BGP 实验　１

BGP 实验　１

BGP I – Lab guide for LAB 1

Lab Steps

LAB1: iBGP and eBGP Neighbor Adjacencies (R1 ibgp R2 ebgp R3)⦁    Objectives:  ⦁    Establish eBGP peer⦁    Establish iBGP peer⦁    Playing with Peering Attributes

TASK1 – Explore lab environment⦁    From all three routers:  show cdp neighbor, show ip int brief⦁    Verify IP addresses of each devices⦁    From R1, ping R2.⦁    From R2, ping R1 and R2⦁    From R3, ping R2⦁    From R1, ping R3 (it won’t work, for now)

TASK2 – Establish eBGP Peer⦁    Verify output of show ip bgp summary ⦁    From R1:router bgp 1111  neighbor 9.9.12.2 remote-as 2323⦁    Verify output of show ip bgp summary⦁    On R1:debug ip tcp packet port 179⦁    On R2:debug ip bgprouter bgp 2323neighbor 9.9.12.1 remote-as 1111⦁    Who was initiator? R2 ⦁    What TCP ports were used for the BGP peering? 179⦁    Look in the debugs for an OPEN / UPDATE / KEEPALIVE message.⦁    Track the neighbor states from IDLE to ESTABLISHED (look for “went from” in debugs)⦁    Verify with show commands:show ip bgp summaryshow ip bgp neighbors⦁    What is the Router ID for both peers? R1 = 9.9.12.1 R2 = 9.9.12.2 ⦁    What is the negotiated hold time? 180⦁    What IP addresses are being used for the BGP messages? interface ip ⦁    What is the outgoing TTL for packets sent from each peer? sh ip bgp nei  Outgoing TTL 1

TASK3 – Establish iBGP Peer⦁    Verify output of show ip bgp summary⦁    From R2:router bgp 2323  neighbor 9.9.23.3 remote-as 2323⦁    Verify output of show ip bgp summary⦁    On R2:debug ip tcp packet port 179⦁    On R3:debug ip bgprouter bgp 2323neighbor 9.9.23.2 remote-as 2323⦁    Who was initiator? R2 ⦁    What TCP ports were used for the iBGP peering? 179⦁    Look in the debugs for an OPEN / UPDATE / KEEPALIVE message.⦁    Track the neighbor states from IDLE to ESTABLISHED (look for “went from” in debugs)

*Dec 10 07:43:34.302: BGP: ses global 9.9.23.2 (0xF3F67F0:0) pas Adding topology IPv4 Unicast:base*Dec 10 07:43:34.302: BGP: ses global 9.9.23.2 (0xF3F67F0:0) pas Send OPEN*Dec 10 07:43:34.303: BGP: ses global 9.9.23.2 (0xF3F67F0:0) pas Building Enhanced Refresh capability*Dec 10 07:43:34.303: BGP: 9.9.23.2 passive went from Connect to OpenSent*Dec 10 07:43:34.303: BGP: 9.9.23.2 passive sending OPEN, version 4, my as: 2323, holdtime 180 seconds                                    , ID 9091703*Dec 10 07:43:34.304: BGP: 9.9.23.2 passive went from OpenSent to OpenConfirm*Dec 10 07:43:34.314: BGP: 9.9.23.2 passive went from OpenConfirm to Established*Dec 10 07:43:34.314: BGP: ses global 9.9.23.2 (0xF3F67F0:1) pas Assigned ID

⦁    Verify with show commands:show ip bgp summaryshow ip bgp neighbors

R3#sh ip bgp sumBGP router identifier 9.9.23.3, local AS number 2323BGP table version is 1, main routing table version 1

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd9.9.23.2        4         2323       9       9        1    0    0 00:04:56        0R3#R3# sh ip bgp neiR3# sh ip bgp neighborsBGP neighbor is 9.9.23.2,  remote AS 2323, internal link  BGP version 4, remote router ID 9.9.23.2  BGP state = Established, up for 00:04:59  Last read 00:00:25, last write 00:00:06, hold time is 180, keepalive interval is 60 seconds  Neighbor sessions:    1 active, is not multisession capable (disabled)  Neighbor capabilities:    Route refresh: advertised and received(new)    Four-octets ASN Capability: advertised and received    Address family IPv4 Unicast: advertised and received    Enhanced Refresh Capability: advertised and received    Multisession Capability:    Stateful switchover support enabled: NO for session 1  Message statistics:    InQ depth is 0    OutQ depth is 0

Sent       Rcvd    Opens:                  1          1    Notifications:          0          0    Updates:                1          1    Keepalives:             7          7    Route Refresh:          0          0    Total:                  9          9  Do log neighbor state changes (via global configuration)  Default minimum time between advertisement runs is 0 seconds

For address family: IPv4 Unicast  Session: 9.9.23.2  BGP table version 1, neighbor version 1/0  Output queue size : 0  Index 2, Advertise bit 0  2 update-group member  Slow-peer detection is disabled  Slow-peer split-update-group dynamic is disabled                                 Sent       Rcvd  Prefix activity:               ----       ----    Prefixes Current:               0          0    Prefixes Total:                 0          0    Implicit Withdraw:              0          0    Explicit Withdraw:              0          0    Used as bestpath:             n/a          0    Used as multipath:            n/a          0

Outbound    Inbound  Local Policy Denied Prefixes:    --------    -------    Total:                                0          0  Number of NLRIs in the update sent: max 0, min 0  Last detected as dynamic slow peer: never  Dynamic slow peer recovered: never  Refresh Epoch: 1  Last Sent Refresh Start-of-rib: never  Last Sent Refresh End-of-rib: never  Last Received Refresh Start-of-rib: never  Last Received Refresh End-of-rib: never                                       Sent       Rcvd        Refresh activity:              ----       ----          Refresh Start-of-RIB          0          0          Refresh End-of-RIB            0          0

Address tracking is enabled, the RIB does have a route to 9.9.23.2  Connections established 1; dropped 0  Last reset never  Interface associated: (none) (peering address in same link)  Transport(tcp) path-mtu-discovery is enabled  Graceful-Restart is disabled  SSO is disabledConnection state is ESTAB, I/O status: 1, unread input bytes: 0Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 255Local host: 9.9.23.3, Local port: 179Foreign host: 9.9.23.2, Foreign port: 57926Connection tableid (VRF): 0Maximum output segment queue size: 50

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0x2C3A0F):Timer          Starts    Wakeups            NextRetrans             8          0             0x0TimeWait            0          0             0x0AckHold             8          5             0x0SendWnd             0          0             0x0KeepAlive           0          0             0x0GiveUp              0          0             0x0PmtuAger            0          0             0x0DeadWait            0          0             0x0Linger              0          0             0x0ProcessQ            0          0             0x0

iss:  584355350  snduna:  584355564  sndnxt:  584355564irs: 1603633096  rcvnxt: 1603633310

sndwnd:  16171  scale:      0  maxrcvwnd:  16384rcvwnd:  16171  scale:      0  delrcvwnd:    213

SRTT: 656 ms, RTTO: 2806 ms, RTV: 2150 ms, KRTT: 0 msminRTT: 5 ms, maxRTT: 1000 ms, ACK hold: 200 msuptime: 299485 ms, Sent idletime: 6413 ms, Receive idletime: 6204 msStatus Flags: passive open, gen tcbsOption Flags: nagle, path mtu capableIP Precedence value : 6

Datagrams (max data segment is 1460 bytes):Rcvd: 18 (out of order: 0), with data: 9, total data bytes: 213Sent: 17 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 9, total data bytes: 213

Packets received in fast path: 0, fast processed: 0, slow path: 0fast lock acquisition failures: 0, slow path: 0TCP Semaphore      0x0CAEC1AC  FREE

⦁    What is the Router ID for both iBGP peers?⦁    What is the negotiated hold time? 180s⦁    What IP addresses are being used for the BGP messages?⦁    What is the outgoing TTL for packets sent from each peer? Outgoing TTL 255

TASK4 – Modifying Router-ID⦁    Verify Router-ID for R1/R2/R3 using  show ip bgp neighbors⦁    What is R1’s RID? How was it chosen? Interface associated: GigabitEthernet0/0 (peering address in same link)⦁    What is R2’s RID? How was it chosen?⦁    What is R3’s RID? How was it chosen?⦁    On each Router, create a Loopback address:⦁    On R1:interface loopback0  ip address 9.1.1.1 255.255.255.224⦁    On R2:interface loopback0  ip address 9.2.2.2 255.255.255.224⦁    On R3:interface loopback0  ip address 9.3.3.3 255.255.255.224⦁    Verify Router-ID for R1/R2/R3 using  show ip bgp neighbors | inc ID|^BGP⦁    Did anything change?  Why or Why not? no ⦁    Clear the BGP sessions on each router⦁    On reach router:   clear ip bgp *⦁     Verify Router-ID for R1/R2/R3 using  show ip bgp neighbors | inc ID|^BGP⦁    Did anything change?  Why or Why not?⦁    On each Router, configure a Router-ID:⦁    On R1:router bgp 1111  bgp router-id 1.1.1.1⦁    On R2:router bgp 2323  bgp router-id 2.2.2.2⦁    On R3:router bgp 2323  bgp router-id 3.3.3.3⦁    Verify Router-ID for R1/R2/R3 using  show ip bgp neighbors | inc ID|^BGP⦁    Did anything change?  Why or Why not? changed ⦁    From R2, ping Router IDs for R1 and R3⦁    On R2:ping 1.1.1.1ping 3.3.3.3⦁    Did it work? no ⦁    Note that the Router-ID does not have to be an accessible IP address

TASK5 – Modifying Timers⦁    Verify current / default hold timer for iBGP⦁    On R2show ip bgp neighbors 9.9.23.3⦁    On R3show ip bgp neighbors 9.9.23.2⦁    Set hold timer to 90s and keepalive timer to 30s on iBGP neighbors⦁    On R2:router bgp 2323  neighbor 9.9.23.3 timers 30 90⦁    On R3:router bgp 2323  neighbor 9.9.23.2 timers 30 90⦁    Verify current hold timer:⦁    On R2/R3show ip bgp neighbors | inc ^BGP|keep⦁    Did anything change? Why not? no ⦁    Reset BGP Peer on R3:clear ip bgp 9.9.23.2⦁    When adjacency comes back up, verify on R2/R3show ip bgp neighbors | inc ^BGP|keep⦁    Notice additional configuration lines⦁    Set keepalive / hold time to 10/30 on R1⦁    On R1:⦁    show ip bgp neighbors | inc ^BGP|keep⦁    On R1:router bgp 1111      neighbor 9.9.12.2 timers 10 30  endclear ip bgp 9.9.12.2⦁    Verify hold/time on both eBGP peers⦁    On R1:show ip bgp neighbors | inc ^BGP|keep⦁    On R2:show ip bgp neighbors 9.9.12.1 | inc ^BGP|keep⦁    Notice difference between configured and negotiated timers⦁    Protect R2 by setting a minimum accepted hold time⦁    On R2router bgp 2323  neighbor 9.9.12.1 timers 30 90 60⦁    Did the eBGP session come up? Why?⦁    Update R1 to an acceptable hold timer⦁    On R1:router bgp 1111      neighbor 9.9.12.2 timers 20 60  endclear ip bgp 9.9.12.2⦁    Did the eBGP session come up?⦁    Verify hold/time on both eBGP peers⦁    On R1:show ip bgp neighbors | inc ^BGP|keep⦁    On R2:show ip bgp neighbors 9.9.12.1 | inc ^BGP|keep⦁    Notice difference between configured and negotiated timers

TASK6 – Modifying Update-source

⦁    Very peer IPs:⦁    On R2/R3show ip bgp summaryshow ip int br | ex unassigned⦁    Verify connectivity via loopback⦁    On R2:ping 9.3.3.3⦁    On R3:ping 9.2.2.2⦁    (both should fail)⦁    Enable connectivity via loopbacks⦁    Add static routes for loopback addresses to iBGP peers⦁    On R2ip route 9.3.3.3 255.255.255.255 9.9.23.3⦁    On R3:ip route 9.2.2.2 255.255.255.255 9.9.23.2⦁    Verify connectivity on R2:ping 9.3.3.3⦁    Verify connectivity on R3ping 9.2.2.2⦁    Change iBGP peers to use Loopback addresses⦁    On R2show run | section router bgpconfigure terminalrouter bgp 2323  neighbor 9.3.3.3 remote-as 2323  neighbor 9.3.3.3 timers 30 90  neighbor 9.3.3.3 update-source Loopback0  no neighbor 9.9.23.3⦁    Did peer come up?  Why not?  (other side must match)⦁    On R3:show run | section router bgpconfigure terminalrouter bgp 2323  neighbor 9.2.2.2 remote-as 2323  neighbor 9.2.2.2 timers 30 90  neighbor 9.2.2.2 update-source Loopback0  no neighbor 9.9.23.2⦁    Did peer come up?⦁    Very peer IPs:⦁    On R2/R3show ip bgp summaryshow ip int br | ex unassigned

R2#sh ip bgp sumBGP router identifier 2.2.2.2, local AS number 2323BGP table version is 1, main routing table version 1

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd9.3.3.3         4         2323       4       5        1    0    0 00:00:25        09.9.12.1        4         1111      23      24        1    0    0 00:06:05        0

R2#show ip int br | ex unassignedInterface                  IP-Address      OK? Method Status                ProtocolGigabitEthernet0/0         9.9.12.2        YES manual up                    upGigabitEthernet0/1         9.9.23.2        YES manual up                    upLoopback0                  9.2.2.2         YES manual up                    up

R3#show ip int br | ex unassignedInterface                  IP-Address      OK? Method Status                ProtocolGigabitEthernet0/0         9.9.23.3        YES manual up                    upLoopback0                  9.3.3.3         YES manual up                    up

TASK7 – Configuring eBGP Multihop⦁    Verify connectivity between R1 and R3⦁    On R1:ping 9.9.23.3⦁    On R3:ping 9.9.12.1⦁    (should fail)⦁    Enable connectivity between R1 and R3⦁    On R1:ip route 9.9.23.0 255.255.255.0 9.9.12.2⦁    On R3:ip route 9.9.12.0 255.255.255.0 9.9.23.2⦁    Verify connectivity on R1:ping 9.9.23.3⦁    Verify connectivity on R3:ping 9.9.12.1⦁    Configure eBGP peering between R1 and R3⦁    On R1:router bgp 1111  neighbor 9.9.23.3 remote-as 2323⦁    On R3:router bgp 2323  neighbor 9.9.12.1 remote-as 1111⦁    Did peer come up?  Why or why not? no ttl ⦁    Set eBGP multi-hop on R1 and R3⦁    On R1:router bgp 1111  neighbor 9.9.23.3 ebgp-multihop 2⦁    On R3:router bgp 2323  neighbor 9.9.12.1 ebgp-multihop 2⦁    Did peer come up?⦁    Verify adjacency status⦁    On R1/R2show ip bgp summaryshow ip bgp neighbors | inc ^BGP|TTL|hops

R1#show ip bgp neighbors | inc ^BGP|TTL|hopsBGP neighbor is 9.9.12.2,  remote AS 2323, external linkConnection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1BGP neighbor is 9.9.23.3,  remote AS 2323, external link  External BGP neighbor may be up to 2 hops away.Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 2R1#

R2#show ip bgp neighbors | inc ^BGP|TTL|hopsBGP neighbor is 9.3.3.3,  remote AS 2323, internal linkConnection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 255BGP neighbor is 9.9.12.1,  remote AS 1111, external linkConnection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1R2#

可以看到 EBGPTTL 默认是1， 必须修改才能工作，iBGP 默认是TTL255，另外BGP是工作在TCP以上的，

当然我们工作中看到的一般都是跑OSPF，BGP 就跑在OSPF或者　EIGRP上面的，老卵啊。

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。