β

使用quagga配置BGP

GNUer's blog 1147 阅读

BGP相对OSPF来说在骨干网络上使用的比较多,是目前域间路由协议的事实标准。通常在服务器上直接使用BGP的场景不多(内部网络大家都倾向使用OSPF这类IGP)。
其实BGP的配置也很简单,从以下的拓扑来看4个机器的BGP配置

各路由配置文件

R1 配置

!
log file /var/log/quagga/zebra.log
log file /var/log/quagga/bgpd.log
!
password bgp
!
interface eth0
 ipv6 nd suppress-ra
 link-detect
!
interface eth1
 ipv6 nd suppress-ra
 no link-detect
!
interface lo
 no link-detect
!
interface tunl0
 ipv6 nd suppress-ra
 no link-detect
!
router bgp 65000
 bgp router-id 10.1.0.5
 redistribute connected metric 121
 neighbor 10.1.0.4 remote-as 65000
 neighbor 10.1.0.4 password DOCKER
 neighbor 10.1.0.4 next-hop-self
 distance bgp 250 200 150
 exit
!
access-list all permit any
!
ip forwarding
ipv6 forwarding
!
line vty
!
end

R2 配置

log file /var/log/quagga/zebra.log
log file /var/log/quagga/bgpd.log
!
password bgp
!
interface eth0
 ipv6 nd suppress-ra
 link-detect
!
interface eth1
 ipv6 nd suppress-ra
 no link-detect
!
interface lo
 no link-detect
!
interface tunl0
 ipv6 nd suppress-ra
 no link-detect
!
router bgp 65000
 bgp router-id 10.1.0.3
 redistribute connected metric 121
 neighbor 10.1.0.4 remote-as 65000
 neighbor 10.1.0.4 password DOCKER
 neighbor 10.1.0.4 next-hop-self
 distance bgp 250 200 150
 exit
!
access-list all permit any
!
ip forwarding
ipv6 forwarding
!
line vty
!
end

R3 配置

log file /var/log/quagga/zebra.log
log file /var/log/quagga/bgpd.log
!
password bgp
!
interface eth0
 ipv6 nd suppress-ra
 link-detect
!
interface eth1
 ipv6 nd suppress-ra
 no link-detect
!
interface lo
 no link-detect
!
router bgp 65000
 bgp router-id 10.1.0.4
 redistribute connected metric 121
 neighbor IBGP peer-group
 neighbor IBGP remote-as 65000
 neighbor IBGP password DOCKER
 neighbor 10.1.0.2 remote-as 65001
 neighbor 10.1.0.2 password DOCKER
 neighbor 10.1.0.2 ebgp-multihop 255
 neighbor 10.1.0.3 peer-group IBGP
 neighbor 10.1.0.5 peer-group IBGP
 maximum-paths ibgp 32
 distance bgp 250 200 150
 exit
!
access-list all permit any
!
ip forwarding
ipv6 forwarding
!
line vty
!
end

R4配置

log file /var/log/quagga/zebra.log
log file /var/log/quagga/bgpd.log
!
password bgp
!
interface eth0
 ipv6 nd suppress-ra
 link-detect
!
interface eth1
 ipv6 nd suppress-ra
 no link-detect
!
interface lo
 no link-detect
!
interface tunl0
 ipv6 nd suppress-ra
 no link-detect
!
router bgp 65001
 bgp router-id 10.1.0.2
 redistribute connected metric 121
 neighbor 10.1.0.4 remote-as 65000
 neighbor 10.1.0.4 password DOCKER
 neighbor 10.1.0.4 next-hop-self
 distance bgp 250 200 150
 exit
!
access-list all permit any
!
ip forwarding
ipv6 forwarding
!
line vty
!
end

BGP邻居状态

R3与其他节点都是邻居,因此以R3的为例

c78df8a1d9d5# show ip bgp neighbors
BGP neighbor is 10.1.0.2, remote AS 65001, local AS 65000, external link
  BGP version 4, remote router ID 10.1.0.2
  BGP state = Established, up for 01:33:01
  Last read 00:00:01, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
 Byte AS: advertised and received
    Route refresh: advertised and received(old & new)
    Address family IPv4 Unicast: advertised and received
    Graceful Restart Capabilty: advertised and received
      Remote Restart timer is 120 seconds
      Address families by peer:
        none
  Graceful restart informations:
    End-of-RIB send: IPv4 Unicast
    End-of-RIB received: IPv4 Unicast
  Message statistics:
    Inq depth is 0
    Outq depth is 0
                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                5          2
    Keepalives:            95         94
    Route Refresh:          0          0
    Capability:             0          0
    Total:                101         97
  Minimum time between advertisement runs is 30 seconds
 For address family: IPv4 Unicast
  Community attribute sent to this neighbor(both)
 accepted prefixes
  Connections established 1; dropped 0
  Last reset never
  External BGP neighbor may be up to 255 hops away.
Local host: 10.1.0.4, Local port: 36686
Foreign host: 10.1.0.2, Foreign port: 179
Nexthop: 10.1.0.4
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Read thread: on  Write thread: off
BGP neighbor is 10.1.0.3, remote AS 65000, local AS 65000, internal link
 Member of peer-group IBGP for session parameters
  BGP version 4, remote router ID 10.1.0.3
  BGP state = Established, up for 01:32:57
  Last read 00:00:57, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
 Byte AS: advertised and received
    Route refresh: advertised and received(old & new)
    Address family IPv4 Unicast: advertised and received
    Graceful Restart Capabilty: advertised and received
      Remote Restart timer is 120 seconds
      Address families by peer:
        none
  Graceful restart informations:
    End-of-RIB send: IPv4 Unicast
    End-of-RIB received: IPv4 Unicast
  Message statistics:
    Inq depth is 0
    Outq depth is 0
                         Sent       Rcvd
    Opens:                  2          0
    Notifications:          0          0
    Updates:                3          2
    Keepalives:            94         93
    Route Refresh:          0          0
    Capability:             0          0
    Total:                 99         95
  Minimum time between advertisement runs is 5 seconds
 For address family: IPv4 Unicast
  IBGP peer-group member
  Community attribute sent to this neighbor(both)
 accepted prefixes
  Connections established 1; dropped 0
  Last reset never
Local host: 10.1.0.4, Local port: 179
Foreign host: 10.1.0.3, Foreign port: 43991
Nexthop: 10.1.0.4
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Read thread: on  Write thread: off
BGP neighbor is 10.1.0.5, remote AS 65000, local AS 65000, internal link
 Member of peer-group IBGP for session parameters
  BGP version 4, remote router ID 10.1.0.5
  BGP state = Established, up for 01:32:56
  Last read 00:00:56, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
 Byte AS: advertised and received
    Route refresh: advertised and received(old & new)
    Address family IPv4 Unicast: advertised and received
    Graceful Restart Capabilty: advertised and received
      Remote Restart timer is 120 seconds
      Address families by peer:
        none
  Graceful restart informations:
    End-of-RIB send: IPv4 Unicast
    End-of-RIB received: IPv4 Unicast
  Message statistics:
    Inq depth is 0
    Outq depth is 0
                         Sent       Rcvd
    Opens:                  2          0
    Notifications:          0          0
    Updates:                3          2
    Keepalives:            94         93
    Route Refresh:          0          0
    Capability:             0          0
    Total:                 99         95
  Minimum time between advertisement runs is 5 seconds
 For address family: IPv4 Unicast
  IBGP peer-group member
  Community attribute sent to this neighbor(both)
 accepted prefixes
  Connections established 1; dropped 0
  Last reset never
Local host: 10.1.0.4, Local port: 179
Foreign host: 10.1.0.5, Foreign port: 42140
Nexthop: 10.1.0.4
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Read thread: on  Write thread: off

各节点上的路由表

  1. R3上ECMP路由
default via 172.19.0.1 dev eth1
.1.0.0/16 dev eth0  proto kernel  scope link  src 10.1.0.4
.100.100.1 via 10.1.0.5 dev eth0  proto zebra  metric 20
.100.100.2 via 10.1.0.3 dev eth0  proto zebra  metric 20
.100.100.4 via 10.1.0.2 dev eth0  proto zebra  metric 20
.100.100.100  proto zebra  metric 20
        nexthop via 10.1.0.5  dev eth0 weight 1
        nexthop via 10.1.0.3  dev eth0 weight 1
.18.0.0/16 via 10.1.0.5 dev eth0  proto zebra  metric 20
.19.0.0/16 dev eth1  proto kernel  scope link  src 172.19.0.2

其他说明

  1. 本测试中用了peer group,主要是IBGP内多个邻居测试比较简单一些。
  2. quagga内默认IBGP的路径最大是1,通过maximum-paths ibgp 32改了一下。
  3. 本案例中R1和R2是不通的,因为IBGP内未做特殊设置(BGP反射或者BGP联盟)是不会接受其他IBGP邻居传递的路由。
  4. 要想能从R4访问R1/R2宣告的100.100.100.100/32需要注意linux的kernel版本。。3.10的版本是按每个包单独转发,是建立不了TCP连接的。我测试时升级到了4.4.

参考文档

  1. https://lwn.net/Articles/656111/
作者:GNUer's blog
Just for You
原文地址:使用quagga配置BGP, 感谢原作者分享。