56-BGP路由属性控制路由选择配置举例
本章节下载: 56-BGP路由属性控制路由选择配置举例 (184.78 KB)
本文档介绍通过使用BGP路由属性控制路由选择的配置举例。
本文档中的配置均是在实验室环境下进行的配置和验证,配置前设备的所有参数均采用出厂时的缺省配置。如果您已经对设备进行了配置,为了保证配置效果,请确认现有配置和以下举例中的配置不冲突。
本文档假设您已了解BGP特性和路由策略特性。
如图1所示,所有设备均运行BGP协议。AS 100和AS 400之间有两条路径可以通信,这两条路径分别经过AS 200和AS 300。现要求通过配置路由策略,实现AS 100内的设备访问AS 400始发的路由时,优先选择从Device D转发。
图1 AS-Path属性控制路由选择配置组网图
· 为了使AS 100内的设备能够根据路由的始发AS号来选择优先转发路径,需要在AS 100的边缘设备上为特定AS始发的路由提高优先级,并将该路由扩散至AS 100内部。在Device C上配置路由策略,将从AS 400始发的路由的本地优先级设置为300。
· 使用AS路径过滤列表来匹配由指定AS始发的路由。
表1 适用产品及版本
产品 |
软件版本 |
S6520X-HI系列 S6520X-EI系列 |
Release 1110P01 |
S6520X-SI系列 S6520-SI系列 S5000-EI系列 MS4600系列 |
Release 1110P01 |
# 配置接口Vlan-interface 12的IP地址。
<DeviceA> system-view
[DeviceA] interface Vlan-interface 12
[DeviceA-Vlan-interface12] ip address 12.12.12.1 24
[DeviceA-Vlan-interface12] quit
# 请参考以上方法配置其它相关接口的IP地址,配置步骤这里省略。
# 在Device A上创建本地AS号为100的BGP实例,指定对等体12.12.12.2和13.13.13.3。
[DeviceA] bgp 100
[DeviceA-bgp-default] router-id 1.1.1.1
[DeviceA-bgp-default] peer 12.12.12.2 as-number 100
[DeviceA-bgp-default] peer 13.13.13.3 as-number 100
[DeviceA-bgp-default] address-family ipv4 unicast
[DeviceA-bgp-default-ipv4] peer 12.12.12.2 enable
[DeviceA-bgp-default-ipv4] peer 13.13.13.3 enable
[DeviceA-bgp-default-ipv4] quit
[DeviceA-bgp-default] quit
# 在Device B上创建本地AS号为100的BGP实例,指定对等体12.12.12.1和24.24.24.4,并引入直连路由。
[DeviceB] bgp 100
[DeviceB-bgp-default] router-id 2.2.2.2
[DeviceB-bgp-default] peer 12.12.12.1 as-number 100
[DeviceB-bgp-default] peer 24.24.24.4 as-number 200
[DeviceB-bgp-default] address-family ipv4 unicast
[DeviceB-bgp-default-ipv4] peer 12.12.12.1 enable
[DeviceB-bgp-default-ipv4] peer 24.24.24.4 enable
[DeviceB-bgp-default-ipv4] import-route direct
[DeviceB-bgp-default-ipv4] quit
[DeviceB-bgp-default] quit
# 在Device C上创建本地AS号为100的BGP实例,指定对等体13.13.13.1和35.35.35.5,并引入直连路由。
[DeviceC] bgp 100
[DeviceC-bgp-default] router-id 3.3.3.3
[DeviceC-bgp-default] peer 13.13.13.1 as-number 100
[DeviceC-bgp-default] peer 35.35.35.5 as-number 300
[DeviceC-bgp-default] address-family ipv4 unicast
[DeviceC-bgp-default-ipv4] peer 13.13.13.1 enable
[DeviceC-bgp-default-ipv4] peer 35.35.35.5 enable
[DeviceC-bgp-default-ipv4] import-route direct
[DeviceC-bgp-default-ipv4] quit
[DeviceC-bgp-default] quit
# 在Device D上创建本地AS号为200的BGP实例,指定对等体24.24.24.2和46.46.46.6,并发布路由4.4.4.4/32。
[DeviceD] bgp 200
[DeviceD-bgp-default] router-id 4.4.4.4
[DeviceD-bgp-default] peer 24.24.24.2 as-number 100
[DeviceD-bgp-default] peer 46.46.46.6 as-number 400
[DeviceD-bgp-default] address-family ipv4 unicast
[DeviceD-bgp-default-ipv4] peer 24.24.24.2 enable
[DeviceD-bgp-default-ipv4] peer 46.46.46.6 enable
[DeviceD-bgp-default-ipv4] network 4.4.4.4 32
[DeviceD-bgp-default-ipv4] quit
[DeviceD-bgp-default] quit
# 在Device E上创建本地AS号为300的BGP实例,指定对等体35.35.35.3和56.56.56.6,并发布路由5.5.5.5/32。
[DeviceE] bgp 300
[DeviceE-bgp-default] router-id 5.5.5.5
[DeviceE-bgp-default] peer 35.35.35.3 as-number 100
[DeviceE-bgp-default] peer 56.56.56.6 as-number 400
[DeviceE-bgp-default] address-family ipv4 unicast
[DeviceE-bgp-default-ipv4] peer 35.35.35.3 enable
[DeviceE-bgp-default-ipv4] peer 56.56.56.6 enable
[DeviceE-bgp-default-ipv4] network 5.5.5.5 32
[DeviceE-bgp-default-ipv4] quit
[DeviceE-bgp-default] quit
# 在Device F上创建本地AS号为400的BGP实例,指定对等体46.46.46.4和56.56.56.5,并发布路由6.6.6.6/32。
[DeviceF] bgp 400
[DeviceF-bgp-default] router-id 6.6.6.6
[DeviceF-bgp-default] peer 46.46.46.4 as-number 200
[DeviceF-bgp-default] peer 56.56.56.5 as-number 300
[DeviceF-bgp-default] address-family ipv4 unicast
[DeviceF-bgp-default-ipv4] peer 46.46.46.4 enable
[DeviceF-bgp-default-ipv4] peer 56.56.56.5 enable
[DeviceF-bgp-default-ipv4] network 6.6.6.6 32
[DeviceF-bgp-default-ipv4] quit
[DeviceF-bgp-default] quit
# 完成以上配置后,在Device A上查看BGP路由表,可以看到Device D、Device E和Device F发布的路由及其AS-Path属性。
[DeviceA] display bgp routing-table ipv4
Total number of routes: 12
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - dampened, h - history
s - suppressed, S - stale, i - internal, e – external
a - additional-path
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 2.2.2.2/32 12.12.12.2 0 100 0 ?
* >i 3.3.3.3/32 13.13.13.3 0 100 0 ?
* >i 4.4.4.4/32 24.24.24.4 0 100 0 200i
* i 35.35.35.5 100 0 300 400
200i
* >i 5.5.5.5/32 35.35.35.5 0 100 0 300i
* i 24.24.24.4 100 0 200 400
300i
* >i 6.6.6.6/32 24.24.24.4 100 0 200 400i
* i 35.35.35.5 100 0 300 400i
* >i 12.12.12.0/24 12.12.12.2 0 100 0 ?
* >i 13.13.13.0/24 13.13.13.3 0 100 0 ?
* >i 24.24.24.0/24 12.12.12.2 0 100 0 ?
* >i 35.35.35.0/24 13.13.13.3 0 100 0 ?
# 在Device C上创建路由策略aspath,将AS-Path以400结尾的路由的本地优先级设置为300。
[DeviceC] ip as-path 1 permit 400$
[DeviceC] route-policy aspath permit node 20
[DeviceC-route-policy-aspath-20] if-match as-path 1
[DeviceC-route-policy-aspath-20] apply local-preference 300
[DeviceC-route-policy-aspath-20] quit
[DeviceC] route-policy aspath permit node 25
# 在Device C上配置对从对等体35.35.35.5接收的路由应用路由策略aspath。
[DeviceC] bgp 100
[DeviceC-bgp-default] address-family ipv4
[DeviceC-bgp-default-ipv4] peer 35.35.35.5 route-policy aspath import
# 在Device A上再次查看BGP路由表,可以看到到达AS 400路由的下一跳发生变化。
[DeviceA] display bgp routing-table ipv4
Total number of routes: 11
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - dampened, h - history
s - suppressed, S - stale, i - internal, e – external
a - additional-path
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 2.2.2.2/32 12.12.12.2 0 100 0 ?
* >i 3.3.3.3/32 13.13.13.3 0 100 0 ?
* >i 4.4.4.4/32 24.24.24.4 0 100 0 200i
* i 35.35.35.5 100 0 300 400
200i
* >i 5.5.5.5/32 35.35.35.5 0 100 0 300i
* i 24.24.24.4 100 0 200 400
300i
* >i 6.6.6.6/32 35.35.35.5 300 0 300 400i
* i 24.24.24.4 100 0 200 400i
* >i 12.12.12.0/24 12.12.12.2 0 100 0 ?
* >i 13.13.13.0/24 13.13.13.3 0 100 0 ?
* >i 24.24.24.0/24 12.12.12.2 0 100 0 ?
* >i 35.35.35.0/24 13.13.13.3 0 100 0 ?
# 从Device A查看到达6.6.6.6的报文所经过的路径,可以看出报文通过Device D转发。
[DeviceA] tracert 6.6.6.6
traceroute to 6.6.6.6 (6.6.6.6), 30 hops at most, 52 bytes each packet, press CT
RL_C to break
1 12.12.12.2 (12.12.12.2) 2.417 ms 1.887 ms 1.773 ms
2 35.35.35.5 (35.35.35.5) 4.057 ms 2.293 ms 2.739 ms
3 6.6.6.6 (6.6.6.6) 5.145 ms 4.205 ms 4.402 ms
· Device A:
#
vlan 12
#
vlan 13
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface Vlan-interface12
ip address 12.12.12.1 255.255.255.0
#
interface Vlan-interface13
ip address 13.13.13.1 255.255.255.0
#
bgp 100
router-id 1.1.1.1
peer 12.12.12.2 as-number 100
peer 13.13.13.3 as-number 100
#
address-family ipv4 unicast
peer 12.12.12.2 enable
peer 13.13.13.3 enable
#
· Device B:
#
vlan 12
#
vlan 24
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
interface Vlan-interface12
ip address 12.12.12.2 255.255.255.0
#
interface Vlan-interface24
ip address 24 24.24.2 255.255.255.0
#
bgp 100
router-id 2.2.2.2
peer 12.12.12.1 as-number 100
peer 24.24.24.4 as-number 200
#
address-family ipv4 unicast
import-route direct
peer 12.12.12.1 enable
peer 24.24.24.4 enable
#
· Device C:
#
vlan 13
#
vlan 35
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
interface Vlan-interface13
ip address 13.13.13.3 255.255.255.0
#
interface Vlan-interface35
ip address 35.35.35.3 255.255.255.0
#
bgp 100
router-id 3.3.3.3
peer 13.13.13.1 as-number 100
peer 35.35.35.5 as-number 300
#
address-family ipv4 unicast
import-route direct
peer 13.13.13.1 enable
peer 35.35.35.5 enable
peer 35.35.35.5 route-policy aspath import
#
route-policy aspath permit node 20
if-match as-path 1
apply local-preference 300
route-policy aspath permit node 25
#
ip as-path 1 permit 400$
#
· Device D:
#
vlan 24
#
vlan 46
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
interface Vlan-interface24
ip address 24.24.24.4 255.255.255.0
#
interface Vlan-interface46
ip address 46.46.46.4 255.255.255.0
#
bgp 200
router-id 4.4.4.4
peer 24.24.24.2 as-number 100
peer 46.46.46.6 as-number 400
#
address-family ipv4 unicast
network 4.4.4.4 255.255.255.255
peer 24.24.24.2 enable
peer 46.46.46.6 enable
#
· Device E:
#
vlan 35
#
vlan 56
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
#
interface Vlan-interface35
ip address 35.35.35.5 255.255.255.0
#
interface Vlan-interface56
ip address 56.56.56.5 255.255.255.0
#
bgp 300
router-id 5.5.5.5
peer 35.35.35.3 as-number 100
peer 56.56.56.6 as-number 400
#
address-family ipv4 unicast
network 5.5.5.5 255.255.255.255
peer 35.35.35.3 enable
peer 56.56.56.6 enable
#
· Device F:
#
vlan 46
#
vlan 56
#
interface LoopBack0
ip address 6.6.6.6 255.255.255.255
#
interface Vlan-interface46
ip address 46.46.46.6 255.255.255.0
#
interface Vlan-interface56
ip address 56.56.56.6 255.255.255.0
#
bgp 400
router-id 6.6.6.6
peer 46.46.46.4 as-number 200
peer 56.56.56.5 as-number 300
#
address-family ipv4 unicast
network 6.6.6.6 255.255.255.255
peer 46.46.46.4 enable
peer 56.56.56.5 enable
#
如图2所示,所有设备均运行BGP协议。Device A与Device B、Device C之间运行EBGP,Device B、Device C之间运行IBGP。由于Device B的Router ID小于Device C的Router ID,所以当AS 100访问AS 200时,流量优先选择从Device B转发。现要求通过配置路由策略,实现AS 100访问AS 200的流量优先选择通过Device C转发。
图2 MED属性控制路由选择配置组网图
为了实现AS 100访问AS 200的流量优先选择通过Device C转发,需要通过路由策略修改Device B发送给Device A的MED值,使其大于缺省MED值0。
表2 适用产品及版本
产品 |
软件版本 |
S6520X-HI系列 S6520X-EI系列 |
Release 1110P01 |
S6520X-SI系列 S6520-SI系列 S5000-EI系列 MS4600系列 |
Release 1110P01 |
# 配置接口Vlan-interface 12的IP地址。
<DeviceA> system-view
[DeviceA] interface Vlan-interface 12
[DeviceA-Vlan-interface12] ip address 12.12.12.1 24
[DeviceA-Vlan-interface12] quit
# 请参考以上方法配置其它相关接口的IP地址,配置步骤这里省略。
# 在Device A上创建本地AS号为100的BGP实例,指定对等体12.12.12.2和13.13.13.3。
[DeviceA] bgp 100
[DeviceA-bgp-default] router-id 1.1.1.1
[DeviceA-bgp-default] peer 12.12.12.2 as-number 200
[DeviceA-bgp-default] peer 13.13.13.3 as-number 200
[DeviceA-bgp-default] address-family ipv4 unicast
[DeviceA-bgp-default-ipv4] peer 12.12.12.2 enable
[DeviceA-bgp-default-ipv4] peer 13.13.13.3 enable
[DeviceA-bgp-default-ipv4] quit
[DeviceA-bgp-default] quit
# 在Device B上创建本地AS号为200的BGP实例,指定对等体12.12.12.1和3.3.3.3。
[DeviceB] bgp 200
[DeviceB-bgp-default] router-id 2.2.2.2
[DeviceB-bgp-default] peer 12.12.12.1 as-number 100
[DeviceB-bgp-default] peer 3.3.3.3 as-number 200
[DeviceB-bgp-default] peer 3.3.3.3 connect-interface LoopBack0
[DeviceB-bgp-default] address-family ipv4 unicast
[DeviceB-bgp-default-ipv4] peer 12.12.12.1 enable
[DeviceB-bgp-default-ipv4] peer 3.3.3.3 enable
[DeviceB-bgp-default-ipv4] network 23.23.23.0 24
[DeviceB-bgp-default-ipv4] quit
[DeviceB-bgp-default] quit
# 在Device B上配置目的地址为3.3.3.3/32的静态路由,以保证对等体3.3.3.3可达。
[DeviceB] ip route-static 3.3.3.3 32 23.23.23.3
# 在Device C上创建本地AS号为200的BGP实例,指定对等体13.13.13.1和2.2.2.2。
[DeviceC] bgp 200
[DeviceC-bgp-default] router-id 3.3.3.3
[DeviceC-bgp-default] peer 13.13.13.1 as-number 100
[DeviceC-bgp-default] peer 2.2.2.2 as-number 200
[DeviceC-bgp-default] peer 2.2.2.2 connect-interface LoopBack0
[DeviceC-bgp-default] address-family ipv4 unicast
[DeviceC-bgp-default-ipv4] peer 13.13.13.1 enable
[DeviceC-bgp-default-ipv4] peer 2.2.2.2 enable
[DeviceC-bgp-default-ipv4] network 23.23.23.0 24
[DeviceC-bgp-default-ipv4] quit
[DeviceC-bgp-default] quit
# 在Device C上配置目的地址为2.2.2.2/32的静态路由,以保证对等体2.2.2.2可达。
[DeviceC] ip route-static 2.2.2.2 32 23.23.23.2
# 完成以上配置后,在Device A上查看BGP路由表,可以看到前往23.23.23.0/24网段的两条有效路由,其中下一跳为12.12.12.2的路由为最优路由,这是由于Device B的Router ID较小。
[DeviceA] display bgp routing-table ipv4
Total number of routes: 2
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - dampened, h - history
s - suppressed, S - stale, i - internal, e – external
a - additional-path
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >e 23.23.23.0/24 12.12.12.2 0 0 200i
* e 13.13.13.3 0 0 200i
# 在Device B上创建路由策略10,将路由开销修改为100。
[DeviceB] route-policy 10 permit node 10
[DeviceB-route-policy-10-10] apply cost 100
[DeviceB-route-policy-10-10] quit
# 在Device B上配置对向对等体12.12.12.1发送的路由应用路由策略10,即修改Device B发送给Device A的MED值为100。
[DeviceB] bgp 200
[DeviceB-bgp-default] address-family ipv4 unicast
[DeviceB-bgp-default-ipv4] peer 12.12.12.1 route-policy 10 export
[DeviceB-bgp-default-ipv4] quit
[DeviceB-bgp-default] quit
# 查看Device A的BGP路由表,可以看到下一跳为12.12.12.2的路由的MED值变为100,下一跳为13.13.13.3的路由成为了最优路由。
[DeviceA] display bgp routing-table ipv4
Total number of routes: 2
BGP local router ID is 1.1.1.1
Status codes: * - valid, > - best, d - dampened, h - history
s - suppressed, S - stale, i - internal, e – external
a - additional-path
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
* >e 23.23.23.0/24 13.13.13.3 0 0 200i
* e 12.12.12.2 100 0 200i
· Device A:
#
vlan 12
#
vlan 13
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface Vlan-interface12
ip address 12.12.12.1 255.255.255.0
#
interface Vlan-interface13
ip address 13.13.13.1 255.255.255.0
#
bgp 100
router-id 1.1.1.1
peer 12.12.12.2 as-number 200
peer 13.13.13.3 as-number 200
#
address-family ipv4 unicast
peer 12.12.12.2 enable
peer 13.13.13.3 enable
#
· Device B:
#
vlan 12
#
vlan 23
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
interface Vlan-interface12
ip address 12.12.12.2 255.255.255.0
#
interface Vlan-interface23
ip address 23.23.23.2 255.255.255.0
#
bgp 200
router-id 2.2.2.2
peer 3.3.3.3 as-number 200
peer 3.3.3.3 connect-interface LoopBack0
peer 12.12.12.1 as-number 100
#
address-family ipv4 unicast
network 23.23.23.0 255.255.255.0
peer 3.3.3.3 enable
peer 12.12.12.1 enable
peer 12.12.12.1 route-policy 10 export
#
route-policy 10 permit node 10
apply cost 100
#
ip route-static 3.3.3.3 32 23.23.23.3
#
· Device C:
#
vlan 13
#
vlan 23
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
interface Vlan-interface13
ip address 13.13.13.3 255.255.255.0
#
interface Vlan-interface23
ip address 23.23.23.3 255.255.255.0
#
bgp 200
router-id 3.3.3.3
peer 2.2.2.2 as-number 200
peer 2.2.2.2 connect-interface LoopBack0
peer 13.13.13.1 as-number 100
#
address-family ipv4 unicast
network 23.23.23.0 255.255.255.0
peer 2.2.2.2 enable
peer 13.13.13.1 enable
#
ip route-static 2.2.2.2 32 23.23.23.2
#
不同款型规格的资料略有差异, 详细信息请向具体销售和400咨询。H3C保留在没有任何通知或提示的情况下对资料内容进行修改的权利!