RFC5291、RFC5292規定了BGP基於前綴的ORF能力,能將本端設備配置的基於前綴的入口策略通過路由刷新報文發送給BGP鄰居。BGP鄰居根據這些策略構造出口策略,在路由發送時對路由條目進行過濾。這樣不僅避免了本端設備接收大量無用的路由,降低了本端設備的CPU使用率,還有效減少了BGP鄰居的配置工作,降低了鏈路帶寬的佔用率。
配置基於前綴的BGP ORF示例
組網需求:
如圖所示,AR1屬於AS100,AR3屬於AS200。需求AR3不必維護出口策略即可實現AR3設備只發送符合AR1設備入口策略的路由。
一、完成接口及EBGP配置。(略)
二、在AR3上應用基於前綴的入口過濾
R3:
ip ip-prefix 10 index 10 permit 100.1.1.0 24
bgp 200
peer 123.1.1.1 ip-prefix 10 import
在AR3上查看路由表:
[AR3]dis bgp routing-table
BGP Local router ID is 33.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 4
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 100.1.1.0/24 123.1.1.1 0 0 100i
在AR3上查看路由接收情況:
[AR3]dis bgp routing-table peer 123.1.1.1 received-routes
BGP Local router ID is 33.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 1
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 100.1.1.0/24 123.1.1.1 0 0 100i
在AR1上查看路由發送情況:
[AR1]dis bgp routing-table peer 123.1.1.3 advertised-routes
BGP Local router ID is 123.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 4
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 11.1.1.0/24 123.1.1.1 0 0 100i
*> 100.1.1.0/24 123.1.1.1 0 0 100i
*> 111.1.1.0/24 123.1.1.1 0 0 100 i
未使能基於前綴的BGP ORF功能時,AR1發送了11.1.1.0、100.1.1.0、111.1.0三條直連環回口路由,AR3的基於前綴列表的入口策略只接收了100.1.1.0的路由。
三、使能基於前綴的BGP ORF功能
# 在AR1上使能基於前綴的BGP ORF功能。
[AR1] bgp 100
[AR1-bgp] peer 123.1.1.3 capability-advertise orf ip-prefix both
[AR1-bgp] quit
# 在AR3上使能基於前綴的BGP ORF功能。
[AR3] bgp 200
[AR3-bgp] peer 123.1.1.1 capability-advertise orf ip-prefix both
[AR3-bgp] quit
注意:配置完成以後,會導致鄰居shutdown掉,重新建立BGP鄰居關係。
此時查看AR1通告的路由,AR1只通告100.1.1.0/24的路由,不會通告其他的路由條目,可以減少路由條目的發送。
[AR1]dis bgp routing-table peer 123.1.1.3 advertised-routes //查看BGP通告的路由條目
BGP Local router ID is 123.1.1.1
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total Number of Routes: 4
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 100.1.1.0/24 123.1.1.1 0 0 100i
<AR1>dis bgp peer 123.1.1.3 verbose //查看基於前綴的BGP ORF協商信息。
BGP Peer is 123.1.1.3, remote AS 200
Type: EBGP link
BGP version 4, Remote router ID 33.1.1.1
Update-group ID: 0
BGP current state: Established, Up for 00h13m07s
BGP current event: RecvKeepalive
BGP last state: OpenConfirm
BGP Peer Up count: 2
Received total routes: 1
Received active routes total: 1
Advertised total routes: 4
Port: Local - 179 Remote - 51051
Configured: Connect-retry Time: 32 sec
Configured: Active Hold Time: 180 sec Keepalive Time:60 sec
Received : Active Hold Time: 180 sec
Negotiated: Active Hold Time: 180 sec Keepalive Time:60 sec
Peer optional capabilities:
Peer supports bgp multi-protocol extension
Peer supports bgp route refresh capability
Peer supports bgp outbound route filter capability
Support Address-Prefix: IPv4-UNC address-family, rfc-compatible, both
Peer supports bgp 4-byte-as capability
Address family IPv4 Unicast: advertised and received
wireshark抓包顯示如下: