 BGP peer 。
8.1.2.1 设备配置
在 R1 上修改 route-map 的设置:
route-map RTMAP_COMMUNITY_1111 permit 10
match ip address prefix-list PFX_LOOPBACK0
set community 100:1111 no-advertise
route-map RTMAP_COMMUNITY_1111 permit 20
8.1.2.2 实验现象
在 R2 上观察到:
R2#show ip bgp
BGP table version is 8, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 10.1.12.1 3 0 100 ? # 该路由信息传递过来了
r> 10.1.12.0/24 10.1.12.1 3 0 100 ?
R2#show ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 8
Paths: (1 available, best #1, table default, not advertised to any peer)
Not advertised to any peer
Refresh Epoch 5
100
10.1.12.1 from 10.1.12.1 (1.1.1.1)
Origin incomplete, metric 3, localpref 100, valid, external, best
Community: 100:1111 no-advertise
rx pathid: 0, tx pathid: 0x0
R3 和 R4 上都显示:
R3#show ip bgp
BGP table version is 1, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
t secondary path,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* i 10.1.12.0/24 10.1.12.1 3 100 0 100 ? # 1.1.1.1 的路由没有传递过来
8.1.3 no-export
收到该 COMMUNITY 的路由器不会将 该路由 通告给任何 EBGP peer (联邦 EBGP 仍会传递)。
8.1.3.1 设备配置
在 R1 上修改 route-map 的设置:
route-map RTMAP_COMMUNITY_1111 permit 10 match ip address prefix-list PFX_LOOPBACK0 set community 100:1111 no-export route-map RTMAP_COMMUNITY_1111 permit 20
8.1.3.2 实验现象
R3 上仍然可以收到这条路由,但 R4 收不到了:
R3#show ip bgp 1.1.1.1
BGP routing table entry for 1.1.1.1/32, version 0
Paths: (1 available, no best path)
Not advertised to any peer
Refresh Epoch 5
100
10.1.12.1 (inaccessible) from 10.1.23.2 (2.2.2.2)
Origin incomplete, metric 3, localpref 100, valid, internal
Community: 100:1111 no-export
rx pathid: 0, tx pathid: 0
8.1.4 local-as
只能在本 AS 内部传递,与 no-export 不同的是,不会传递给联邦 EBGP peer 。
- 在没有联邦的 AS 内部,
local-as和no-export作用是一样的,不会传递出大 AS - 在有联邦的 AS 内,
local-as只能在联邦 iBGP 间传递,no-export能在联邦的 iBGP/eBGP 之间传递,但都不会传递出大 AS
8.2 community-list
ip community-list statndard MY_C_LIST permit 1000 ! 匹配 Community 属性为 1000 ! router-map R4-R5-OUT deny 10 match community MY_C_LIST router-map R4-R5-OUT permit 20 ! router bgp 65535 neighbor 192.168.1.1 route-map R4-R5-OUT out !