'네트워크/BGP' 카테고리의 글 목록 (3 Page)

네트워크/BGP

[BGP] eBGP, iBGP 기본 설정

피오라노 2025. 4. 10. 00:56

2025. 4. 10. 00:56

eBGP 구성

루프백 네트워크만 BGP에 포함
각 라우터를 연결하는 구간의 네트워크는(1.1.23.0/24, 1.1.24.0/24) BGP에 포함시키지 않는다. 해당 네트워크를 광고하려면 BGP 네트워크에 포함시키거나 축약 기법을 사용.
1.1.12.0/24 네트워크를 iBGP 라우터들에게 광고하려면 SW2에서 gi1/1 인터페이스를 OSPF에 포함시킨다.

-------------- SW-1 -------------- 
router bgp 1
 bgp router-id 1.1.1.1
 network 1.1.1.1 mask 255.255.255.255
 neighbor 1.1.12.2 remote-as 234

-------------- SW-2 -------------- 
router bgp 234
 bgp router-id 2.2.2.2
 network 2.2.2.2 mask 255.255.255.255
 neighbor 1.1.12.1 remote-as 1

-------------- SW-1 --------------
# sh ip bgp
Network          Next Hop            Metric LocPrf Weight Path
 *>  1.1.1.1/32       0.0.0.0                  0         32768 i
 *>  2.2.2.2/32       1.1.12.2                 0             0 234 i
 *>  3.3.3.3/32       1.1.12.2                               0 234 i
 *>  4.4.4.4/32       1.1.12.2                               0 234 i

# sh ip rou bgp 
B        2.2.2.2 [20/0] via 1.1.12.2, 00:06:14
B        3.3.3.3 [20/0] via 1.1.12.2, 00:03:30
B        4.4.4.4 [20/0] via 1.1.12.2, 00:03:00

-------------- SW-2 --------------
# sh ip bgp
      Network          Next Hop            Metric LocPrf Weight Path
 *>  1.1.1.1/32       1.1.12.1                 0             0 1 i
 *>  2.2.2.2/32       0.0.0.0                  0         32768 i
 r>i 3.3.3.3/32       3.3.3.3                  0    100      0 i
 r>i 4.4.4.4/32       4.4.4.4                  0    100      0 i

# sh ip rou bgp 
 B        1.1.1.1/32 [20/0] via 1.1.12.1, 00:06:14

 -------------- SW-3 --------------
 # sh ip bgp
      Network          Next Hop            Metric LocPrf Weight Path
 *>i 1.1.1.1/32       1.1.12.1                 0    100      0 1 i
 r>i 2.2.2.2/32       2.2.2.2                  0    100      0 i
 *>  3.3.3.3/32       0.0.0.0                  0         32768 i
 r>i 4.4.4.4/32       4.4.4.4                  0    100      0 i

# sh ip rou bgp 
 B        1.1.1.1/32 [200/0] via 1.1.12.1, 00:04:45

 -------------- SW-4 --------------
# sh ip bgp
      Network          Next Hop            Metric LocPrf Weight Path
 *>i 1.1.1.1/32       1.1.12.1                 0    100      0 1 i
 r>i 2.2.2.2/32       2.2.2.2                  0    100      0 i
 r>i 3.3.3.3/32       3.3.3.3                  0    100      0 i
 *>  4.4.4.4/32       0.0.0.0                  0         32768 i
 
# sh ip rou bgp
 B        1.1.1.1/32 [200/0] via 1.1.12.1, 00:04:17

iBGP 구성

동일 AS에 포함된 모든 BGP 라우터를 iBGP로 지정하는 Full Mesh 방식 사용.
내부 BGP가 제대로 동작하려면 각 iBGP 라우터는 AS 내의 다른 모든 iBGP 라우터와 피어링되어야 한다. eBGP와 달리 iBGP 피어링은 직접 연결될 필요가 없다.
iBGP 피어링에는 루프백을 사용하는 경우가 많고, 루프백은 한 경로에 장애가 발생하더라도 IGP가 루프백으로 연결되는 다른 경로를 찾을 수 있기 때문에 유용하다.

-------------- SW-2 -------------- 
router ospf 234
 router-id 2.2.2.2
 passive-interface GigabitEthernet1/1
 network 1.1.12.2 0.0.0.0 area 0
 network 1.1.23.2 0.0.0.0 area 0
 network 2.2.2.2 0.0.0.0 area 0
 
router bgp 234
 bgp router-id 2.2.2.2
 network 2.2.2.2 mask 255.255.255.255
 neighbor 3.3.3.3 remote-as 234
 neighbor 3.3.3.3 update-source Loopback0
 neighbor 4.4.4.4 remote-as 234
 neighbor 4.4.4.4 update-source Loopback0

-------------- SW-3 -------------- 
router ospf 234
 router-id 3.3.3.3
 network 1.1.23.3 0.0.0.0 area 0
 network 1.1.34.3 0.0.0.0 area 0
 network 3.3.3.3 0.0.0.0 area 0
 
 router bgp 234
 bgp router-id 3.3.3.3
 network 3.3.3.3 mask 255.255.255.255
 neighbor 2.2.2.2 remote-as 234
 neighbor 2.2.2.2 update-source Loopback0
 neighbor 4.4.4.4 remote-as 234
 neighbor 4.4.4.4 update-source Loopback0

-------------- SW-4 -------------- 
router ospf 234
 router-id 4.4.4.4
 network 1.1.34.4 0.0.0.0 area 0
 network 4.4.4.4 0.0.0.0 area 0

router bgp 234
 bgp router-id 4.4.4.4
 network 4.4.4.4 mask 255.255.255.255
 neighbor 2.2.2.2 remote-as 234
 neighbor 2.2.2.2 update-source Loopback0
 neighbor 3.3.3.3 remote-as 234
 neighbor 3.3.3.3 update-source Loopback0

-------------- SW-2 -------------- 
O        1.1.34.0/24 [110/2] via 1.1.23.3, 00:07:03, GigabitEthernet1/2
O        3.3.3.3 [110/2] via 1.1.23.3, 00:07:03, GigabitEthernet1/2
O        4.4.4.4 [110/3] via 1.1.23.3, 00:07:03, GigabitEthernet1/2

-------------- SW-3 -------------- 
O        1.1.12.0/24 [110/2] via 1.1.23.2, 00:07:07, GigabitEthernet1/2
O        2.2.2.2 [110/2] via 1.1.23.2, 00:07:07, GigabitEthernet1/2
O        4.4.4.4 [110/2] via 1.1.34.4, 00:07:07, GigabitEthernet1/3

-------------- SW-4 -------------- 
O        1.1.12.0/24 [110/3] via 1.1.34.3, 00:06:58, GigabitEthernet1/3
O        1.1.23.0/24 [110/2] via 1.1.34.3, 00:07:08, GigabitEthernet1/3
O        2.2.2.2 [110/3] via 1.1.34.3, 00:06:58, GigabitEthernet1/3
O        3.3.3.3 [110/2] via 1.1.34.3, 00:07:08, GigabitEthernet1/3

BGP는 광고받은 네트워크의 next hop 주소가 라우팅 가능한 것이어야만 해당 네트워크를 사용할 수 있다.
예) SW2, SW3, SW4에서 AS1에 속한 1.1.1.1/32 네트워크의 next hop은 AS 1과 AS 234를 연결하는 SW1의 인터페이스의 주소인 1.1.12.1이다. 따라서 AS 234에 속한 각 라우터에서 1.1.1.1/32 네트워크와 통신이 되려면 next hop 주소가 포함된 1.1.12.0 네트워크로 라우팅이 가능해야 한다.

BGP에서 next hop 문제를 해결하는 방법

1. DMZ를 IGP에 포함

SW2에서 OSPF 설정 시 gi1/1 인터페이스를 포함시킨다.

router ospf 234
 passive-interface GigabitEthernet1/1 ----- 1
 network 1.1.12.2 0.0.0.0 area 0 ----- 2

SW1이 광고하는 1.1.1.1 네트워크의 next hop 1.1.12.0 네트워크를 AS 234에 소속된 라우터들에게 알리기 위해 OSPF에 포함 시킨다.
AS 1로 전송되는 불필요한 OSPF Hello 패킷을 차단한다.

SW-3#sh ip bgp 1.1.1.1
----- 적용 전
BGP routing table entry for 1.1.1.1/32, version 9
Paths: (1 available, no best path)
  Not advertised to any peer
  Refresh Epoch 1
  1
    1.1.12.1 (inaccessible) from 2.2.2.2 (2.2.2.2)
      Origin IGP, metric 0, localpref 100, valid, internal
----- 적용 후  
Paths: (1 available, best #1, table default)
  Not advertised to any peer
  Refresh Epoch 1
  1
    1.1.12.1 (metric 2) from 2.2.2.2 (2.2.2.2)
      Origin IGP, metric 0, localpref 100, valid, internal, best

2. next-hop-self 옵션 사용

SW2에서 네이버를 설정하면서 next hop IP 주소를 SW3, SW4가 알고 있는 SW2 자신의 주소로 변경한다.

SW-2(config-router)#do sh run | s r b
router bgp 234
 neighbor 3.3.3.3 update-source Loopback0
 neighbor 4.4.4.4 update-source Loopback0

SW-3#sh ip bgp
     Network          Next Hop            Metric LocPrf Weight Path
 *>i 1.1.1.1/32       2.2.2.2                  0    100      0 1 i
 
 SW-3#sh ip bgp 1.1.1.1       
BGP routing table entry for 1.1.1.1/32, version 12
Paths: (1 available, best #1, table default)

    2.2.2.2 (metric 2) from 2.2.2.2 (2.2.2.2)
      Origin IGP, metric 0, localpref 100, valid, internal, best

저작자표시 (새창열림)

'네트워크 > BGP' 카테고리의 다른 글

[BGP] 개요 (0)	2025.04.12
[BGP] BGP 테이블 2 (0)	2025.04.11
[BGP] BGP 테이블 1 (0)	2025.04.11
[BGP] iBGP, eBGP 구성 (0)	2023.06.01
[IOS-XR] eBGP - basic config (0)	2023.05.31

[BGP] iBGP, eBGP 구성

피오라노 2023. 6. 1. 00:24

2023. 6. 1. 00:24

IOS-XR eBGP 구성시 RPL을 만들고, RPL을 eBGP neighbor 구성 아래의 route-policy에 생성한 RPL을 in/out에 추가한다.
그리고 eBGP경로를 import, export 하기 위해 BGP 프로세스 루트 아래와 neighbor 세션에 대해 address-family를 설정해야 한다.

1. NX-OS <--> IOS-XR (iBGP/eBGP)

#################### NXOS-1 ####################
!
route-map redi-conn permit 10
!
interface Ethernet1/1
  no switchport
  ip address 1.1.12.1/24
  ip ospf network point-to-point
  ip router ospf 100 area 0.0.0.0
  no shutdown
!
interface loopback0
  ip address 1.1.1.1/24
!
router ospf 100
  router-id 1.1.1.1
  redistribute direct route-map redi-conn
!         
router bgp 100
  router-id 1.1.1.1
  address-family ipv4 unicast
    redistribute direct route-map redi-conn
  neighbor 2.2.1.1
    remote-as 100
    update-source loopback0
    address-family ipv4 unicast
!
#################### XR-1 ####################
!
interface Loopback0
 ipv4 address 2.2.1.1 255.255.255.0
!
interface GigabitEthernet0/0/0/1
 ipv4 address 1.1.12.2 255.255.255.0
!
interface GigabitEthernet0/0/0/2
 ipv4 address 1.1.23.2 255.255.255.0
!
route-policy PASS
  pass
end-policy
!
router ospf 100
 router-id 2.2.1.1
 redistribute connected
 area 0
  interface GigabitEthernet0/0/0/1
   network point-to-point
  !
 !
!
router bgp 100
 bgp router-id 2.2.1.1
 address-family ipv4 unicast
  network 2.2.1.0/24
 !
 neighbor 1.1.1.1
  remote-as 100
  update-source Loopback0
  address-family ipv4 unicast
  !
 !
 neighbor 1.1.23.3
  remote-as 200
  address-family ipv4 unicast
   route-policy PASS in
   route-policy PASS out
  !
 !
!
end
#################### NXOS-2 ####################
!
interface Ethernet1/2
  no switchport
  ip address 1.1.23.3/24
  no shutdown
!
interface Loopback0
 ip address 3.3.1.1 255.255.255.0
!
router bgp 200
  router-id 3.3.1.1
  address-family ipv4 unicast
    network 3.3.1.0/24
  neighbor 1.1.23.2
    remote-as 100
    address-family ipv4 unicast
!
Colored by Color Scripter

cs



 
 
 
 
 
 
 
 
 
 
 
 

2. IOS <--> IOS-XR (iBGP/eBGP)

 



#################### IOS-1 ####################
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.0
 ip ospf network point-to-point
!
interface GigabitEthernet1/1
 no switchport
 ip address 1.1.12.1 255.255.255.0
 ip ospf network point-to-point
 ip ospf 100 area 0
!
router ospf 100
  router-id 1.1.1.1
  redistribute direct route-map redi-conn
!         
router bgp 100
  router-id 1.1.1.1
  address-family ipv4 unicast
    redistribute direct route-map redi-conn
  neighbor 2.2.1.1
    remote-as 100
    update-source loopback0
    address-family ipv4 unicast
!
#################### XR-1 ####################
!
interface Loopback0
 ipv4 address 2.2.1.1 255.255.255.0
!
interface GigabitEthernet0/0/0/1
 ipv4 address 1.1.12.2 255.255.255.0
!
interface GigabitEthernet0/0/0/2
 ipv4 address 1.1.23.2 255.255.255.0
!
route-policy PASS
  pass
end-policy
!
!
router ospf 100
 router-id 2.2.1.1
 redistribute connected
 address-family ipv4 unicast
 area 0
  interface GigabitEthernet0/0/0/1
   network point-to-point
  !
 !
!
router bgp 100
 bgp router-id 2.2.1.1
 address-family ipv4 unicast
  network 2.2.1.0/24
 !
 neighbor 1.1.1.1
  remote-as 100
  update-source Loopback0
  address-family ipv4 unicast
  !
 !
 neighbor 1.1.23.3
  remote-as 200
  address-family ipv4 unicast
   route-policy PASS in
   route-policy PASS out
  !
 !
!
end
#################### IOS-2 ####################
!
interface Loopback0
 ip address 3.3.1.1 255.255.255.0
!
interface GigabitEthernet1/2
 no switchport
 ip address 1.1.23.3 255.255.255.0
!
router bgp 200
 bgp router-id 3.3.1.1
 bgp log-neighbor-changes
 network 3.3.1.0 mask 255.255.255.0
 neighbor 1.1.23.2 remote-as 100
!
Colored by Color Scripter

cs


 

저작자표시 (새창열림)

'네트워크 > BGP' 카테고리의 다른 글

[BGP] 개요 (0)	2025.04.12
[BGP] BGP 테이블 2 (0)	2025.04.11
[BGP] BGP 테이블 1 (0)	2025.04.11
[BGP] eBGP, iBGP 기본 설정 (0)	2025.04.10
[IOS-XR] eBGP - basic config (0)	2023.05.31

[IOS-XR] eBGP - basic config

피오라노 2023. 5. 31. 22:55

2023. 5. 31. 22:55

RP/0/0/CPU0:R-1#sh run
!
route-policy PASS
  pass
end-policy
!
router bgp 1
 bgp router-id 1.1.1.1
 address-family ipv4 unicast
  redistribute connected
 !
 neighbor 1.1.12.2
  remote-as 2
  address-family ipv4 unicast
   route-policy PASS in
   route-policy PASS out
  !
 !
!
####################################################
 
RP/0/0/CPU0:R-2#sh run
!
route-policy PASS
  pass
end-policy
!
router bgp 2
 bgp router-id 2.2.1.1
 address-family ipv4 unicast
  redistribute connected
 !
 neighbor 1.1.12.1
  remote-as 1
  address-family ipv4 unicast
   route-policy PASS in
   route-policy PASS out
  !
 !
!
####################################################
 
RP/0/0/CPU0:R-1#sh ip rou
Wed May 31 13:35:58.004 UTC
 
Gateway of last resort is not set
 
C    1.1.1.0/24 is directly connected, 00:17:32, Loopback0
L    1.1.1.1/32 is directly connected, 00:17:32, Loopback0
C    1.1.12.0/24 is directly connected, 00:17:32, GigabitEthernet0/0/0/0
L    1.1.12.1/32 is directly connected, 00:17:32, GigabitEthernet0/0/0/0
B    2.2.1.0/24 [20/0] via 1.1.12.2, 00:16:25
RP/0/0/CPU0:R-1#
RP/0/0/CPU0:R-1#
RP/0/0/CPU0:R-1#sh bgp ipv4 uni
Wed May 31 13:36:09.183 UTC
BGP router identifier 1.1.1.1, local AS number 1
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000   RD version: 7
BGP main routing table version 7
BGP NSR Initial initsync version 3 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
 
Status codes: s suppressed, d damped, h history, * valid, > best
              i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network            Next Hop            Metric LocPrf Weight Path
*> 1.1.1.0/24         0.0.0.0                  0         32768 ?
*> 1.1.12.0/24        0.0.0.0                  0         32768 ?
*                     1.1.12.2                 0             0 2 ?
*> 2.2.1.0/24         1.1.12.2                 0             0 2 ?
 
Processed 3 prefixes, 4 paths
RP/0/0/CPU0:R-1#
RP/0/0/CPU0:R-1#
RP/0/0/CPU0:R-1#sh bgp ipv4 uni su
Wed May 31 13:36:11.893 UTC
BGP router identifier 1.1.1.1, local AS number 1
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000   RD version: 7
BGP main routing table version 7
BGP NSR Initial initsync version 3 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
 
BGP is operating in STANDALONE mode.
 
 
Process       RcvTblVer   bRIB/RIB   LabelVer  ImportVer  SendTblVer  StandbyVer
Speaker               7          7          7          7           7           0
 
Neighbor        Spk    AS MsgRcvd MsgSent   TblVer  InQ OutQ  Up/Down  St/PfxRcd
1.1.12.2          0     2      21      21        7    0    0 00:17:39          2
 
RP/0/0/CPU0:R-1#
RP/0/0/CPU0:R-1#
RP/0/0/CPU0:R-1#
RP/0/0/CPU0:R-1#sh ip bgp 1.1.12.2
Wed May 31 13:37:17.668 UTC
BGP routing table entry for 1.1.12.0/24
Versions:
  Process           bRIB/RIB  SendTblVer
  Speaker                  5           5
Last Modified: May 31 13:19:31.932 for 00:17:45
Paths: (2 available, best #1)
  Advertised to peers (in unique update groups):
    1.1.12.2        
  Path #1: Received by speaker 0
  Advertised to peers (in unique update groups):
    1.1.12.2        
  Local
    0.0.0.0 from 0.0.0.0 (1.1.1.1)
      Origin incomplete, metric 0, localpref 100, weight 32768, valid, redistributed, best, group-best
      Received Path ID 0, Local Path ID 0, version 5
  Path #2: Received by speaker 0
  Not advertised to any peer
  2
    1.1.12.2 from 1.1.12.2 (2.2.1.1)
      Origin incomplete, metric 0, localpref 100, valid, external, group-best
      Received Path ID 0, Local Path ID 0, version 0
      Origin-AS validity: not-found
RP/0/0/CPU0:R-1#
RP/0/0/CPU0:R-1#sh ip bgp 2.2.1.1 
Wed May 31 13:37:40.697 UTC
BGP routing table entry for 2.2.1.0/24
Versions:
  Process           bRIB/RIB  SendTblVer
  Speaker                  7           7
Last Modified: May 31 13:19:32.932 for 00:18:07
Paths: (1 available, best #1)
  Not advertised to any peer
  Path #1: Received by speaker 0
  Not advertised to any peer
  2
    1.1.12.2 from 1.1.12.2 (2.2.1.1)
      Origin incomplete, metric 0, localpref 100, valid, external, best, group-best
      Received Path ID 0, Local Path ID 0, version 7
      Origin-AS validity: not-found
RP/0/0/CPU0:R-1#
Colored by Color Scripter

cs

저작자표시 (새창열림)

'네트워크 > BGP' 카테고리의 다른 글

[BGP] 개요 (0)	2025.04.12
[BGP] BGP 테이블 2 (0)	2025.04.11
[BGP] BGP 테이블 1 (0)	2025.04.11
[BGP] eBGP, iBGP 기본 설정 (0)	2025.04.10
[BGP] iBGP, eBGP 구성 (0)	2023.06.01

PREV 이전 1 2 3 NEXT 다음

분노한 단타 브레이커

네트워크/BGP

[BGP] eBGP, iBGP 기본 설정

eBGP 구성

iBGP 구성

BGP에서 next hop 문제를 해결하는 방법

'네트워크 > BGP' 카테고리의 다른 글

[BGP] iBGP, eBGP 구성

'네트워크 > BGP' 카테고리의 다른 글

[IOS-XR] eBGP - basic config

'네트워크 > BGP' 카테고리의 다른 글

+ Recent posts

티스토리툴바