- eBGP
- iBGP <- 패킷트레이서 X
-> GNS3 + GNS3 VM + GNS3 이미지(2600 이상) 설치
-> GNS3 VM을 VMWare에 임포트(VM\GNS3VM*)
- VMware
-> VM Ware에서 네트워크 어댑터 1 -> NAT , 네트워크 어댑터 2 -> Host-only
-> RAM 16GB
-> CPU 코어 12개 - GNS3
Preferences -> GNS3 VM -> VMWare,해당 VM선택,RAM CPU 선택후 적용
라우터 이미지 IOS routers에 추가 - 프로젝트 생성
- Secure CRT 설치후 GNS3와 연결설정
BGP(Border Gateway Protocol Version 4)
#IGP -rip, eigrp, ospf
AS 내에서 라우팅 업데이트(* AS: 네트워크망 식별 번호)
# EGP - bgp
AS와 AS간 라우팅 업데이트-
BGP 특징
- IGP보다 컨버전스가 느리다.
- 대용량 라우팅 정보 교환 속도가 좋다.
- EGP 프로토콜 사용.
- 179/TCP를 이용해 3-Way를 실시한 후 네이버 관계를 성립
- 네이버 관계 형성 후 라우터 간 유니캐스트 라우팅 업데이트 실시
- 조작간 정해진 정책에 의해 최적 경로를 선출한다.
-
BGP 테이블 유형
- BGP Neighbor Table : show ip bgp neighbors
- BGP Status Table : show ip bgp summary
- BGP Forwarding Table: show ip bgp -
BGP 메세지 유형
- Open
- Update
- Keepalive
- Notification -
BGP 동작 단계
- Idle 상태
- Connect 상태
- OpenSent 상태
- Active 상태
- OpenConfirm 상태
- Established 상태 -
BGP 종류
- iBGP(Internal BGP)
- eBGP(External BGP)
iBGP - eBGP(Internal BGP)
- AS 안에서 사용되는 BGP
eBGP 네이버로부터 수신한 라우팅 정보를 다른 AS로 업데이트하기 위해 AS 안에서 라우팅 정보를 전달하는 용도
[실습] eBGP & iBGP 설정(router 3725 사용)
- iBGP에서 Full Mesh 방식 사용
(1) 기본 설정
@R1
conf t
hostname R1
no ip domain lookup
line con 0
exec-t 0 0
logg syn
!
int f0/0
ip addr 5.5.5.1 255.255.255.0
no shut
int lo 0
ip addr 10.10.10.10 255.255.255.0
end
@R2
conf t
hostname R2
no ip domain lookup
line con 0
exec-t 0 0
logg syn
!
int f0/1
ip addr 5.5.5.2 255.255.255.0
no shut
int f0/0
ip addr 6.6.6.2 255.255.255.0
no shut
int lo 0
ip addr 20.20.20.20 255.255.255.0
end
@R3
conf t
hostname R3
no ip domain lookup
line con 0
exec-t 0 0
logg syn
!
int f0/1
ip addr 6.6.6.3 255.255.255.0
no shut
int f0/0
ip addr 7.7.7.3 255.255.255.0
no shut
int lo 0
ip addr 30.30.30.30 255.255.255.0
end
@R4
conf t
hostname R4
no ip domain lookup
line con 0
exec-t 0 0
logg syn
!
int f0/1
ip addr 7.7.7.4 255.255.255.0
no shut
int lo 0
ip addr 40.40.40.40 255.255.255.0
end
(2) 테스트
@R1,R2,R3,R4
sh ip int br
R1# ping 5.5.5.2
R2# ping 6.6.6.3
R3# ping 7.7.7.4
(3) OSPF area 0 설정
@R2
conf t
router ospf 1
router-id 2.2.2.2
network 5.5.5.0 0.0.0.255 area 0
network 6.6.6.0 0.0.0.255 area 0
network 20.20.20.0 0.0.0.255 area 0
end
@R3
conf t
router ospf 1
router-id 3.3.3.3
network 6.6.6.0 0.0.0.255 area 0
network 7.7.7.0 0.0.0.255 area 0
network 30.30.30.0 0.0.0.255 area 0
end
@R4
conf t
router ospf 1
router-id 4.4.4.4
network 7.7.7.0 0.0.0.255 area 0
network 40.40.40.0 0.0.0.255 area 0
end
(4) OSPF 설정 확인
@R2,R3,R4
sh ip ospf neighbor
sh ip route
------------------------------------------------------------------------------
(5) eBGP 설정
* eBGP Neighbor 지정: 물리적인 네이버 인터페이스를 지정한다.
* iBGP Neighbor 지정: Local Loopback 인터페이스를 지정한다.(Full Mesh 방식 사용)
@R1
conf t
router bgp 100
bgp router-id 10.10.10.10
neighbor 5.5.5.2 remote-as 200
network 10.10.10.0 mask 255.255.255.0
end
@R2
conf t
router bgp 200
bgp router-id 20.20.20.20
neighbor 5.5.5.1 remote-as 100
network 20.20.20.0 mask 255.255.255.0
end
-> syslog 확인
*Mar 1 03:36:04.831: %BGP-5-ADJCHANGE: neighbor 5.5.5.2 Up
(6) iBGP 설정(R2/R3/R4 neighbor 지정)
* iBGP 설정시 split-horizon 규칙 문제 해결
1. Full Mesh(망 크기가 작을때 사용)
- R2 -> R3/R4, R3 -> R2/R4, R4 -> R2/R3
- iBGP 설정 loopback 0 주소를 neighbor로 지정한다.
- local loopback을 지정하는 경우는 update-source를 한번 더 설정해야 한다.
2. route reflector 명령 사용 방식
3. Confederation 명령 사용 방식
@R2
conf t
router bgp 200
bgp router-id 20.20.20.20
neighbor 30.30.30.30 remote-as 200
neighbor 30.30.30.30 update-source lo0
neighbor 40.40.40.40 remote-as 200
neighbor 40.40.40.40 update-source lo0
network 20.20.20.0 mask 255.255.255.0
end
@R3
conf t
router bgp 200
bgp router-id 30.30.30.30
neighbor 20.20.20.20 remote-as 200
neighbor 20.20.20.20 update-source lo0
neighbor 40.40.40.40 remote-as 200
neighbor 40.40.40.40 update-source lo0
network 30.30.30.0 mask 255.255.255.0
end
@R4
conf t
router bgp 200
bgp router-id 40.40.40.40
neighbor 30.30.30.30 remote-as 200
neighbor 30.30.30.30 update-source lo0
neighbor 20.20.20.20 remote-as 200
neighbor 20.20.20.20 update-source lo0
network 40.40.40.0 mask 255.255.255.0
end
(7) 설정 확인
@R2,R3,R4
sh ip route
R1# ping 40.40.40.40 source 10.10.10.10
(7-1) 테이블 확인
* 테이블 종류
BGP Table
BGP Neighbor Table
Routing Table
* 확인 명령어
sh ip bgp
sh ip bgp summary
sh ip route
sh ip protocols
sh tcp brief
(7-1-1) BGP Table 확인
[참고] Routing Protocol Table 종류
* EIGRP -> EIGRP topoloy 테이블
* OSPF -> OSPF database 테이블
* BGP -> BGP 테이블
[참고] Next Hop
* IGP(OSPF, EIGRP, ...): Next Hop
* EGP(BGP) : Next AS
R2# sh ip bgp
-----------------------------
BGP table version is 5, local router ID is 20.20.20.20
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/24 5.5.5.1 0 0 100 i
*> 20.20.20.0/24 0.0.0.0 0 32768 i
*>i30.30.30.0/24 30.30.30.30 0 100 0 i
*>i40.40.40.0/24 40.40.40.40 0 100 0 i
-----------------------------
(7-1-2) 라우팅 테이블 확인
R2# sh ip route
-----------------------------
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
20.0.0.0/24 is subnetted, 1 subnets
C 20.20.20.0 is directly connected, Loopback0
5.0.0.0/24 is subnetted, 1 subnets
C 5.5.5.0 is directly connected, FastEthernet0/1
6.0.0.0/24 is subnetted, 1 subnets
C 6.6.6.0 is directly connected, FastEthernet0/0
7.0.0.0/24 is subnetted, 1 subnets
O 7.7.7.0 [110/20] via 6.6.6.3, 01:14:27, FastEthernet0/0
40.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
O 40.40.40.40/32 [110/21] via 6.6.6.3, 01:10:37, FastEthernet0/0
B 40.40.40.0/24 [200/0] via 40.40.40.40, 00:16:32
10.0.0.0/24 is subnetted, 1 subnets
B 10.10.10.0 [20/0] via 5.5.5.1, 00:57:55
30.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
O 30.30.30.30/32 [110/11] via 6.6.6.3, 01:14:30, FastEthernet0/0
B 30.30.30.0/24 [200/0] via 30.30.30.30, 00:16:35
-----------------------------
(7-1-3) 프로토콜 확인
R2# sh ip protocol
-----------------------------
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 2.2.2.2
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
5.5.5.0 0.0.0.255 area 0
6.6.6.0 0.0.0.255 area 0
20.20.20.0 0.0.0.255 area 0
Reference bandwidth unit is 100 mbps
Routing Information Sources:
Gateway Distance Last Update
4.4.4.4 110 01:12:18
3.3.3.3 110 01:16:07
Distance: (default is 110)
Routing Protocol is "bgp 200" <--------------- 확인
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
IGP synchronization is disabled
Automatic route summarization is disabled
Neighbor(s):
Address FiltIn FiltOut DistIn DistOut Weight RouteMap
5.5.5.1
30.30.30.30
40.40.40.40
Maximum path: 1
Routing Information Sources:
Gateway Distance Last Update
40.40.40.40 200 00:18:13
30.30.30.30 200 00:18:13
5.5.5.1 20 00:59:36
Distance: external 20 internal 200 local 200
-----------------------------
(7-1-4) neighbor 확인
R2# sh ip bgp neighbor
-----------------------------
BGP neighbor is 5.5.5.1, remote AS 100, external link
BGP version 4, remote router ID 10.10.10.10
BGP state = Established, up for 01:03:48
Last read 00:00:47, last write 00:00:47, hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 3 1
Keepalives: 65 65
Route Refresh: 0 0
Total: 69 67
Default minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
BGP table version 5, neighbor version 5/0 <- 테이블 변경 횟수?
Output queue size: 0
....
-----------------------------
(7-1-5) BGP summary 확인
R2# sh ip bgp summary
-----------------------------
BGP router identifier 20.20.20.20, local AS number 200 <---
BGP table version is 5, main routing table version 5
4 network entries using 480 bytes of memory
4 path entries using 208 bytes of memory
4/3 BGP path/bestpath attribute entries using 496 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 3 (at peak 3) using 96 bytes of memory
BGP using 1304 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd <----
5.5.5.1 4 100 69 71 5 0 0 01:05:38 1
30.30.30.30 4 200 29 30 5 0 0 00:24:56 1
40.40.40.40 4 200 29 30 5 0 0 00:24:53 1
-----------------------------
(7-1-6) sh tcp brief
R2# sh tcp brief
-----------------------------
660EA97C 20.20.20.20.16950 30.30.30.30.179 ESTAB
660E7A34 20.20.20.20.26267 40.40.40.40.179 ESTAB
677AF068 5.5.5.2.179 5.5.5.1.45766 ESTAB
-----------------------------
- iEGP Split Horizon 해결법
- Full Mesh 방식
- Route Reflector 방식 [v]
- Confederation 방식
Route Reflector 방식으로 해결 실습
(1) Full Mesh로 지정한 설정 삭제
@R2
conf t
router bgp 200
no neighbor 40.40.40.40 remote-as 200
no neighbor 40.40.40.40 update-source Loopback0
end
@R4
conf t
router bgp 200
no neighbor 20.20.20.20 remote-as 200
no neighbor 20.20.20.20 update-source Loopback0
end
(2) 정보 확인
R4# ping 10.10.10.10
R4# clear ip route *
R4# sh ip route
(3) Route Reflector(R3을 Route Reflector로 설정해 정보를 제공할 수 있게 해준다.)
@R3
conf t
router bgp 200
neighbor 20.20.20.20 route-reflector-client
neighbor 40.40.40.40 route-reflector-client
end
-> syslog 확인
*Mar 1 00:07:52.683: %BGP-5-ADJCHANGE: neighbor 20.20.20.20 Down RR client config change
*Mar 1 00:08:17.743: %BGP-5-ADJCHANGE: neighbor 40.40.40.40 Up
(4) 정보 확인 및 ping 테스트
R4# sh ip route
R4# ping 10.10.10.10 source 40.40.40.40- iEGP Split Horizon 해결법
- Full Mesh 방식
- Route Reflector 방식
- Confederation 방식 [v]
Confederation 방식으로 해결 실습
(ㄱ) Route Reflector 설정 삭제
@R2,R3,R4
conf t
no router bgp 200
end
wr
(ㄴ) Confederation 설정
@R2
conf t
router bgp 65032
bgp router-id 20.20.20.20
!
bgp confederation id 200
neighbor 5.5.5.1 remote-as 100
!
neighbor 30.30.30.30 remote-as 65032
neighbor 30.30.30.30 update-source lo0
!
neighbor 30.30.30.30 ebgp-multihop 5
!
network 20.20.20.0 mask 255.255.255.0
end
@R3
conf t
router bgp 65032
bgp router-id 30.30.30.30
!
bgp confederation id 200
bgp confederation peers 65034
!
neighbor 20.20.20.20 remote-as 65032
neighbor 20.20.20.20 update-source lo0
!
neighbor 40.40.40.40 remote-as 65034
neighbor 40.40.40.40 update-source lo0
!
neighbor 40.40.40.40 ebgp-multihop 5
!
network 30.30.30.0 mask 255.255.255.0
end
@R4
conf t
router bgp 65034
bgp router-id 40.40.40.40
!
bgp confederation id 200
bgp confederation peers 65032
!
neighbor 30.30.30.30 remote-as 65032
neighbor 30.30.30.30 update-source lo0
!
neighbor 30.30.30.30 ebgp-multihop 2
!
network 40.40.40.0 mask 255.255.255.0
end
(ㄷ) 정보 확인
@R1,R2,R3,R4
sh ip bgp
sh ip bgp nei
sh ip route
