使用quagga配置BGP
BGP相对OSPF来说在骨干网络上使用的比较多,是目前域间路由协议的事实标准。通常在服务器上直接使用BGP的场景不多(内部网络大家都倾向使用OSPF这类IGP)。
其实BGP的配置也很简单,从以下的拓扑来看4个机器的BGP配置
https://blog.gnuers.org/?attachment_id=1351
){kind=link}
各路由配置文件
R1 配置
!
log file /var/log/quagga/zebra.log
log file /var/log/quagga/bgpd.log
!
password bgp
!
interface eth0
ipv6 nd suppress-ra
link-detect
!
interface eth1
ipv6 nd suppress-ra
no link-detect
!
interface lo
no link-detect
!
interface tunl0
ipv6 nd suppress-ra
no link-detect
!
router bgp 65000
bgp router-id 10.1.0.5
redistribute connected metric 121
neighbor 10.1.0.4 remote-as 65000
neighbor 10.1.0.4 password DOCKER
neighbor 10.1.0.4 next-hop-self
distance bgp 250 200 150
exit
!
access-list all permit any
!
ip forwarding
ipv6 forwarding
!
line vty
!
end
R2 配置
log file /var/log/quagga/zebra.log
log file /var/log/quagga/bgpd.log
!
password bgp
!
interface eth0
ipv6 nd suppress-ra
link-detect
!
interface eth1
ipv6 nd suppress-ra
no link-detect
!
interface lo
no link-detect
!
interface tunl0
ipv6 nd suppress-ra
no link-detect
!
router bgp 65000
bgp router-id 10.1.0.3
redistribute connected metric 121
neighbor 10.1.0.4 remote-as 65000
neighbor 10.1.0.4 password DOCKER
neighbor 10.1.0.4 next-hop-self
distance bgp 250 200 150
exit
!
access-list all permit any
!
ip forwarding
ipv6 forwarding
!
line vty
!
end
R3 配置
log file /var/log/quagga/zebra.log
log file /var/log/quagga/bgpd.log
!
password bgp
!
interface eth0
ipv6 nd suppress-ra
link-detect
!
interface eth1
ipv6 nd suppress-ra
no link-detect
!
interface lo
no link-detect
!
router bgp 65000
bgp router-id 10.1.0.4
redistribute connected metric 121
neighbor IBGP peer-group
neighbor IBGP remote-as 65000
neighbor IBGP password DOCKER
neighbor 10.1.0.2 remote-as 65001
neighbor 10.1.0.2 password DOCKER
neighbor 10.1.0.2 ebgp-multihop 255
neighbor 10.1.0.3 peer-group IBGP
neighbor 10.1.0.5 peer-group IBGP
maximum-paths ibgp 32
distance bgp 250 200 150
exit
!
access-list all permit any
!
ip forwarding
ipv6 forwarding
!
line vty
!
end
R4配置
log file /var/log/quagga/zebra.log
log file /var/log/quagga/bgpd.log
!
password bgp
!
interface eth0
ipv6 nd suppress-ra
link-detect
!
interface eth1
ipv6 nd suppress-ra
no link-detect
!
interface lo
no link-detect
!
interface tunl0
ipv6 nd suppress-ra
no link-detect
!
router bgp 65001
bgp router-id 10.1.0.2
redistribute connected metric 121
neighbor 10.1.0.4 remote-as 65000
neighbor 10.1.0.4 password DOCKER
neighbor 10.1.0.4 next-hop-self
distance bgp 250 200 150
exit
!
access-list all permit any
!
ip forwarding
ipv6 forwarding
!
line vty
!
end
BGP邻居状态
R3与其他节点都是邻居,因此以R3的为例
c78df8a1d9d5# show ip bgp neighbors
BGP neighbor is 10.1.0.2, remote AS 65001, local AS 65000, external link
BGP version 4, remote router ID 10.1.0.2
BGP state = Established, up for 01:33:01
Last read 00:00:01, hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
4 Byte AS: advertised and received
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Graceful Restart Capabilty: advertised and received
Remote Restart timer is 120 seconds
Address families by peer:
none
Graceful restart informations:
End-of-RIB send: IPv4 Unicast
End-of-RIB received: IPv4 Unicast
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 5 2
Keepalives: 95 94
Route Refresh: 0 0
Capability: 0 0
Total: 101 97
Minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
Community attribute sent to this neighbor(both)
3 accepted prefixes
Connections established 1; dropped 0
Last reset never
External BGP neighbor may be up to 255 hops away.
Local host: 10.1.0.4, Local port: 36686
Foreign host: 10.1.0.2, Foreign port: 179
Nexthop: 10.1.0.4
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Read thread: on Write thread: off
BGP neighbor is 10.1.0.3, remote AS 65000, local AS 65000, internal link
Member of peer-group IBGP for session parameters
BGP version 4, remote router ID 10.1.0.3
BGP state = Established, up for 01:32:57
Last read 00:00:57, hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
4 Byte AS: advertised and received
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Graceful Restart Capabilty: advertised and received
Remote Restart timer is 120 seconds
Address families by peer:
none
Graceful restart informations:
End-of-RIB send: IPv4 Unicast
End-of-RIB received: IPv4 Unicast
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 2 0
Notifications: 0 0
Updates: 3 2
Keepalives: 94 93
Route Refresh: 0 0
Capability: 0 0
Total: 99 95
Minimum time between advertisement runs is 5 seconds
For address family: IPv4 Unicast
IBGP peer-group member
Community attribute sent to this neighbor(both)
4 accepted prefixes
Connections established 1; dropped 0
Last reset never
Local host: 10.1.0.4, Local port: 179
Foreign host: 10.1.0.3, Foreign port: 43991
Nexthop: 10.1.0.4
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Read thread: on Write thread: off
BGP neighbor is 10.1.0.5, remote AS 65000, local AS 65000, internal link
Member of peer-group IBGP for session parameters
BGP version 4, remote router ID 10.1.0.5
BGP state = Established, up for 01:32:56
Last read 00:00:56, hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
4 Byte AS: advertised and received
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Graceful Restart Capabilty: advertised and received
Remote Restart timer is 120 seconds
Address families by peer:
none
Graceful restart informations:
End-of-RIB send: IPv4 Unicast
End-of-RIB received: IPv4 Unicast
Message statistics:
Inq depth is 0
Outq depth is 0
Sent Rcvd
Opens: 2 0
Notifications: 0 0
Updates: 3 2
Keepalives: 94 93
Route Refresh: 0 0
Capability: 0 0
Total: 99 95
Minimum time between advertisement runs is 5 seconds
For address family: IPv4 Unicast
IBGP peer-group member
Community attribute sent to this neighbor(both)
4 accepted prefixes
Connections established 1; dropped 0
Last reset never
Local host: 10.1.0.4, Local port: 179
Foreign host: 10.1.0.5, Foreign port: 42140
Nexthop: 10.1.0.4
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Read thread: on Write thread: off
各节点上的路由表
- R3上ECMP路由
default via 172.19.0.1 dev eth1
10.1.0.0/16 dev eth0 proto kernel scope link src 10.1.0.4
100.100.100.1 via 10.1.0.5 dev eth0 proto zebra metric 20
100.100.100.2 via 10.1.0.3 dev eth0 proto zebra metric 20
100.100.100.4 via 10.1.0.2 dev eth0 proto zebra metric 20
100.100.100.100 proto zebra metric 20
nexthop via 10.1.0.5 dev eth0 weight 1
nexthop via 10.1.0.3 dev eth0 weight 1
172.18.0.0/16 via 10.1.0.5 dev eth0 proto zebra metric 20
172.19.0.0/16 dev eth1 proto kernel scope link src 172.19.0.2
其他说明
本测试中用了peer group,主要是IBGP内多个邻居测试比较简单一些。
quagga内默认IBGP的路径最大是1,通过maximum-paths ibgp 32改了一下。
本案例中R1和R2是不通的,因为IBGP内未做特殊设置(BGP反射或者BGP联盟)是不会接受其他IBGP邻居传递的路由。
要想能从R4访问R1/R2宣告的100.100.100.100/32需要注意linux的kernel版本。。3.10的版本是按每个包单独转发,是建立不了TCP连接的。我测试时升级到了4.4.## 参考文档