# IT明星不是夢 # 路由黑洞的5種解決方法大PK

如何解決路由黑洞?

1、全互聯(全互聯的意思就是在一個AS內的所有的BGP路由器全部都建立我們Establish的關係)
2、RR(反射器)
3、聯盟(一般用的不多)
4、將BGP路由引入到IGP,從而保證IGP與BGP的同步。但是,因爲Internet上的BGP路由數量十分龐大,一旦引入到IGP,會給IGP路由器帶來巨大的處理和存儲負擔,如果路由器負擔過重,則可能癱瘓 不建議
5、MPLS技術解決路由黑洞問題

解決方法1.全互聯

在一個AS內的所有的BGP路由器全部都建立我們Establish的關係
R2 R3 R4之間的loopback接口之間相互建立IBGP的關係
# IT明星不是夢 # 路由黑洞的5種解決方法大PK
R2的配置

#
bgp 200
 router-id 2.2.2.2
 peer 3.3.3.3 as-number 200 
 peer 3.3.3.3 connect-interface LoopBack0
 peer 4.4.4.4 as-number 200 
 peer 4.4.4.4 connect-interface LoopBack0
 peer 192.168.12.1 as-number 100 
 #
 ipv4-family unicast
  undo synchronization
  peer 3.3.3.3 enable
  peer 3.3.3.3 next-hop-local 
  peer 4.4.4.4 enable
  peer 4.4.4.4 next-hop-local 
#

R3的BGP配置

#
bgp 200
 peer 2.2.2.2 as-number 200 
 peer 2.2.2.2 connect-interface LoopBack0
 peer 4.4.4.4 as-number 200 
 peer 4.4.4.4 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 1.1.1.1 enable
  peer 4.4.4.4 enable
#

R4的BGP配置

#
bgp 200
 router-id 4.4.4.4
 peer 2.2.2.2 as-number 200 
 peer 2.2.2.2 connect-interface LoopBack0
 peer 3.3.3.3 as-number 200 
 peer 3.3.3.3 connect-interface LoopBack0
#
 ipv4-family unicast
  undo synchronization
  peer 2.2.2.2 enable
  peer 2.2.2.2 next-hop-local 
  peer 3.3.3.3 enable
  peer 3.3.3.3 next-hop-local 
#

在R3上檢查IBGP的關係

[R3]display bgp peer 

 BGP local router ID : 192.168.34.3
 Local AS number : 200
 Total number of peers : 2                Peers in established state : 2

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv

  2.2.2.2         4         200        3        2     0 00:00:02 Established       1
  4.4.4.4         4         200        5        5     0 00:02:30 Established       1
[R3]

在R3上面看下是否能夠學習到關係1.1.1.1和5.5.5.5的路由

[R3]display bgp routing-table 

 BGP Local router ID is 192.168.34.3 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 2
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>i  1.1.1.1/32         2.2.2.2         0          100        0      100i
 *>i  5.5.5.5/32         4.4.4.4         0          100        0      300i
[R3]

在R5上面訪問R1

<R5>ping -a 5.5.5.5 1.1.1.1
  PING 1.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=252 time=80 ms
    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=252 time=60 ms
    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=252 time=50 ms

  --- 1.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 40/54/80 ms

缺點:
BGP 200裏面的設備越多 需要建立IBGP的數量也就越多 可以考慮用反射器解決

解決方法2.RR

刪除上面BGP R2 R3 R4的BGP配置
R3設備爲反射器 R2和R4設備爲客戶端 反射器和客戶端之間IBGP關係就可以 客戶端和客戶端之間不需要建立起任何關係
優點:減少AS 200裏面的IBGP的數量
# IT明星不是夢 # 路由黑洞的5種解決方法大PK
R2的配置

#
bgp 200
 router-id 2.2.2.2
 peer 3.3.3.3 as-number 200     //R2和反射器建立IBGP關係
 peer 3.3.3.3 connect-interface LoopBack0
#
 ipv4-family unicast
  undo synchronization
  peer 3.3.3.3 enable
  peer 3.3.3.3 next-hop-local 
#

R4的配置

#
bgp 200
 router-id 4.4.4.4
 peer 3.3.3.3 as-number 200     //R2和反射器建立IBGP關係
 peer 3.3.3.3 connect-interface LoopBack0
 peer 192.168.45.5 as-number 300 
 #
 ipv4-family unicast
  undo synchronization
  peer 3.3.3.3 enable
  peer 3.3.3.3 next-hop-local 
#

R3的配置

#
bgp 200
 peer 2.2.2.2 as-number 200 
 peer 2.2.2.2 connect-interface LoopBack0
 peer 4.4.4.4 as-number 200 
 peer 4.4.4.4 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 2.2.2.2 enable
  peer 2.2.2.2 reflect-client       //R2反射器和客戶端建立IBGP關係
  peer 4.4.4.4 enable
  peer 4.4.4.4 reflect-client       //R2反射器和客戶端建立IBGP關係
#

在R5上面訪問R1

<R5>ping -a 5.5.5.5 1.1.1.1
  PING 1.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=252 time=80 ms
    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=252 time=60 ms
    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=252 time=50 ms

  --- 1.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 40/54/80 ms

解決方法3.聯盟

刪除RR的配置 我們可以將AS 200拆成3個子的AS 分別爲1000 2000 3000AS
# IT明星不是夢 # 路由黑洞的5種解決方法大PK
在R2這邊的配置

#
bgp 1000        //R2上面直接配置子AS 1000
 router-id 2.2.2.2
 confederation id 200   //R2對外還是宣稱在AS 200裏面
 confederation peer-as 2000     //指定和對端子AS 2000建立EBGP關係
 peer 192.168.12.1 as-number 100 
 peer 192.168.23.3 as-number 2000 
 #
 ipv4-family unicast
  undo synchronization
  peer 192.168.12.1 enable
  peer 192.168.23.3 enable
  peer 192.168.23.3 next-hop-local  //在AS 200內部雖然R2和R3是EBGP關係  但是畢竟R2 和R3在一個AS 200當中  R2從R1學習到的路由  發給R3的時候下一跳還是不變化  所以需要敲如下命令實現R2發給R3的時候下一跳爲R2本身
#

在R3這邊的配置

#
bgp 2000
 confederation id 200
 confederation peer-as 1000 3000
 peer 192.168.23.2 as-number 1000 
 peer 192.168.34.4 as-number 3000 
 #
 ipv4-family unicast
  undo synchronization
  peer 192.168.23.2 enable
  peer 192.168.34.4 enable
#

在R4這邊的配置

#
bgp 3000
 confederation id 200
 confederation peer-as 2000
 peer 192.168.34.3 as-number 2000 
 peer 192.168.45.5 as-number 300 
 #
 ipv4-family unicast
  undo synchronization
  peer 192.168.34.3 enable
  peer 192.168.34.3 next-hop-local 
  peer 192.168.45.5 enable
#

檢查R2 R3 R4的BGP關係

<R2>display bgp peer 

 BGP local router ID : 2.2.2.2
 Local AS number : 1000
 Total number of peers : 2                Peers in established state : 2

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv

  192.168.12.1    4         100       10       10     0 00:07:29 Established       1
  192.168.23.3    4        2000       20       18     0 00:08:53 Established       1
<R2>
[R3]display bgp peer 

 BGP local router ID : 192.168.34.3
 Local AS number : 2000
 Total number of peers : 2                Peers in established state : 2

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv

  192.168.23.2    4        1000       18       21     0 00:09:00 Established       1
  192.168.34.4    4        3000       13       21     0 00:08:17 Established       1
[R3]
[R4]display bgp peer 

 BGP local router ID : 192.168.34.4
 Local AS number : 3000
 Total number of peers : 2                Peers in established state : 2

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv

  192.168.34.3    4        2000       20       13     0 00:08:21 Established       1
  192.168.45.5    4         300       10       12     0 00:07:23 Established       1
[R4]

檢查R2 R3 R4的路由

[R4]display bgp routing-table 

 BGP Local router ID is 192.168.34.4 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 2
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>i  1.1.1.1/32         192.168.23.2    0          100        0      (2000 1000) 100i
 *>   5.5.5.5/32         192.168.45.5    0                     0      300i
[R4]
[R3]display bgp routing-table 

 BGP Local router ID is 192.168.34.3 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 2
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>i  1.1.1.1/32         192.168.23.2    0          100        0      (1000) 100i
 *>i  5.5.5.5/32         192.168.34.4    0          100        0      (3000) 300i
[R3]
<R2>display bgp routing-table 

 BGP Local router ID is 2.2.2.2 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 2
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>   1.1.1.1/32         192.168.12.1    0                     0      100i
 *>i  5.5.5.5/32         192.168.34.4    0          100        0      (2000 3000) 300i
<R2>

在R5上面訪問R1

<R5>ping -a 5.5.5.5 1.1.1.1
  PING 1.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=252 time=80 ms
    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=252 time=60 ms
    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=252 time=50 ms

  --- 1.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 40/54/80 ms

缺點
聯盟的配置改動量特別大 不建議還割接的時候用這個方式

解決方法4. 將BGP路由引入到IGP

刪除聯盟的配置 將BGP路由引入到IGP裏面 在R2上引入和R4上面 將BGP路由引入到OSPF裏面
# IT明星不是夢 # 路由黑洞的5種解決方法大PK
R2的配置

#
ospf 1 router-id 2.2.2.2 
 import-route bgp
#

R4的配置

#
ospf 1 router-id 4.4.4.4
 import-route bgp
#

查看R3的路由表

<R3>display ip routing-table protocol ospf 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
         Destinations : 4        Routes : 4        

OSPF routing table status : <Active>
         Destinations : 4        Routes : 4

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

        1.1.1.1/32  O_ASE   150  1           D   192.168.23.2    GigabitEthernet0/0/1
        2.2.2.2/32  OSPF    10   1           D   192.168.23.2    GigabitEthernet0/0/1
        4.4.4.4/32  OSPF    10   1           D   192.168.34.4    GigabitEthernet0/0/0
        5.5.5.5/32  O_ASE   150  1           D   192.168.34.4    GigabitEthernet0/0/0

OSPF routing table status : <Inactive>
         Destinations : 0        Routes : 0

在R5上面訪問R1

<R5>ping -a 5.5.5.5 1.1.1.1
  PING 1.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=252 time=80 ms
    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=252 time=60 ms
    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=252 time=50 ms

  --- 1.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 40/54/80 ms

思考如下:
能不能只在R2或者R4上面進行引入?會有什麼問題?如何解決?

解決方法5.MPLS技術

刪除上面引入的配置
在R2 R3 R4設備之間配置MPLS 和MPLS LDP協議 讓R5訪問R1的數據走2.5層進行轉發
# IT明星不是夢 # 路由黑洞的5種解決方法大PK
在R2上的配置

#
mpls lsr-id 2.2.2.2
#
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/1
 mpls
 mpls ldp
#

在R3上的配置

#
mpls lsr-id 3.3.3.3
#
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/1
 mpls
 mpls ldp
#
interface GigabitEthernet0/0/0
 mpls
 mpls ldp
#

在R4上的配置

#
mpls lsr-id 4.4.4.4
#
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/0
 mpls
 mpls ldp
#

檢查LDP的關係

<R3>display mpls ldp session all 

 LDP Session(s) in Public Network
 Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
 A '*' before a session means the session is being deleted.
 ------------------------------------------------------------------------------
 PeerID             Status      LAM  SsnRole  SsnAge      KASent/Rcv
 ------------------------------------------------------------------------------
 2.2.2.2:0          Operational DU   Active   0000:00:04  17/17
 4.4.4.4:0          Operational DU   Passive  0000:00:03  16/16
 ------------------------------------------------------------------------------
 TOTAL: 2 session(s) Found.

<R3>

在R5上面訪問R1

<R5>ping -a 5.5.5.5 1.1.1.1
  PING 1.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=252 time=80 ms
    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=252 time=60 ms
    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=252 time=50 ms

  --- 1.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 40/54/80 ms

注意:MPLS 虛擬私有網絡就是靠這種方式實現的

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章