春风十里不如你 —— Taozi - 反射器 https://xiongan.host/index.php/tag/%E5%8F%8D%E5%B0%84%E5%99%A8/ 【BGP】路由器反射器 https://xiongan.host/index.php/archives/199/ 2023-04-18T20:56:51+08:00 BGP路由反射器各接口和环回口ip地址如上图//R2上新添加一个loopback1 ip add 10.2.2.2 24在R2、R3路由器上测试连通性<R2>ping -c 1 10.123.12.1 PING 10.123.12.1: 56 data bytes, press CTRL_C to break   Reply from 10.123.12.1: bytes=56 Sequence=1 ttl=255 time=220 ms --- 10.123.12.1 ping statistics ---   1 packet(s) transmitted   1 packet(s) received   0.00% packet loss   round-trip min/avg/max = 220/220/220 ms <R2>ping -c 1 10.123.23.3 PING 10.123.23.3: 56 data bytes, press CTRL_C to break   Reply from 10.123.23.3: bytes=56 Sequence=1 ttl=255 time=100 ms --- 10.123.23.3 ping statistics ---   1 packet(s) transmitted   1 packet(s) received   0.00% packet loss   round-trip min/avg/max = 100/100/100 ms <R2>ping -c 1 10.123.24.4 PING 10.123.24.4: 56 data bytes, press CTRL_C to break   Reply from 10.123.24.4: bytes=56 Sequence=1 ttl=255 time=170 ms --- 10.123.24.4 ping statistics ---   1 packet(s) transmitted   1 packet(s) received   0.00% packet loss   round-trip min/avg/max = 170/170/170 ms<R3>ping -c 1 10.123.34.4 PING 10.123.34.4: 56 data bytes, press CTRL_C to break   Reply from 10.123.34.4: bytes=56 Sequence=1 ttl=255 time=40 ms --- 10.123.34.4 ping statistics ---   1 packet(s) transmitted   1 packet(s) received   0.00% packet loss   round-trip min/avg/max = 40/40/40 ms配置ospfR1、R2、R3、R4使用Loopback0接口地址作为Router ID,在各个设备的互联接口、Loopback0接口激活OSPF。[R1-ospf-1-area-0.0.0.0]dis this [V200R003C00] # area 0.0.0.0 network 10.0.1.1 0.0.0.0 network 10.123.12.1 0.0.0.0 # return [R2-ospf-1-area-0.0.0.0]dis this [V200R003C00] # area 0.0.0.0 network 10.0.2.2 0.0.0.0 network 10.123.12.2 0.0.0.0 network 10.123.23.2 0.0.0.0 network 10.123.24.2 0.0.0.0 # return [R3-ospf-1-area-0.0.0.0]dis this [V200R003C00] # area 0.0.0.0 network 10.0.3.3 0.0.0.0 network 10.123.23.3 0.0.0.0 network 10.123.34.3 0.0.0.0 # return [R4-ospf-1-area-0.0.0.0]dis this [V200R003C00] # area 0.0.0.0 network 10.0.4.4 0.0.0.0 network 10.123.24.4 0.0.0.0 network 10.123.34.4 0.0.0.0 # return查看R2、R3上的ospf邻居信息查看R4的OSPF路由表可以看出来已经学到了全网路由配置IBGP对等体bgp 64511在R2、R3上查看IBGP对等体状态AS内的IBGP对等体关系成功建立配置路由反射器[R2]bgp 64511 [R2-bgp]peer 10.123.12.1 reflect-client [R3]bgp 64511 [R3-bgp]peer 10.123.23.2 reflect-client [R4]bgp 64511 [R4-bgp]peer 10.123.34.3 reflect-client在本步骤中,我们将在R2上发布BGP路由10.2.2.0/24,并观察该路由依次经路由反射器R3、R4反射后,被通告回R2从而引发潜在路由环路风险的情况。缺省情况下,R2发布BGP路由后,该路由将被R2直接通告给R4,另一方面也会通过R3反射给R4,此时R4将优选R2直接通告过来的路由,从而不会再将R3反射过来的路由再反射回给R2。为此,我们需要在R2上部署路由策略,使R2不直接向R4通告10.2.2.0/24路由。配置路由策略//在BGP中调用路由策略 [R2]bgp 64511 [R2-bgp]peer 10.123.24.4 route-policy bgp export //在R2上发布路由 [R2]bgp 64511 [R2-bgp] network 10.2.2.0 24在R2、R3上查看BGP路由10.2.2.0/24信息在R4上查看BGP路由10.2.2.0/24的信息//让R4重新发送Update报文 <R2>refresh bgp 10.123.24.4 import查看R2上Update报文收发数量验证Cluster_List实现路由防环验证Cluster_List实现路由防环取消R2上的BGP路由发布[R2]bgp 64511 [R2-bgp] undo network 10.2.2.0 24一次查看R1、R2、R3、R4上BGP路由的10.1.1.0/24的信息R1为BGP路由10.1.1.0/24的始发者,R1将路由通告给了R2(10.0.12.2)来自路由反射器客户端R1的BGP路由10.1.1.0/24,R2将其反射给了R3(10.0.23.3)来自路由反射器客户端R2的BGP路由10.1.1.0/24,R2反射时添加了Cluster_List属性,值为10.0.2.2,R3*将该条路由反射给了R4(10.0.34.4)来自路由反射器客户端R3的BGP路由10.1.1.0/24,R3反射时添加了Cluster_List属性的值,当前值为10.0.3.3,10.0.2.2,R4将该条路由反射给了R2(10.0.24.2)再次查看R2的BGP路由表在R2上查看BGP对等体10.123.24.4的详细信息R2从R4收到了1个Update报文,未向R4发送Update报文(路由策略限制),但是本地BGP路由表中没有R4通告的BGP路由10.1.1.0/24。在R2上触发入方向的软复位,让R4重新发送Update报文<R2>refresh bgp 10.123.24.4 import <R2>display bgp peer 10.123.24.4 verbose | in Update Update-group ID: 1 Update messages 2 Update messages 0接收的Update报文数量增加,R2从R4收到了BGP路由10.1.1.0/24的通告。再次查看R2上BGP路由10.1.1.0 24的明细信息依旧只有来自R1通告的1条BGP路由,R4通告的BGP路由其Cluster_List属性值中包含了R2的Cluster-ID,R2忽略了该路由通告。