春风十里不如你 —— Taozi - BGP 2023-04-21T18:18:36+08:00 Typecho https://xiongan.host/index.php/feed/atom/tag/BGP/ <![CDATA[【BGP】BGP路由优选]]> https://xiongan.host/index.php/archives/202/ 2023-04-21T18:18:36+08:00 2023-04-21T18:18:36+08:00 admin https://www.xiongan.host BGP路由优选

实验组网

image-20230417105035681

R2、R3、R4各添加Loopback0 接口
10.123.x.x

测试R2、R4的连通性

image-20230417105816250

image-20230417105829529

配置OSPF 64512

//配置R2,激活OSPF
[R2]ospf 1 router-id 10.123.2.2
[R2-ospf-1] area 0.0.0.0
[R2-ospf-1-area-0.0.0.0] network 10.123.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0] network 10.123.23.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0] quit
[R2-ospf-1] quit
//配置R3.激活OSPF
[R3]ospf 1 router-id 10.123.3.3
[R3-ospf-1] area 0.0.0.0
[R3-ospf-1-area-0.0.0.0] network 10.123.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0] network 10.123.23.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0] network 10.123.34.3 0.0.0.0 
[R3-ospf-1-area-0.0.0.0] quit
[R3-ospf-1] quit
//配置R4,激活OSPF
[R4]ospf 1 router-id 10.123.4.4
[R4-ospf-1] area 0.0.0.0
[R4-ospf-1-area-0.0.0.0] network 10.123.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0] network 10.123.34.4 0.0.0.0 
[R4-ospf-1-area-0.0.0.0] quit
[R4-ospf-1] quit

在R3查看ospf的邻居信息

image-20230417110451401

查看OSPF路由表

image-20230417111308299

配置BGP对等体

//配置R1
[R1]bgp 100
[R1-bgp] router-id 10.123.1.1
[R1-bgp] peer 10.123.12.2 as 64512
//配置R2
[R2]bgp 64512
[R2-bgp] router-id 10.123.2.2
[R2-bgp] peer 10.123.3.3 as-number 64512
[R2-bgp] peer 10.123.3.3 connect-interface LoopBack0
[R2-bgp] peer 10.123.3.3 next-hop-local
[R2-bgp] peer 10.123.12.1 as-number 100
//配置R3
[R3]bgp 64512
[R3-bgp] router-id 10.123.3.3
[R3-bgp] peer 10.123.2.2 as-number 64512
[R3-bgp] peer 10.123.2.2 connect-interface LoopBack0
[R3-bgp] peer 10.123.4.4 as-number 64512
[R3-bgp] peer 10.123.4.4 connect-interface LoopBack0
//配置R4
[R4]bgp 64512
[R4-bgp] router-id 10.123.4.4
[R4-bgp] peer 10.123.3.3 as-number 64512
[R4-bgp] peer 10.123.3.3 connect-interface LoopBack0
[R4-bgp] peer 10.123.3.3 next-hop-local
[R4-bgp] peer 10.123.45.5 as-number 200
//配置R5
[R5]bgp 200
[R5-bgp] router-id 10.123.5.5
[R5-bgp] peer 10.123.45.4 as 64512

在R2、R4上检查BGP对等体状态

image-20230417112418938

image-20230417112435610

路由发布到BGP中
//R1
[R1]bgp 100
[R1-bgp] network 172.16.1.0 24
[R1-bgp] network 172.16.2.0 24
[R1-bgp] network 172.16.3.0 24
[R1-bgp] network 172.16.4.0 24
//R5
[R5]bgp 200
[R5-bgp] network 172.16.1.0 24
[R5-bgp] network 172.16.2.0 24
[R5-bgp] network 172.16.3.0 24
[R5-bgp] network 172.16.4.0 24
查看R3的路由表,查看BGP是否学习

image-20230417115946237

修改AS_Path属性

//创建IP前缀列表1,匹配Loopback1接口路由
[R1]ip ip-prefix 1 permit 172.16.1.0 24 greater-equal 24 less-equal 24
//创建Route-Policy hcip,并创建节点10,在其中调用IP前缀列表1,修改AS_Path属性值
[R1]route-policy hcip permit node 10
[R1-route-policy] if-match ip-prefix 1
[R1-route-policy] apply as-path 300 400 additive
[R1-route-policy] quit
[R1]route-policy hcip permit node 20
//对向BGP对等体R2通告的BGP路由应用Route-Policy
[R1]bgp 100
[R1-bgp] peer 10.0.12.2 route-policy hcip export
//在R1上触发出方向的软复位,刷新对外通告的BGP路由
<R1>refresh bgp all export

在R3上查看BGP路由172.16.1.0/24的信息

image-20230417120211488

此时R3优选R4通告的BGP路由172.16.1.0/24,R2通告的未被优选的原因是AS_Path长度。

修改Local_Preference属性

创建IP前缀列表1,匹配BGP路由172.16.2.0/24

[R4]ip ip-prefix 1 permit 172.16.2.0 24 greater-equal 24 less-equal 24

image-20230421115545426

创建Route-Policy hcip,并创建节点10,在其中调用IP前缀列表1,修改Local_Preference属性值

[R4]route-policy hcip permit node 10
[R4-route-policy] if-match ip-prefix 1
[R4-route-policy] apply local-preference 200
[R4-route-policy] quit
[R4]route-policy hcip permit node 20

image-20230421115653744

对向BGP对等体R3通告的BGP路由应用Route-Policy

[R4]bgp 64512
[R4-bgp] peer 10.0.3.3 route-policy hcip export

image-20230421115826726

刷新对外通告BGP路由

<R4>refresh bgp all export

在R3上查看BGP路由172.16.2.0/24的明细信息

image-20230421120133683

此时R3优选R4通告的BGP路由172.16.2.0/24,R2通告的BGP路由其Local_Preference值为100,小于R3通告的BGP路由Local_Preference值200,因此R2通告的BGP路由未被优选。

修改MED属性

在R2上使得R3优选R5发布的BGP路由172.16.3.0/24

//ip前缀列表1 匹配GBP路由172.16.3.0/24
[R2]ip ip-prefix 1 permit 172.16.3.0 24 greater-equal 24 less-equal 24

创建Route-Policy hcip,并创建节点10,在其中调用IP前缀列表1,修改MED属性值

[R2]route-policy hcip permit node 10
[R2-route-policy] if-match ip-prefix 1
[R2-route-policy] apply cost 200
[R2-route-policy] quit
[R2]route-policy hcip permit node 20

对来自BGP对等体R1的BGP路由应用Route-Policy

[R2]bgp 64512
[R2-bgp] peer 10.0.12.1 route-policy hcip import

在R2刷新接收到的BGP路由

<R2>refresh bgp all import

在R3上配置允许来自不同AS的BGP路由的MED值

[R3]bgp 64512
[R3-bgp] compare-different-as-med

在R3上查看BGP路由172.16.3.0/24的明细信息

image-20230421170741680

R2通告的BGP路由172.16.3.0/24其MED值为200,而R4通告BGP路由MED值为0,R3优选MED值较小的BGP路由,因此R2通告的BGP路由未被优选。

修改preferred-value属性

修改R3的路由的pre-value属性的策略,使得R3优选R4通告的BGP路由172.16.4.0/24

创建IP前缀列表1,匹配BGP路由172.16.4.0/24

[R3]ip ip-prefix 1 permit 172.16.4.0 24 greater-equal 24 less-equal 24

创建Route-Policy hcip,并创建节点10,在其中调用IP前缀列表1,修改preferred-value属性值

[R3]route-policy hcip permit node 10
[R3-route-policy] if-match ip-prefix 1
[R3-route-policy] apply preferred-value 300
[R3-route-policy] quit
[R3]route-policy hcip permit node 20

对来自BGP对等体R4的BGP路由应用Route-Policy

[R3]bgp 64512
[R3-bgp] peer 10.123.4.4 route-policy hcip import

R3刷新收到的路由并查看BGP路由172.16.4.0/24的信息

image-20230421171636819

R4通告的BGP路由172.16.3.0/24其preferred-value值为300,而R2通告的preferred-value值为0,R3优选preferred-value值较大的BGP路由,因此R3优选R4通告的BGP路由。

修改Origin属性

在R1、R5上创建Loopback5接口,将接口路由发布到BGP中,验证Origin属性为IGP的BGP路由优于Origin属性为Incomplete的BGP路由。

R1、R5上创建Loopback5,IP地址为172.16.5.1/24

[R1]interface LoopBack 5
[R1-LoopBack5] ip address 172.16.5.1 24
[R1-LoopBack5] quit
[R5]interface LoopBack 5
[R5-LoopBack5] ip address 172.16.5.1 24
[R5-LoopBack5] quit

在R1、R5上将Loopback5接口路由发布到BGP中,通过network方式

[R1]bgp 100
[R1-bgp] network 172.16.5.0 24
[R5]bgp 200
[R5-bgp] network 172.16.5.0 24

在R3上查看BGP路由表

image-20230421172459858

此时R3上优选R2通告(由R1发布)的BGP路由172.16.5.0/24,此时R2、R4通告的BGP路由Origin属性值都为IGP。

在R1上取消将Loopback5接口路由发布到BGP

image-20230421172759346

创建IP前缀列表2,匹配R1 Loopback5接口路由172.16.5.0/24

[R1]ip ip-prefix 2 permit 172.16.5.0 24 greater-equal 24 less-equal 24

image-20230421172900846

创建Route-Policy origin,并创建节点10,在其中调用IP前缀列表2

[R1]route-policy origin permit node 10
[R1-route-policy] if-match ip-prefix 2
[R1-route-policy] quit

image-20230421173121348

R1上修改为使用import-route direct将直连路由发布到BGP,调用Route-Policy origin限制只引入Loopback5接口路由

[R1]bgp 100
[R1-bgp] import-route direct route-policy origin

image-20230421173415965

在R3上查看BGP路由172.16.5.0/24的明细信息

image-20230421173512347

此时R3优选R4通告的BGP路由172.16.5.0/24。

R2通告(R1发布)的BGP路由172.16.5.0/24此时Origin属性值为incomplete(通过import-route方式发布到BGP),由于Origin属性值原因,该条路由未被优选。

验证BGP优选到Nex_Hop的IGP度量值最小的路由

R2、R4之间基于环回口建立IBGP对等体关系,在R2、R3上建立Loopback7接口并将接口路由发布到BGP中,在R4上观察BGP路由优选情况。

R2、R4之间建立IBGP对等体关系

[R2]bgp 64512
[R2-bgp] peer 10.0.4.4 as-number 64512
[R2-bgp] peer 10.0.4.4 connect-interface LoopBack 0

[R4]bgp 64512
[R4-bgp] peer 10.0.2.2 as-number 64512
[R4-bgp] peer 10.0.2.2 connect-interface LoopBack0

检查IBGP对等体关系状态

image-20230421174136728

R2、R4上创建Loopback7接口,并将接口路由发布到BGP

[R2]interface LoopBack 7
[R2-LoopBack7] ip address 172.16.7.1 24
[R2-LoopBack7] quit
[R2]bgp 64512
[R2-bgp] network 172.16.7.0 24

[R3]interface LoopBack 7
[R3-LoopBack7] ip address 172.16.7.1 24
[R3-LoopBack7] quit
[R3]bgp 64512
[R3-bgp] network 172.16.7.0 24

在R4上查看BGP路由172.16.7.0/24的明细信息

image-20230421180929836

R4优选R3发布的BGP路由,其IGP cost为1,小于R2发布的BGP路由IGP cost 2。

R2发布的BGP路由未被优选的原因为IGP cost。

]]>
<![CDATA[【BGP】路由器反射器]]> https://xiongan.host/index.php/archives/199/ 2023-04-18T20:56:51+08:00 2023-04-18T20:56:51+08:00 admin https://www.xiongan.host BGP路由反射器

image-20230410111903473

各接口和环回口ip地址如上图

//R2上新添加一个loopback1
ip add 10.2.2.2 24

在R2、R3路由器上测试连通性

<R2>ping -c 1 10.123.12.1
  PING 10.123.12.1: 56  data bytes, press CTRL_C to break
    Reply from 10.123.12.1: bytes=56 Sequence=1 ttl=255 time=220 ms

  --- 10.123.12.1 ping statistics ---
    1 packet(s) transmitted
    1 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 220/220/220 ms

<R2>ping -c 1 10.123.23.3
  PING 10.123.23.3: 56  data bytes, press CTRL_C to break
    Reply from 10.123.23.3: bytes=56 Sequence=1 ttl=255 time=100 ms

  --- 10.123.23.3 ping statistics ---
    1 packet(s) transmitted
    1 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 100/100/100 ms

<R2>ping -c 1 10.123.24.4
  PING 10.123.24.4: 56  data bytes, press CTRL_C to break
    Reply from 10.123.24.4: bytes=56 Sequence=1 ttl=255 time=170 ms

  --- 10.123.24.4 ping statistics ---
    1 packet(s) transmitted
    1 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 170/170/170 ms
<R3>ping -c 1 10.123.34.4
  PING 10.123.34.4: 56  data bytes, press CTRL_C to break
    Reply from 10.123.34.4: bytes=56 Sequence=1 ttl=255 time=40 ms

  --- 10.123.34.4 ping statistics ---
    1 packet(s) transmitted
    1 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 40/40/40 ms

image-20230410112441013

配置ospf

R1、R2、R3、R4使用Loopback0接口地址作为Router ID,在各个设备的互联接口、Loopback0接口激活OSPF。

[R1-ospf-1-area-0.0.0.0]dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 10.0.1.1 0.0.0.0 
  network 10.123.12.1 0.0.0.0 
#
return
[R2-ospf-1-area-0.0.0.0]dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 10.0.2.2 0.0.0.0 
  network 10.123.12.2 0.0.0.0 
  network 10.123.23.2 0.0.0.0 
  network 10.123.24.2 0.0.0.0 
#
return
[R3-ospf-1-area-0.0.0.0]dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 10.0.3.3 0.0.0.0 
  network 10.123.23.3 0.0.0.0 
  network 10.123.34.3 0.0.0.0 
#
return
[R4-ospf-1-area-0.0.0.0]dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 10.0.4.4 0.0.0.0 
  network 10.123.24.4 0.0.0.0 
  network 10.123.34.4 0.0.0.0 
#
return

查看R2、R3上的ospf邻居信息

image-20230410113725106

image-20230410113757602

查看R4的OSPF路由表

image-20230410113857122

可以看出来已经学到了全网路由

配置IBGP对等体

bgp 64511

image-20230410114443970

image-20230410114500289

image-20230410114516898

image-20230410114531857

在R2、R3上查看IBGP对等体状态

image-20230410114701393

image-20230410114728849

AS内的IBGP对等体关系成功建立

配置路由反射器

[R2]bgp 64511
[R2-bgp]peer 10.123.12.1 reflect-client
[R3]bgp 64511
[R3-bgp]peer 10.123.23.2 reflect-client
[R4]bgp 64511
[R4-bgp]peer 10.123.34.3 reflect-client

在本步骤中,我们将在R2上发布BGP路由10.2.2.0/24,并观察该路由依次经路由反射器R3、R4反射后,被通告回R2从而引发潜在路由环路风险的情况。

缺省情况下,R2发布BGP路由后,该路由将被R2直接通告给R4,另一方面也会通过R3反射给R4,此时R4将优选R2直接通告过来的路由,从而不会再将R3反射过来的路由再反射回给R2。为此,我们需要在R2上部署路由策略,使R2不直接向R4通告10.2.2.0/24路由。

配置路由策略

image-20230410115158256

image-20230410115302144

//在BGP中调用路由策略
[R2]bgp 64511
[R2-bgp]peer 10.123.24.4 route-policy bgp export
//在R2上发布路由
[R2]bgp 64511
[R2-bgp] network 10.2.2.0 24

在R2、R3上查看BGP路由10.2.2.0/24信息

image-20230410115815185

image-20230410115959089

在R4上查看BGP路由10.2.2.0/24的信息

image-20230410120335552

//让R4重新发送Update报文
<R2>refresh bgp 10.123.24.4 import

查看R2上Update报文收发数量

image-20230410120458239

验证Cluster_List实现路由防环

image-20230410120651696

验证Cluster_List实现路由防环

取消R2上的BGP路由发布

[R2]bgp 64511
[R2-bgp] undo network 10.2.2.0 24

一次查看R1、R2、R3、R4上BGP路由的10.1.1.0/24的信息

R1为BGP路由10.1.1.0/24的始发者,R1将路由通告给了R2(10.0.12.2)

image-20230410120651696.png

来自路由反射器客户端R1的BGP路由10.1.1.0/24,R2将其反射给了R3(10.0.23.3)

来自路由反射器客户端R2的BGP路由10.1.1.0/24,R2反射时添加了Cluster_List属性,值为10.0.2.2,R3*将该条路由反射给了R4(10.0.34.4)

来自路由反射器客户端R3的BGP路由10.1.1.0/24,R3反射时添加了Cluster_List属性的值,当前值为10.0.3.3,10.0.2.2,R4将该条路由反射给了R2(10.0.24.2)

再次查看R2的BGP路由表

04182048.png

在R2上查看BGP对等体10.123.24.4的详细信息

04182049.png

R2从R4收到了1个Update报文,未向R4发送Update报文(路由策略限制),但是本地BGP路由表中没有R4通告的BGP路由10.1.1.0/24。

在R2上触发入方向的软复位,让R4重新发送Update报文

<R2>refresh bgp 10.123.24.4 import 
<R2>display bgp peer 10.123.24.4 verbose | in Update
 Update-group ID: 1
 Update messages 2
 Update messages 0

接收的Update报文数量增加,R2从R4收到了BGP路由10.1.1.0/24的通告。

再次查看R2上BGP路由10.1.1.0 24的明细信息

04182052.png

依旧只有来自R1通告的1条BGP路由,R4通告的BGP路由其Cluster_List属性值中包含了R2的Cluster-ID,R2忽略了该路由通告。

]]>
<![CDATA[【BGP】路由器反射器]]> https://xiongan.host/index.php/archives/197/ 2023-04-10T14:12:28+08:00 2023-04-10T14:12:28+08:00 admin https://www.xiongan.host BGP路由反射器

image-20230410111903473

各接口和环回口ip地址如上图

//R2上新添加一个loopback1
ip add 10.2.2.2 24

在R2、R3路由器上测试连通性

<R2>ping -c 1 10.123.12.1
  PING 10.123.12.1: 56  data bytes, press CTRL_C to break
    Reply from 10.123.12.1: bytes=56 Sequence=1 ttl=255 time=220 ms

  --- 10.123.12.1 ping statistics ---
    1 packet(s) transmitted
    1 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 220/220/220 ms

<R2>ping -c 1 10.123.23.3
  PING 10.123.23.3: 56  data bytes, press CTRL_C to break
    Reply from 10.123.23.3: bytes=56 Sequence=1 ttl=255 time=100 ms

  --- 10.123.23.3 ping statistics ---
    1 packet(s) transmitted
    1 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 100/100/100 ms

<R2>ping -c 1 10.123.24.4
  PING 10.123.24.4: 56  data bytes, press CTRL_C to break
    Reply from 10.123.24.4: bytes=56 Sequence=1 ttl=255 time=170 ms

  --- 10.123.24.4 ping statistics ---
    1 packet(s) transmitted
    1 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 170/170/170 ms
<R3>ping -c 1 10.123.34.4
  PING 10.123.34.4: 56  data bytes, press CTRL_C to break
    Reply from 10.123.34.4: bytes=56 Sequence=1 ttl=255 time=40 ms

  --- 10.123.34.4 ping statistics ---
    1 packet(s) transmitted
    1 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 40/40/40 ms

image-20230410112441013

配置ospf

R1、R2、R3、R4使用Loopback0接口地址作为Router ID,在各个设备的互联接口、Loopback0接口激活OSPF。

[R1-ospf-1-area-0.0.0.0]dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 10.0.1.1 0.0.0.0 
  network 10.123.12.1 0.0.0.0 
#
return
[R2-ospf-1-area-0.0.0.0]dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 10.0.2.2 0.0.0.0 
  network 10.123.12.2 0.0.0.0 
  network 10.123.23.2 0.0.0.0 
  network 10.123.24.2 0.0.0.0 
#
return
[R3-ospf-1-area-0.0.0.0]dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 10.0.3.3 0.0.0.0 
  network 10.123.23.3 0.0.0.0 
  network 10.123.34.3 0.0.0.0 
#
return
[R4-ospf-1-area-0.0.0.0]dis this
[V200R003C00]
#
 area 0.0.0.0 
  network 10.0.4.4 0.0.0.0 
  network 10.123.24.4 0.0.0.0 
  network 10.123.34.4 0.0.0.0 
#
return

查看R2、R3上的ospf邻居信息

image-20230410113725106

image-20230410113757602

查看R4的OSPF路由表

image-20230410113857122

可以看出来已经学到了全网路由

配置IBGP对等体

bgp 64511

image-20230410114443970

image-20230410114500289

image-20230410114516898

image-20230410114531857

在R2、R3上查看IBGP对等体状态

image-20230410114701393

image-20230410114728849

AS内的IBGP对等体关系成功建立

配置路由反射器

[R2]bgp 64511
[R2-bgp]peer 10.123.12.1 reflect-client
[R3]bgp 64511
[R3-bgp]peer 10.123.23.2 reflect-client
[R4]bgp 64511
[R4-bgp]peer 10.123.34.3 reflect-client

在本步骤中,我们将在R2上发布BGP路由10.2.2.0/24,并观察该路由依次经路由反射器R3、R4反射后,被通告回R2从而引发潜在路由环路风险的情况。

缺省情况下,R2发布BGP路由后,该路由将被R2直接通告给R4,另一方面也会通过R3反射给R4,此时R4将优选R2直接通告过来的路由,从而不会再将R3反射过来的路由再反射回给R2。为此,我们需要在R2上部署路由策略,使R2不直接向R4通告10.2.2.0/24路由。

配置路由策略

image-20230410115158256

image-20230410115302144

//在BGP中调用路由策略
[R2]bgp 64511
[R2-bgp]peer 10.123.24.4 route-policy bgp export
//在R2上发布路由
[R2]bgp 64511
[R2-bgp] network 10.2.2.0 24

在R2、R3上查看BGP路由10.2.2.0/24信息

image-20230410115815185

image-20230410115959089

在R4上查看BGP路由10.2.2.0/24的信息

image-20230410120335552

//让R4重新发送Update报文
<R2>refresh bgp 10.123.24.4 import

查看R2上Update报文收发数量

image-20230410120458239

验证Cluster_List实现路由防环

取消R2上的BGP路由发布

[R2]bgp 64511
[R2-bgp] undo network 10.2.2.0 24

一次查看R1、R2、R3、R4上BGP路由的10.1.1.0/24的信息

R1为BGP路由10.1.1.0/24的始发者,R1将路由通告给了R2(10.0.12.2)

image-20230410120651696

来自路由反射器客户端R1的BGP路由10.1.1.0/24,R2将其反射给了R3(10.0.23.3)

来自路由反射器客户端R2的BGP路由10.1.1.0/24,R2反射时添加了Cluster_List属性,值为10.0.2.2,R3将该条路由反射给了R4(10.0.34.4)

来自路由反射器客户端R3的BGP路由10.1.1.0/24,R3反射时添加了Cluster_List属性的值,当前值为10.0.3.3,10.0.2.2,R4将该条路由反射给了R2(10.0.24.2)

再次查看R2的BGP路由表

image-20230410135732689

在R2上查看BGP对等体10.123.24.4的详细信息

image-20230410135901236

R2从R4收到了1个Update报文,未向R4发送Update报文(路由策略限制),但是本地BGP路由表中没有R4通告的BGP路由10.1.1.0/24。

在R2上触发入方向的软复位,让R4重新发送Update报文

<R2>refresh bgp 10.123.24.4 import 
<R2>display bgp peer 10.123.24.4 verbose | in Update
Update-group ID: 1
 Update messages 2
 Update messages 0

接收的Update报文数量增加,R2从R4收到了BGP路由10.1.1.0/24的通告。

再次查看R2上BGP路由10.1.1.0 24的明细信息

image-20230410140133692.png

依旧只有来自R1通告的1条BGP路由,R4通告的BGP路由其Cluster_List属性值中包含了R2的Cluster-ID,R2忽略了该路由通告。

]]>