current position:Home>Overview, BGP as, BGP neighbor, BGP update source, BGP TTL, BGP routing table, BGP synchronization

Overview, BGP as, BGP neighbor, BGP update source, BGP TTL, BGP routing table, BGP synchronization

2022-05-15 07:25:58Shepherd duck man

Series of documents

BGP(Border Gatreway Protcol) Border gateway routing protocol

BGP Basic configuration

BGP Actual combat topology

external BGP Basic configuration

Inside BGP neighbor

EBGP Basic configuration

CCNP Comprehensive experimental topology

summary

In the computer network currently used , A network , Usually a IP Network segment , To connect all networks , And communicate , You need to put these IP Network segments are connected , Let each IP Network segments know other IP Segment information , The whole network communication can be realized . The devices that connect the network to the network are routers , As long as every router in the network knows all IP Segment information , , It can provide data forwarding for the whole network , If a router can't know all IP Segment information , This means that the network connected to this router cannot communicate with other network segments . In order to help the router get the whole network IP Segment information , Therefore, the routing protocol works between routers , Finally, let each router in the network have complete routing information of the whole network , Thus, the whole network can be reached .
And you can see that , Routing protocol transfers routing information between routers , It is the basis of ensuring network communication , If the router protocol passes the wrong routing information , Or no routing information is passed , Will result in the interruption of some network communication , Therefore, after the routing protocol receives the route update from a router , Must be passed unreservedly to other routers , And when a network fails , Other routers must also be informed that the network segment is unreachable , The corresponding router needs to be deleted .

When every router in the whole network needs to have all the routing information , And exactly the same , This state is called convergence state , A network is only in a convergent state , To ensure that the whole network can reach . And the largest Internet used today , It is connected by tens of thousands of routers , If every router has every route information in the Internet , Then it means that each router will have hundreds of thousands or even millions of routing entries , This number is amazing . However, due to the characteristics of routing protocol and the demand of Internet whole network communication , Each router in the Internet must exchange its routing information with other routers , Finally, the of the whole Internet will reach a convergence state . Although this is a firm requirement , But think about it , This is absolutely impossible , Because a super large network with tens of thousands of routers , It is never possible to achieve convergence , Because when a network is disconnected , The first router to know this information needs to inform all other routers , Because information is transmitted one by one , Therefore, the information of a network disconnection should be known by tens of thousands of routers , It's going to take a long time , And maybe when this information hasn't spread all over the network , The previously interrupted network is back to normal , Then at this time , The router that knows first will announce to the network that the network segment is back to normal again , In this way , The changing network in the Internet , It will make all routers keep transmitting routing information , The result is inconsistent routing information in the network , It will also lead to huge routing updates, which will affect the performance of all routers . therefore , In the Internet , Interruption and recovery of a network , There is really no need to notify tens of thousands of routers . And the information of the network , Other routers must be notified , that , Routing information of a router , Since there is no need to notify every router in the network , that , Which routers should it notify ? Or to put it another way , How large is the scope of its route update notification ?

For all these reasons , So we're going to – The route update of each router is limited to a certain range , It's the only way , A network divided into smaller areas , To achieve convergence . So the reality is , Our Internet is divided into a smaller network , And the route update of any router , Be confined to this specific scope , And this particular range , Is what you should know about the network range called autonomous system , namely autonomous system (AS). We designed the routing protocol in the Internet
The update should only be in one AS Internal delivery , But the Internet needs whole network communication , So you have to let everyone AS Can get other AS Only the routing information , therefore , Routing protocols are defined as two distinct types , That is, only in one AS Internally updated routing protocol , be called Interior Gateway Protocol(IGP) , And in AS And AS Updated routing protocol between , be called Border Gateway Protocol (BGP) .

Need more explanation , Divide the Internet into multiple AS, The purpose is not only to limit the update of routing protocol to a specific range , Another important reason is , Divide the Internet into thousands of small networks , Then each small network can define its own routing policy and security policy , And this does not need to interfere with other AS, Also not affected by other AS interfere . For example, several in the network ISP, these ISP You need to make your own strategy for your network , We also need to keep these strategies private and independent of others ISP each other
interfere , So divide AS, Helped them achieve this goal .

Only in one AS Internal delivery of updated IGP Routing protocols include RIP, EIGRP, OSPF, IS-IS, Can be in AS At present, there are only BGP. But one special thing is ,EIGRP Also used. AS Work with the concept of , function EIGRP Your network will also be divided into multiple AS, Although by default ,EIGRP Can't be in AS And AS Update routing information between , however EIGRP It can also be realized AS Route update between . It should be noted that ,EIGRP Conceptual AS And BGP Of AS It has nothing to do with , There is no common operability between them , real AS Refer to BGP Of AS, and EIGRP No matter what kind of AS features , It is always limited to BGP Single AS In .

BGP AS

about BGP Of AS Number assignment , By Internet Assigned Number Authority(IANA) Institutions to unify planning and distribution ,IOS Running in BGP, At present, the most support is 4 Byte length AS number , But that doesn't mean all AS The number can be configured arbitrarily , stay 2009 year 1 Months later ,(IANA) Decide to use 4 bytes AS The scope is 65535-4294967295.

At present , Usually it's still used 2 Byte length AS, That is to say 1-65535, So no 4 Bytes of AS Too much discussion about numbers . because BGP Is used in the Internet , The Internet consists of multiple BGP AS Domain composition , So... Can't appear on the Internet AS Fields with the same number , If a router wants to connect to the Internet and run BGP, Then you must ask IANA Apply for legal AS number . In order to consider that some large enterprises need to use BGP And ISP docking , And not enough AS Is the number used for enterprise users , So will AS The number is divided into public AS And private AS, public AS The range is 1-64511, private AS The scope is 64512-65534: public AS Only for the Internet , And the only one in the world , Do not repeat , And private AS You can't get legal AS Enterprise network usage , Can be repeated . Obviously , Because it's private AS It can be reused by multiple enterprise networks , So these private AS Do not allow incoming Internet ,ISP On the edge of enterprise users , You need to filter out those with private AS Routing entry for number .

BGP neighbor

If you are in your own PC From some FTP Server downloads files , So your PC As long as you and FTP The server is unobstructed , That is to say, your PC as long as ping To get through FTP Just the server , No matter how far away , Because it's impossible to start from FTP Download files from the server PC Are directly connected with it :PC from FTP When the server downloads files , It uses TCP transmission , When packet loss occurs in the middle of the data , Discarded packets can be retransmitted , So as to ensure that the downloaded files are complete . because BGP Running throughout the Internet , Transmitting a huge amount of routing information , So we need to let BGP Routing delivery between routers has high reliability and accuracy , therefore BGP The data transmission between routers uses TCP agreement , The port number is 179, And it means that the session target port number is 179, The target port number of the session is 179, The session source port number is random .

It is because BGP Used TCP Protocol delivery , So two are running BGP As long as your router communicates normally , That is, as long as ping To get through , Regardless of the distance between routers , Can form BGP neighbor , So as to exchange routing information .

A configuration BGP The router of the process can only be called BGP-Speaker, When and others run BGP After your router forms a neighbor , This is called BGP-Peer. If multiple routers in a network are running OSPF after , Then these routers will actively discover in the corresponding network segment OSPF neighbor , And take the initiative to form OSPF neighbor . And a router runs BGP I don't take the initiative to find and find other BGP neighbor ,BGP Your neighbors must be specified manually .

BGP Like other routing protocols , What is passed is the network layer protocol , Such as IP agreement , besides ,BGP It can also pass in addition to IP Other network layer protocols other than the protocol , The protocol that can be passed is as follows :

IP Version 4 (IPv4)
IP Version 6 (IPv6)
Virtual Private Netwoks version 4 (VPNv4)
Connectiononless Network Service (CLNS)
Layer 2 VPN(L2VPN)

These agreements are called address family, When the configuration , Need to enter the corresponding agreement address family Pattern , and IPv4 With the exception of . All commands are in address family Independent configuration in , Independent entry into force , And all have independent databases . natural BGP The configuration mode is called NLRI Configure... In mode , stay NLRI The parameters configured in the mode are only for IPv4 Unicast takes effect .

IOS Support four AFI Pattern , by IPv4,IPv6,CLNS,VPNv4, also IPv4 and IPv6 There are unicast and multicast .

Cisco router runs BGP by version4, A router can only run one BGP process , And the whole router can only belong to one AS, But a router can carry multiple address Family, One supports multiple address family Of BGP Can communicate with an unsupported , But this is limited to IPv4.

a BGP The router runs on a single AS Inside , With other BGP When the router establishes a neighbor , If the other router belongs to the same as itself AS, Then the neighbor relationship is Internal BGP(iBGP), If it belongs to different AS, Then the neighbor relationship is external BGP (eBGP).BGP requirement eBGP Neighbors must be connected directly , and iBGP Neighbors can be at any distance , But these can be changed .

stay BGP After forming a neighbor , All routing information will be exchanged at the beginning , But then incremental updates are used , That is, it is updated only when the route changes , And only update the changed routes .

BGP After the establishment of neighbors , At first , Will send similar messages to each other hello Packet data to maintain neighbors , This packet is called Keepalive, They think their neighbors are lost , Then disconnect from the neighbor .

BGP Establish neighbors between , It needs to go through the following processes :

Idle——BGP The process is started or reset , This state is waiting to start , For example, it is equal to specifying a BGPpeer, When I received TCP After the connection request , Then initialize another event , Be a router or peer Reset , Will go back to idle state .
Connect—— Yes detected peer Try to build TCP Connect .
Active—— Try to talk to each other peer establish TCP Connect , If there is a fault , Then go back to idle state .
OpenSent——TCP Connection established ,BGP Sent a 0PEN Message to the other party peer, And then switch to OpenSent state , If you fail , Then switch to Active state .
OpenReceive—— Received from the other side peer Of OPEN news , And wait for keepalive news , If you receive keepalive, Go to Establ ished state , If you receive notification, Then go back to idle state , Such as errors or configuration changes , Will send notification And back to idle state .
Established—— From the opposite end peer Receiver keepalive, And start exchanging data , received keepalive after ,holdtimer Will be reset , If you receive notification, Just go back to idle state .

BGP Update source

BGP Can't take the initiative to find neighbors in the network , You have to specify... By hand BGP Neighbor's address , that BGP Will send the packet to the specified address to request the establishment of neighbors , meanwhile ,BGP In addition to stating the target IP Address outside , And write your own IP Address , namely BGP source address . When the router generates traffic and sends it from the interface , Which interface is the traffic sent from , So the source of these packets IP The address is the address of which interface . So when BGP When sending packets to find neighbors , These packets are sent from those interfaces , that BGP Source IP The address is the address of which interface . Two, please BGP The router should establish neighbors normally , Both routers must designate neighbors to each other , Send packets to each other . When one BGP After the router receives the request to establish a neighbor , If the target of the packet is found IP It's not your own BGP source address , Then reject the connection request , Only when the target of the request packet is related to its own BGP When the source address is the same , To establish BGP neighbor . It should be noted that , This condition is only between two neighbors , Any neighbor can meet the conditions , It doesn't need to be satisfied by both sides , That is to say, the packet received by one party is the target IP With your own BGP The source address is the same , Packet destination received by the other party IP With its BGP It doesn't matter if the source address is different , As long as the conditions are met unilaterally , But we usually BGP The source and target at both ends are consistent .BGP The source address of can be changed at will , But it can only be the interface address on the router .

Here's the picture
 Insert picture description here
In the diagram above ,R1 And R2 There are two links between , When configuring BGP Neighbor time , If R1 Specify the neighbor address as 12. 1.1.2, R2 Specify the neighbor address as 12. 1.1.1, So in the process of building neighbors ,R1 Transfer request packets from the interface F0/0 issue , The target of the packet IP by 12. 1. 1.2, BGP The source address is F0/0 Interface address of 12. 1.1.1, When R2 Transfer request packets from the interface F0/0 When sent out , The target of the packet IP by 12.1. 1.1, BGP The source address is F0/0 Interface address of 12. 1.1.2, because R1 The destination of the sent packet IP12. 1.1.2 And R2 Of BGP source address 12. 1. 1.2 Exactly the same , So finally, it can be established normally BGP neighbor .R1 When checking the address ,R2 The goal of IP And R1 The source of is exactly the same , Usually we make sure that both sides agree .

When R1 And R2 Direct interface between F0/0 After interruption , If both parties send packets from S0/0 issue , that R1 Your source address is 10. 1. 1.1, R2 Your source address is 20. 1.1.2, From this we can see that , The target of the packet sent by both parties IP Are inconsistent with each other's source address , So it's impossible to create BGP neighbor . Although in the above network environment , Both routers have multiple links , Between interrupting a link , Can still communicate , But that doesn't guarantee BGP Permanent connection of neighbors . In order to make a network with multiple links BGP neighbor . Always stay connected , Considering the of the router loopback When the equipment works normally , There will be no interruption like the physical interface , So it is recommended that BGP Use... Between neighbors loopback Interface address TCP Connect , When specifying neighbors , No longer specify the neighbor's address as the other party's physical interface address , Instead, specify the other party's loopback Address , such - Come on , Since the physical interface is interrupted , As long as there is a smooth link , that BGP Neighbors can still stay connected . Will be BGP The neighbor address is designated as the other party loopback Address time , In order to make the target of the packet IP With each other BGP Same source address , So neighbors should also BGP Change the source address to your own loopback Address of the interface , So that both parties can establish BGP Connect .

In the diagram above , When R1 Specify the neighbor address as 2.2.2.2,BGP The source address is 1.1.1.1, and R2 Specify the neighbor address as 1.1.1.1, BGP The source address is 2.2.2.2, such - Come on , The goals of both sides IP All with each other's BGP Same source address , So you can build neighbors normally , And in both links , Any link is broken , It doesn't affect the conversation of neighbors ,BGP Your connection remains intact , The redundancy and stability of the connection are realized .

BGP TTL

BGP The route may be from a AS To another AS, To cross multiple AS. But because of running BGP Your network will be - A big network , Route from one AS Be sent out , Maybe after forwarding , Back to the original AS In , Finally, a routing loop is formed , Therefore, for the purpose of preventing loop ,BGP Sending routes to other AS when , That is to send eBGP Neighbor time , You need to write your own... In the route AS number , next AS After receiving the route , Send to others AS when , Except to keep the previous AS Outside the number , Also add your own AS number , This is written in the route AS go by the name of AS -path, If BGP Received route AS_ PATH Contains your own AS number , I think the route has been sent back , It is concluded that there is a routing loop , Finally, the received route will be discarded .BGP Only when routing to eBGP when , Will be in AS- path Add your own AS number , And send it to iBGP when , Will not add AS Number , because iBGP Neighbors are in the same AS in , Even if you want to add ,AS The numbers are all the same , So there's no need .
 Insert picture description here
In the diagram above , When the route passes through each AS when , All to eBGP The routing of neighbors , Will be in AS-path Add your own AS, Their own AS Always add to AS-path Foremost . For example, a route from AS10 Sent to AS 20, be AS-path by “10”, When AS 20 Route to AS 30 when , Add your own AS number 20 after ,AS- path become “20, 10”, When AS 30 Route to AS 50 when , Final AS 50 Received route AS-path by “30, 20, 10”. When AS 30 Route to AS 40, AS 40 Then send the route to AS 10 when , The routing AS- path by “40, 30,20, 10”, because AS 10 After receiving the route , Find out AS- path Contains your own AS number 10, So I think there is a loop , All received routes are discarded .

stay IGP Agreement , We divide routing protocols into two categories : Distance vector routing protocol and link state routing protocol , and BGP It is divided into path vector routing protocol (path-vector routing) , The path vector algorithm combines the characteristics of distance vector and AS- path Anti ring characteristics .

because BGP Send the route to eBGP Neighbor time , I will take my own AS Add number to AS- path in , So you can use this to prevent the loop , While sending the route to iBGP when , Is not going to AS -path add to AS Number , So in iBGP When routing between , There is no mechanism to prevent loops . Consider as iBGP The anti ring mechanism is also added to the routing transmission between , So force will BGP Route on AS There's only one jump inside , The specific operation is : a BGP Router from eBGP Neighbors receive routing , issue iBGP After neighbors ,iBGP When the neighbor receives it, he can't send it to any other iBGP neighbor , Only to eBGP neighbor . This rule is called by most people BGP The horizontal division of , It's just one BGP Router from iBGP Routes received by neighbors , Cannot be passed on to others iBGP neighbor , Only to eBGP neighbor . Here's the picture :
 Insert picture description here

In the diagram above , When R1 from eBGP neighbor R6 After receiving the route there , Can be sent to any iBGP neighbor , Include R3 and R4, When R3 from iBGP neighbor R1 After receiving the route there , Can't forward to anyone iBGP neighbor , Can only be forwarded to eBGP neighbor , therefore R3 from R1 After receiving the route , Can only be forwarded to eBGP neighbor R5. because R3 and R4 from R1 After receiving the route , Can't forward to iBGP neighbor R2, In the above environment , most
Eventually result in R2 Unable to receive any routes , Must let R2 Received route , It is suggested that R1 And R2 Build another line between .BGP conversation , So this way , In the same AS in , To pass the route to the whole network , It needs to be in iBGP Configure full interconnection between neighbors , Final AS 20 The neighbor relationship within the is shown in the figure below :
 Insert picture description here
stay AS Inside , In addition to establishing fully interconnected iBGP Outside the neighborhood , You can also use BGP Reflector (BGP Reflector ) and BGP Confederation(BGP The federal ) To realize the whole network transmission of routing , It will be introduced later .

BGP Routing table

When routers are established BGP After neighbors , You can exchange with each other BGP route . One is running BGP Protocol router , Will BGP The obtained route is stored separately from the ordinary route , therefore BGP The router will have two routers at the same time , One is a routing table for storing ordinary routes , go by the name of IGP Routing table , At ordinary times, we use commands show ip route See the routing table ,IGP The routing information of the routing table can only be from IGP Protocol and manual configuration , And can only be passed to IGP agreement : The other one is running BGP The routing table created later , be called BGP Routing table , By order showipbgp To see ,BGP The routing information of the routing table can only be passed to BGP agreement , If two BGP Neighbor's BGP The routing table is empty , There will be no routing . In the initial state ,BGP The routing table is empty , There are no routes , Must let BGP Pass the corresponding
route , You can only import this route into BGP Routing table , Only after that can we be in BGP Between neighbors . By default , No route will be entered automatically BGP Routing table ,BGP There are many ways to obtain the route of the routing table , It can be downloaded from BGP Neighbors get , You can also manually IGP Route import BGP Routing table , Other routes can also be redistributed into BGP, as long as BGP The route is not learned from neighbors, but imported manually , Then such a route is called BGP Local routing .

because BGP There are two types of neighbors : eBGP and iBGP, therefore BGP The routing AD Values are also distinguished , If BGP Your route is from eBGP Learned ,AD The value is 20, You can find , from eBGP Routes learned by neighbors , Will be superior to any IGP agreement : from iBGP Learned routing AD The value is 200, It can also be found that , This type of route has a lower priority than any other route IGP agreement .BGP In addition to the above two AD Beyond value , If BGP
Routes are imported manually from the local , namely BGP Local routing , be BGP Locally routed AD The value is 200, And iBGP The routing AD Same value , Priority is lower than any IGP agreement .

If one of the same routes from eBGP and iBGP And local routing , So which route will be selected as the best path ? The routing AD Different values - It will certainly affect the path selection , because BGP Not at the beginning , By comparison AD Value to select the optimal path .

BGP Sync

BGP The communication and communication between neighbors run in TCP On the basis of , Between two nodes , As long as the network is connected , Can establish TCP establish , Network connectivity , It could be anything IGP Routing protocol , Even static routing , All in all , As long as the network is connected ,.TCP The connection will be established . Just connect the two routers , Guarantee TCP Be able to connect normally , Can guarantee BCP Communication for . stay - One AS in , In addition to the need to establish BGP Outside the connection , You also need to run FGP agreement , In which operation BGP The purpose of is to transfer huge routing tables or routing information in large networks , And running IGP The purpose of the agreement can be imagined , Not to deliver huge routing information , stay AS Run in IGP The fundamental purpose of is to make BGP Routers can be established TCP Connect , Thus for BGP Our communication service . So we can see that ,BGP like A truck carrying goods ,BGP The route is the goods to be transported by the truck , and IGP The agreement is to pave the way between stations , without IGP To connect the roads , that BGP You can't transport goods between stations .

because BGP When building neighbors ,BGP The source address of can be any address , These addresses can not be directly connected , As long as it can communicate , Can build TCP Connect to . When BGP When sending traffic to neighbors , Just send the traffic to the opposite address of the neighbor , Because the neighbor's address is not necessarily directly connected , So find the path to your neighbor's address , You may need to query IGP Routing table , because IGP by BGP The communication and connection of provide guarantee . thus it can be seen ,BGP To send data to neighbors ,BGP When querying the path to the neighbor , Recursive query is adopted ,BGP In the process of querying the neighbors , You may have to query many times IGP Routing table , As long as IGP The corresponding path to the neighbor address or the corresponding next address is found in the routing table - jump , Then the data will be sent to the next hop . Insert picture description here
In the network above ,R1 And R4 establish eBGP Connect ,R3 And R5 establish eBGP Connect , and R1 And R3 establish iBGP Connect . stay R1 And R3 establish iBGP When the connection ,R1 By destination address 3.3.3.3 Find a neighbor R3, R1 Of BGP The source address is 1.1.1.1, and R3 Also through the target address 1. 1. 1.1 Find a neighbor R1,R3 Of BGP The source address is 3.3.3.3, In order to make 1.1. 1.1 and 3.3. 3.3 Can communicate normally , So as to establish TCP Connect ,R1、R2、R3 In between IGP agreement 0SPF, OSPF The purpose of is only to make 1.1.1.1 Can and 3.3.3.3 signal communication , Does not convey AS Huge routing information in .

When AS 10 Medium R4 Net segment 10. 1.1.0/24 Inform to AS 20 Medium R1 after , because R1 And R3 Between iBGP neighbor , therefore R1 Routing 10.1.1.0/24 Pass to R3, Final R3 Routing 10.1.1.0/24 Pass to AS30 Medium R5. When R5 Set the destination to 10.1.1.0/24 Traffic sent to R3 when ,R3 After querying the routing table, we know , Go to 10.1. 1. 0/24 Data packets sent to iBGP neighbor 1.1.1.1 To reach , therefore R3 Then execute recursive query , Inquire how to go to 1.1.1.1, It is because R1 And R3 The communication between them depends on OSPF Provided , therefore R3 Learn to go to 1.1.1.1 The data package must be handed over to R2, That is, bite to the next jump 23.1.1.2, because R2 Just run OSPF by BGP service , therefore R2 No, BGP The routing
10. 1.1.0/24, When R2 The destination address of the discovery packet is 10. 1. 1. 0/24 after , Only all packets can be discarded , This is similar to routing black holes .

As can be seen from the above , When BGP from iBGP When the route is received , Because neighbors may span multiple IGP Router , therefore BGP When sending a packet to its destination , Usually it will be sent to one that only runs IGP The router , And just run IGP Your router does not BGP The routing , This eventually leads to packet loss , Cause a routing black hole . We should put an end to such problems , In fact, the answer is very clear , Is to make AS Only run IGP Your router also has BGP Just use the routing table . For the above reasons , stay BGP Routing delivery , There is one rule : When BGP To iBGP Before the routing information learned by neighbors is transmitted to other neighbors ( This neighbor is usually eBGP neighbor ), These routes must be in IGP You can also learn from the routing table , Otherwise, this route is considered invalid and cannot be sent to other neighbors .

This rule is called iBGP And IGP Route synchronization .

In the above environment , stay R3 Will be taken from iBGP neighbor R1 The learned route is passed to eBGP neighbor R5 Before , You must make sure this route is in your own IGP There are also... In the routing table , Otherwise, the route will not be used . To view the route in IGP Whether there is... In the routing table , Use command show ip route that will do .

Be careful , Only from the iBGP Routes learned by neighbors , Just accept iBGP And IGP Limitations of routing synchronization rules , If the route is from eBGP Neighbors learned , Is not subject to this rule , And this rule can be opened or closed manually .

BGP Synchronization is on by default , stay IOS 12.2(8)T And later versions are closed by default .

copyright notice
author[Shepherd duck man],Please bring the original link to reprint, thank you.
https://en.chowdera.com/2022/131/202205102142507063.html

Random recommended