{"id":932,"date":"2012-08-07T22:25:00","date_gmt":"2012-08-07T14:25:00","guid":{"rendered":"http:\/\/note.systw.net\/note\/?p=932"},"modified":"2023-11-07T22:29:25","modified_gmt":"2023-11-07T14:29:25","slug":"cisco-bgp","status":"publish","type":"post","link":"https:\/\/systw.net\/note\/archives\/932","title":{"rendered":"Cisco BGP"},"content":{"rendered":"\n<p>\u6307\u5b9arid<br><strong>(config-router)# bgp router-id &lt; rid&gt;<\/strong><\/p>\n\n\n\n<p>\u9130\u5c45\u95dc\u4fc2\u8a2d\u5b9a<br><strong>(config)# router bgp &lt; as&gt;<\/strong><br><strong>(config-router)# neighbor &lt; neighbor-ip&gt; remote-as &lt; neighbor-as&gt;<\/strong><br>\u82e5as\u8207neighbor-as\u76f8\u540c\uff0c\u5247\u70baiBGP\u9130\u5c45\uff0c\u82e5\u4e0d\u540c\u5247\u70baeBGP\u9130\u5c45<br>ps:<br>neighbor\u9593\u5fc5\u9808\u4e92\u76f8\u53ef\u5230\u9054\uff0c\u5fc5\u8981\u6642\u53ef\u7528static route\u6216igp\u8a2d\u5b9a\u5982\u4f55\u5230\u9054\u9130\u5c45<\/p>\n\n\n\n<p>\u4f7f\u7528loopback\u8a2d\u5b9a\u9130\u5c45\u95dc\u4fc2<br><strong>(config-router)# neighbor &lt; neighbor-ip&gt; update-source &lt; interface&gt;<\/strong><br>\u4e3b\u8981\u7528\u4f86\u63d0\u9ad8\u9130\u5c45\u5bb9\u932f\u80fd\u529b<\/p>\n\n\n\n<p>\u8a2d\u5b9aebgp multihop\u7684ttl<br><strong>(config-router)# neighbor ebgp-multihop &lt; ttl&gt;<\/strong><br>eBGP TTL\u9810\u8a2d\u70ba1\uff0c\u82e5eBGP peer\u9700\u7d93\u904e\u591a\u500bhop\u624d\u53ef\u627a\u9054\uff0c\u5247\u8981\u8a2d\u5b9a\u9069\u7576\u7684ttl\uff0c\u4ee5\u8b93\u8a0a\u865f\u627a\u9054\u4e26\u5efa\u7acb\u9130\u5c45\u95dc\u4fc2 &nbsp;<br>ex:\u82e5eBGP peer\u4f7f\u7528loopback\u4ecb\u9762\uff0c\u4e14\u8a72peer\u76f4\u63a5\u9023\u7d50\u672c\u8a2d\u5099\uff0c\u5247ttl\u81f3\u5c11\u8981\u8a2d\u5b9a2\u4ee5\u4e0a\uff0c\u8a0a\u865f\u624d\u53ef\u5230\u9054\u8a72loopback\u4ecb\u9762<br>ps:iBGP TTL\u9810\u8a2d\u975e1<\/p>\n\n\n\n<p>ex:<br>\u66f4\u65b0\u4f86\u6e90\u4f7f\u7528loopback\u4ecb\u9762,\u4e26\u52a0\u5165\u5c0d\u65b9eBGP\u9130\u5c45r2(2.2.2.2, AS 2),r1(1.1.1.1, AS 1)&nbsp;<br>r2(config)# router bgp 2<br>r2(config-router)# neighbor 1.1.1.1 remote-as 1<br>r2(config-router)# neighbor ebgp-multihop 2<br>r2(config-router)# neighbor 1.1.1.1 update-source loopback1<br>r2(config-router)# interface loopback1<br>r2(config-router)# ip address 2.2.2.2 255.255.255.255<br>r1(config)# router bgp 1<br>r1(config-router)# neighbor 2.2.2.2 remote-as 2<br>r1(config-router)# neighbor ebgp-multihop 2<br>r1(config-router)# neighbor 2.2.2.2 update-source loopback1<br>r1(config-router)# interface loopback2<br>r1(config-router)# ip address 1.1.1.1 255.255.255.255<\/p>\n\n\n\n<p>\u4ee5MD5\u505a\u9130\u5c45\u9a57\u8b49<br><strong>(config-router)# neighbor &lt; neighbor-ip&gt; password &lt; key&gt;&nbsp;<\/strong><\/p>\n\n\n\n<p>\u505c\u7528bgp\u9130\u5c45<br><strong>(config-router)# neighbor &lt; neighbor-ip&gt; shutdown<\/strong><br>\u8981\u6c42\u9130\u5c45\u9032\u5165idle\u72c0\u614b<\/p>\n\n\n\n<p>\u5728\u6c92\u6709bgp next hop\u7684\u8def\u5f91\u4e0b<br>\u7d66neighbor ibgp\u7684route\u6642\uff0croute\u7684next-hop\u6703\u4fee\u6539\u6210\u81ea\u5df1(\u9810\u8a2d\u4e0d\u6703)\uff0c\u8b93neighbor\u53ef\u900f\u904e\u81ea\u5df1\u5230\u76ee\u5730&nbsp;<br><strong>(config-router)# neighbor &lt; neighbor-ip&gt; next-hop-self<\/strong><br>neighbor-ip \u9700\u6307\u5b9a\u9130\u5c45ip<br>\u50cf\u662f\u5728hub-spoke network\u67b6\u69cb\u4e0b,spoke route\u7121\u6cd5\u5230\u9054\u53e6\u4e00\u500bspoke route\u554f\u984c,\u53ef\u5728hub router\u8a2d\u5b9a\u8a72\u6307\u4ee4\u89e3\u6c7a<br>ex:<br>\u5047\u8a2dshow ip bgp\u4e2d\u986f\u793a\u8a72\u8def\u5f91\u7684\u4f86\u6e90\u70ba1.1.1.1 from 10.1.2.1 (2.2.2.2)<br>\u5247\u9700\u4e0b\u6307\u4ee4 neighbor 10.1.2.1 next-hop-self \u4ee5\u89e3\u6c7a\u7121\u6cd5\u5230\u90541.1.1.1\u7684\u554f\u984c&nbsp;&nbsp;<\/p>\n\n\n\n<p>\u4f7f\u7528bgp\u540c\u6b65\u89e3\u6c7a\u8ff4\u5708\u3000<br><strong>(config-router)#BGP synchronization&nbsp;<\/strong><br>\u82e5IGP\u7121\u6cd5\u5b78\u5230route(\u5c1a\u672aredistribute\u5230IGP),\u5efa\u8b70\u95dc\u9589,\u5426\u5247\u4e0d\u6703\u6709\u4efb\u4f55route\u53ef\u7528\u3000<br>\u9810\u8a2d\u95dc\u9589<br>ps:\u65e9\u671f\u9810\u8a2d\u662f\u958b\u555f<\/p>\n\n\n\n<p>&#8230;<\/p>\n\n\n\n<p><strong>\u8def\u5f91\u901a\u544a&nbsp;<\/strong><br>\u6703\u5c07\u591a\u7b46route\u90fd\u5beb\u5165bgp table&nbsp;<br>\u65b9\u6cd5\u67092<br>\u901a\u544aprefix\u5c07\u6240\u6709\u7b26\u5408\u7684\u8def\u5f91\u7d66ISP<br>\u4f7f\u7528redistrubute\u5c07\u6240\u6709\u7b26\u5408\u7684\u8def\u5f91\u7d66ISP<\/p>\n\n\n\n<p>\u901a\u544aprefix\u5c07\u6240\u6709\u7b26\u5408\u7684\u8def\u5f91\u7d66ISP<br><strong>(config)# bgp &lt; as&gt;<br>(config-router)# network &lt; prefix&gt; [ mask &lt; mask&gt;]<\/strong><br>\u82e5\u6c92\u52a0mask\u5247\u4f7f\u7528\u9810\u8a2d\u7684\u5206\u7d1a\u5f0fmask,<br>ps:<br>\u82e5\u6c92\u52a0mask,\u4f46\u82e5\u50c5\u6709\u90e8\u4efd\u7121\u7d1a\u5f0f\u7db2\u8def,\u5247\u4e0d\u6703\u65b0\u589e\u5230BGP\u8868<br>ex:<br>\u4ee5\u4e0broute\u4e0d\u6703\u88ab\u901a\u544a,\u56e0\u70banetwork\u662f\u6307\u5b9a192.168.0.0\/24,\u8207route192.168.0.0\/16\u4e0d\u7b26\u5408&nbsp;<br>(config-router)#network 192.168.0.0<br>(config)#ip route 192.168.0.0 255.255.0.0 null<br>\u82e5\u6c92\u52a0mask,\u540c\u6642\u4e5f\u555f\u7528auto-summary,\u4f46\u82e5\u50c5\u6709\u90e8\u4efd\u7121\u7d1a\u5f0f\u7db2\u8def,\u5247\u6703\u65b0\u589e\u5206\u7d1a\u5f0f\u7db2\u8def\u5230BGP\u8868<\/p>\n\n\n\n<p>\u4f7f\u7528redistrubute\u5c07\u6240\u6709\u7b26\u5408\u7684\u8def\u5f91\u7d66ISP<br>ex:<br>\u5c07ospf\u5b78\u4f86\u8def\u5f91\u4ee5redistribute\u65b9\u5f0f\u7d66isp<br>(config)# ip prefix-list p1 permit 128.107.0.0\/19 le 32<br>(config)# route-map m1 permit<br>(config-router-map)# match ip address prefix p1<br>(config)# router bgp 11<br>(config-router)# redistribute ospf 1 route-map m1<br>ps:<br>\u5728\u6b64\u7bc4\u4f8b\u4e2d,\u82e5ospf\u5b78\u5230\u591a\u500b\u5b50\u7db2\u8def,\u5247\u6703\u7d66isp\u591a\u500b\u5b50\u7db2\u8def<\/p>\n\n\n\n<p><br><strong>\u8def\u5f91\u532f\u6574<\/strong><br>\u6703\u5c07\u591a\u7b46route\u6574\u7406\u6210\u4e00\u7b46\u5beb\u5165\u5230bgp table&nbsp;<br>\u65b9\u6cd5\u67093<br>\u3000\u4f7f\u7528IGP\u8def\u5f91\u532f\u6574<br>\u3000\u4f7f\u7528\u4e1f\u68c4\u8def\u5f91\u539f\u7406<br>\u3000\u4f7f\u7528BGP\u8def\u5f91\u532f\u6574<\/p>\n\n\n\n<p>\u4f7f\u7528\u4e1f\u68c4\u8def\u5f91\u539f\u7406<br>(config)#bgp &lt; as&gt;<br>(config-router)# network &lt; prefix [mask &lt; mask&gt;]&gt;<br><strong>(config)#ip route &lt; prefix [mask &lt; mask&gt;]&gt; null0<\/strong><br>ex:<br>\u8b93router\u53ef\u4ee5\u5c07200.52.1.192\/27\u548c200.52.192\/24\u532f\u6574\u6210\u4e00\u7b46\u5f8c\u5728\u901a\u544a<br>(config-router)# network 200.52.1.192 mask 255.255.255.224<br>(config)# ip route 200.52.1.0 255.255.255.0 null0<\/p>\n\n\n\n<p>\u4f7f\u7528BGP\u8def\u5f91\u532f\u6574<br><strong>(config)# bgp &lt; as&gt;<br>(config-router)# aggregate-address &lt; prefix&gt; [summary-only]<br><\/strong>\u82e5bgp table\u5167\u7b26\u5408\u8a72prefix(\u6216\u542b\u6b21\u7d1a\u8def\u5f91)\uff0c\u5247\u901a\u544a\u8a72prefix\u3000<br>summary-only:\u7528\u4f86\u6291\u5236\u901a\u544a\u90e8\u4efd\u7684\u6b21\u7d1a\u8def\u5f91\uff0c\u88ab\u6291\u5236\u7684\u6b21\u7d1a\u8def\u5f91\u6703\u4ee5s\u8868\u793a<br>ex:<br>\u5148\u5c07\u6307\u5b9a\u7684\u8def\u5f91\u532f\u6574\u6210\u4e00\u7b46\u5f8c\u5728\u901a\u544a\u7d66isp<br>(config-router)# network 128.107.0.0 mask 255.255.224.0<br>(config-router)# aggregate-address 128.107.0.0 255.255.224.0 summary-only<\/p>\n\n\n\n<p>ex:<br>\u8b93router\u53ef\u4ee5\u5c07200.52.1.192\/27\u548c200.52.192\/24\u532f\u6574\u6210\u4e00\u7b46\u5f8c\u5728\u901a\u544a<br>(config-router)# network 200.52.1.192 mask 255.255.255.224<br>(config-router)# aggregate-address 200.52.1.0 255.255.255.0<br>&nbsp;<\/p>\n\n\n\n<p>&#8230;<\/p>\n\n\n\n<p>\u6e05\u9664\u9130\u5c45\u95dc\u4fc2<br><strong>#clear ip bgp &lt; neighbor-ip|*&gt; [soft] [in|out]<\/strong><br>\u9810\u8a2d\u66f4\u65b0\u985e\u578b\u70bahard,\u6703\u4e2d\u65b7\u9130\u5c45,\u4e26\u6e05\u9664\u9130\u5c45\u5b78\u4f86\u7684\u9805\u76ee<br>*\u8868\u793a\u5168\u90e8<br>[soft]\u8868\u793a\u516c\u544a(\u9023\u5165)\u53ca\u63a5\u6536\u516c\u544a(\u9023\u51fa)\u7684\u66f4\u65b0\u91cd\u8a2d,\u66f4\u65b0\u985e\u578b\u4f7f\u7528soft<br>[out]\u8868\u793a\u50c5\u516c\u544a\u7684\u66f4\u65b0\u91cd\u8a2d,\u66f4\u65b0\u985e\u578b\u70basoft<br>[in]\u8868\u793a\u50c5\u63a5\u6536\u516c\u544a\u7684\u66f4\u65b0\u91cd\u8a2d,\u66f4\u65b0\u985e\u578b\u70basoft<br>ps:<br>clear ip bgp &lt; neighbor-ip&gt; soft in \u8f03\u6d88\u8017\u904b\u7b97\u8cc7\u6e90<br>clear ip bgp &lt; neighbor-ip&gt; in \u8f03\u4e0d\u6d88\u8017\u904b\u7b97\u8cc7\u6e90&nbsp;<br>ps:<br>\u4e00\u822c\u60c5\u6cc1\u4e0bclean bgp\u6703\u91cd\u65b0\u53d6\u5f97route\uff0c\u9700\u6d88\u8017\u5927\u91cf\u8cc7\u6e90<br>\u5e38\u898b\u7684\u89e3\u6c7a\u65b9\u6cd5\u4e3b\u8981\u6709\u5169\u7a2e<br>1.soft-reconfiguration:\u9700\u984d\u5916\u8cc7\u6e90\u5132\u5b58route&nbsp;<br>2.BGP Refresh Capabilites:\u8a72\u65b9\u6848\u8f03\u4f73,\u9700\u8a2d\u5099\u6709\u652f\u63f4\u3000<\/p>\n\n\n\n<p>\u8def\u5f91\u904e\u6ffe&nbsp;<br><strong>(config-router)# neighbor &lt; neighbor-ip&gt; &lt; filte-option&gt; out<\/strong><br>\u53ef\u9632\u6b62\u7d44\u7e54\u7684AS\u70ba\u6210Transit AS(\u4e2d\u7e7cas)\u3000<br>filte-option\u652f\u63f4prefix-list,distribute-list,route-map<br>ps:\u9700\u6e05\u9664\u9130\u5c45\u95dc\u4fc2\u6216\u91cd\u958b\u8a2d\u5099,filte\u624d\u6703\u751f\u6548<br>ex:<br>\u6307\u5b9a\u9130\u5c451.1.1.1\u50c5\u5141\u8a31128.107.0.0\/19\u7684\u901a\u544a\u88ab\u767c\u51fa<br>prefix-list\u505a\u6cd5\u5982\u4e0b<br>(config)# ip prefix-list only-public permit 128.107.0.0\/19<br>(config)# router bgp 11<br>(config-router)# neighbor 1.1.1.1 prefix-list only-public out<br>distribute-list\u505a\u6cd5\u5982\u4e0b<br>(config)# access-list 101 permit ip host 128.107.0.0 host 255.255.224.0<br>(config)# router bgp 11<br>(config-router)# neighbor 1.1.1.1 distribute-list 101 out<br>route-map\u505a\u6cd5\u5982\u4e0b<br>(config)# ip prefix-list only-public seq 5 permit 128.107.0.0\/19<br>(config)# route-map only-public-rmap permit 10<br>(config-router-map)# match ip address prefix-list only-public<br>(config)# router bgp 11<br>(config-router)# neighbor 1.1.1.1 route-map only-public-rmap out&nbsp;<\/p>\n\n\n\n<p>&#8230;<\/p>\n\n\n\n<p><strong>\u8abf\u6574\u9023\u5230\u5916\u90e8\u7684\u8def\u5f91<\/strong><br>\u4e3b\u8981\u53ef\u8abf\u6574\u4ee5\u4e0b\u4e09\u7a2ePA<br>weight<br>local_pref<br>as path<\/p>\n\n\n\n<p><strong>\u5f9e\u9130\u5c45\u5b78\u4f86\u7684\u6240\u6709\u8def\u5f91\u8a2d\u5b9aweight<\/strong><br>(config-router)# neighbor &lt; neighbor-ip&gt; weight &lt; value&gt;<br>\u8a72\u529f\u80fd\u652f\u63f4route-map<br>weight\u53ea\u652f\u63f4in\u7684\u65b9\u5411,\u4e5f\u5c31\u662f\u50c5\u5c0d\u5b78\u4f86\u7684\u8def\u5f91\u505a\u8abf\u6574<br>ps:weight\u70bacisco\u5c08\u5c6c\u7279\u6027,\u56e0\u6b64\u4e0d\u6703\u5728bgp update\u4e2d<br>ex:<br>\u5f9e\u9130\u5c451.1.1.1\u5b78\u4f86\u7684\u6240\u6709\u8def\u5f91,\u5c07weight\u8abf\u70ba60<br>(config-router)# neighbor 1.1.1.1 weight 60<\/p>\n\n\n\n<p><strong>\u5f9e\u9130\u5c45\u5b78\u4f86\u7684\u8def\u5f91\u4e2d,\u8a2d\u5b9alocal_pref&nbsp;<\/strong><br>\u652f\u63f4route-map\uff0c\u4f7f\u7528set local-preference &lt; value&gt;<br>\u6216<br>\u8a2d\u5b9a\u6240\u6709\u5b78\u4f86\u7684\u8def\u5f91\u90fd\u4f7f\u7528<br>(config-router)# bgp default local-preference &lt; value&gt;<\/p>\n\n\n\n<p><strong>\u5f9e\u9130\u5c45\u5b78\u4f86\u7684\u8def\u5f91\u4e2d\uff0c\u5728as path\u4e0a\u524d\u7f6eas<\/strong><br>\u652f\u63f4route-map\uff0c\u4f7f\u7528set as-path prepend &lt; as1 [ as1 []&#8230;]&gt;<br>value\u9700\u4f7f\u7528\u6700\u63a5\u8fd1as<\/p>\n\n\n\n<p>ex:<br>\u5f9e\u9130\u5c45192.168.1.1\u5b78\u4f86\u7684\u8def\u5f91,\u82e5\u70ba180.0.0.0\/8,\u5247<br>\u5c07weight\u8abf\u70ba50,<br>\u4e26\u5728\u516c\u544a\u8a72\u8def\u5f91\u6642\u5c07local_pref\u8a2d\u70ba200<br>\u5728as path\u524d\u7f6e3\u500b\u6700\u63a5\u8fd1\u7684as(\u4f8b\u5982as 2)<br>1.<br>E1(config)# ip prefix-list p permit 180.0.0.0\/8<br>2.1<br>E1(config)# route-map m permit 10<br>E1(config-route-map)# match ip address prefix-list p<br>E1(config-route-map)# set weight 50<br>E1(config-route-map)# set local-preference 200<br>E1(config-route-map)# set as-path prepend 2 2 2<br>2.2\u5141\u8a31\u6240\u6709\u8def\u5f91<br>E1(config)# route-map m permit 20<br>3.<br>E1(config-route-map)# router bgp 11<br>E1(config-router)# neighbor 192.168.1.1 route-map m in<br>ps:<br>\u4e0a\u8ff0\u6307\u4ee4\u82e5\u8981\u751f\u6548\uff0c\u90fd\u9700\u5148\u6e05\u9664\u9130\u5c45\u95dc\u4fc2<\/p>\n\n\n\n<p><strong>\u8abf\u6574\u9023\u5230\u5167\u90e8\u7684\u8def\u5f91<\/strong><br>\u5229\u7528MED(multi exit discriminator),\u544a\u8a34\u9130\u5c45AS\u9023\u5165\u672c\u5730\u6700\u4f73\u7684\u8def\u5f91<br>\u8a72\u65b9\u6cd5\u652f\u63f4route-map,\u4f7f\u7528 set metric &lt; value&gt;,metric\u9810\u8a2d\u70ba0<\/p>\n\n\n\n<p>ex:\u544a\u8a34\u9130\u5c45\u82e5\u8981\u5230128.100.0.0\/16,\u512a\u5148\u8d701.1.1.1,\u6b21\u512a\u5148\u70ba192.168.1.2<br>1<br>(config)# route-map med1 permit 10<br>(config-route-map)# match ip address prefix p<br>(config-route-map)# set metric 10<br>(config)# route-map med2 permit 10<br>(config-route-map)# match ip address prefix p<br>(config-route-map)# set metric 20<br>2<br>(config)# ip prefix-list p permit 128.100.0.0\/16<br>3<br>(config)# router bgp 11<br>(config-router)# neighbor 1.1.1.1 route-map med1 out<br>(config-router)# neighbor 192.168.1.2 route-map med2 out<\/p>\n\n\n\n<p>ps:<br>\u6307\u4ee4bgp always-compare-med&nbsp;<br>\u5f37\u5236\u8a72router\u6bd4\u8f03\u5f9e\u4e0d\u540cas\u4f86\u7684router metrics<\/p>\n\n\n\n<p>&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;.&nbsp;<\/p>\n\n\n\n<p><br><strong>#show ip route<\/strong><br>[omit&#8230;]<br>Gateway of last resort is 192.168.1.6 to network 0.0.0.0<br>O 185.0.0.0\/8&nbsp;[20\/2]&nbsp;via 10.1.1.77, 00:15:44, FastEthernet0\/0&nbsp;\/\/\u4f7f\u7528ebgp(ad=20),\u624b\u52d5\u6307\u5b9ametric=2<\/p>\n\n\n\n<p><strong># show ip route 192.13.25.0 255.255.255.240<\/strong><br>Routing entry for 192.13.25.0\/28<br>\u3000Known via &#8220;bgp 11&#8221;, distance 20, metric 0 \u3000\/\/\u8def\u5f91\u4f86\u6e90\u70babgp 11,\u4e5f\u5c31\u662frouter\u672c\u8eab\u7684as\u70ba11<br>\u3000Tag 3, type external \u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\/\/\u6b64\u8def\u5f91\u70ba\u5916\u90e8\u8def\u5f91<br>\u3000Last update from 192.168.1.2 00:10:27 ago<br>\u3000Routing Descriptor Blocks:<br>\u3000* 192.168.1.2, from 192.168.1.2, 00:10:27 ago \/\/next hop\u70ba192.168.1.2<br>\u3000\u3000Route metric is 0, traffic share count is 1<br>\u3000\u3000AS Hops 2 \u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\/\/as path\u9577\u70ba2<br>\u3000\u3000Route tag 3<\/p>\n\n\n\n<p>&#8230;&nbsp;<\/p>\n\n\n\n<p>\u986f\u793a\u70ba\u4f55\u8a72\u8def\u5f91\u4e0d\u52a0\u5165routing table\u7684\u539f\u56e0<br><strong>#show ip bgp rib-failure<\/strong><br>Network Next Hop RIB-failure RIB-NH Matches<br>180.0.0.0\/8 1.1.1.1 Higher admin distance n\/a \/\/\u56e0ad\u904e\u9ad8&nbsp;<\/p>\n\n\n\n<p>\u986f\u793aBGP table<br><strong># show ip bgp<\/strong><br>BGP table version is 78, local router ID is 11.11.11.11<br>Status codes: s suppressed, d damped, h history, * valid, &gt; best,&nbsp;i &#8211; internal,<br>r RIB-failure, S Stale<br>Origin codes:&nbsp;i &#8211; IGP, e &#8211; EGP,&nbsp;? &#8211; incomplete<br>Network NextHop&nbsp;Metric&nbsp;LocPrf Weight&nbsp;Path&nbsp;\/\/network\u6b04\u4f4d\u8868\u793aNLRI,metric\u6b04\u4f4d\u8868\u793aMED,Path\u6b04\u4f4d\u8868\u793aAS_Path<br>* 0.0.0.0 192.168.1.2 0 0 3 i<br>*&gt; 128.100.0.0\/19&nbsp;0.0.0.0 &nbsp;0 i &nbsp; &nbsp;&nbsp;\/\/next hop=0.0.0.0\u8868\u793a\u8a72\u8def\u5f91\u662f\u88ab\u532f\u6574\u7684\u8def\u5f91<br>*&gt; \u3000\u3000\u3000\u30001.1.1.1 0 0 1 i<br>*&gt; 181.0.0.0\/8 1.1.1.1 \u30000 \u30001 2 111 i &nbsp; \/\/\u8981\u5230\u9054181.0.0.0\/8\u5247\u9700\u5148\u7d93\u904eas1,2,111&nbsp;<br>*&gt; 182.0.0.0\/8 1.1.1.1 \u30000 \u30001&nbsp;2 222 i \u3000\/\/\u6700\u65e9\u52a0\u5165as\u7684\u9806\u5e8f\u70ba222,2,1,\u4e5f\u56e0\u6b64\u8a72\u9130\u5c45\u7684as\u6703\u662f1<br>*&gt; 183.0.0.0\/8 1.1.1.1 \u30000 \u30001 2 i<br>*&gt; 184.0.0.0\/8 1.1.1.1 \u30000 \u30001 2 i \u3000\/\/\u7dca\u63a5\u5728*&gt;\u5f8c\u6c92\u6709\u63a5i(internal),\u8868\u793a\u8a72\u8def\u5f91\u7531eBGP\u5b78\u4f86<br>*&gt; 185.0.0.0\/8 1.1.1.1 \u30000 \u30001 2 i \u3000\/\/&nbsp;\u7b26\u865f &#8220;&gt;&#8221;\u8868\u793a\u6b64\u70ba\u5230\u8a72\u76ee\u5730\u7684\u6700\u4f73\u8def\u5f91<br>* 192.135.250.0\/28 1.1.1.1 0 \u30001 2 3 4 i \/\/\u5230\u76ee\u5730192.135.250.0\/28\u6709\u5169\u7b46route,\u800c\u8d8a\u820a\u7684\u8def\u5f91\u6703\u653e\u8d8a\u4e0b\u9762&nbsp;<br>*&gt; \u3000\u3000\u3000\u3000192.168.1.2 \u30000 \u30003 4 i\u3000 &nbsp; \/\/ \u672a\u5217\u51faNLRI,\u8868\u793a\u76ee\u5730\u8207\u4e0a\u4e00\u7b46192.135.250.0\/28\u76f8\u540c<\/p>\n\n\n\n<p>\u986f\u793aBGP table\u4e2d\u6307\u5b9a\u7684prefix<br><strong>#show ip bgp &lt; prefix&gt; [mask]<\/strong><br>\u756b\u9762\u5927\u81f4\u5982\u4e0b<br># show ip bgp 192.135.250.0<br>BGP routing table entry for 192.135.250.0\/28, version 78<br>Paths: (2 available, best #2, table Default-IP-Routing-Table)<br>Advertised to update-groups:<br>\u3000\u30001<br>\u30001 2 3 4 \/\/as path<br>\u3000\u30001.1.1.1 from&nbsp;10.1.2.1&nbsp;(2.2.2.2) \/\/next hop\u70ba1.1.1.1,\u8a72\u8def\u5f91\u5f9e\u9130\u5c4510.1.2.1\u5b78\u4f86,\u800c\u9130\u5c45rid=2.2.2.2<br>\u3000\u3000Origin IGP, localpref 100, valid, internal &nbsp; &nbsp; \/\/internal\u8868\u793a\u5f9eiBGP\u5b78\u5230\uff0corigin igp\u8868\u793a\u5f9eIGP\u5b78\u4f86\u7684&nbsp;<br>\u30003 4<br>\u3000\u3000192.168.1.2 from 192.168.1.2 (3.3.3.3)<br>\u3000\u3000Origin IGP, localpref 100, valid, external, best \/\/\u8868\u793a\u6700\u8def\u5f91,\u800c\u4e14external\u8868\u793a\u5f9eeBGP\u5b78\u5230\u7684&nbsp;<br>ps:<br>\u82e5prefix\u548cmask\u70ba0.0.0.0 0.0.0.0,\u5247\u8868\u793a\u8981\u5217\u51fa\u53ef\u80fd\u7684\u9810\u8a2d\u8a2d\u5f91<\/p>\n\n\n\n<p><br>\u5217\u51fa\u6bcf\u500b\u9130\u5c45\u5b78\u5230\u7684prefix\u6578\u91cf<br><strong># show ip bgp summary<\/strong><br>BGP router identifier 11.11.11.11, local AS number 11 \/\/bgp rid=11.11.11.11,asn=11<br>BGP table version is 26, main routing table version 26<br>6 network entries using 792 bytes of memory \/\/memory\u7684\u4f7f\u7528\u72c0\u6cc1<br>7 path entries using 364 bytes of memory<br>6\/4 BGP path\/bestpath attribute entries using 888 bytes of memory<br>5 BGP AS-PATH entries using 120 bytes of memory<br>0 BGP route-map cache entries using 0 bytes of memory<br>0 BGP filter-list cache entries using 0 bytes of memory<br>Bitfield cache entries: current 1 (at peak 2) using 32 bytes of memory<br>BGP using 2196 total bytes of memory<br>BGP activity 12\/6 prefixes, 38\/31 paths, scan interval 60 secs<br>Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up\/Down&nbsp;State\/PfxRcd<br>1.1.1.1 4 1 60 61 26 0 0 00:45:01&nbsp;6 \/\/\u53ea\u8981state\u70ba\u6578\u5b57,\u8868\u793a\u9130\u5c45\u5df2\u5728established\u72c0\u614b,\u76ee\u524d\u6536\u5230prefix\u7684\u6578\u91cf\u70ba6<br>192.168.1.2 4 3 153 159 26 0 0 00:38:13&nbsp;Idle(Admin) \/\/\u9130\u5c45\u88ab\u624b\u52d5\u6307\u5b9a\u9032\u884cidle\u72c0\u614b<\/p>\n\n\n\n<p>&#8230;&nbsp;<\/p>\n\n\n\n<p>\u6aa2\u8996bgp\u8def\u5f91\u904e\u6ffe\u8cc7\u8a0a\u53caroute map,\u4ee5\u53canotification,update,&#8230;\u7b49<br><strong>#show ip bgp neighbor&nbsp;&lt; neighbor-ip&gt; [received-route|routes|advertised-routes]<\/strong><br>\u5176\u4e2d<br>received-route:\u5f9eneighbor-ip\u5b78\u4f86,\u4f46\u5728inbound filter\u904e\u6ffe\u4e4b\u524d\u7684\u8def\u5f91\u3000&nbsp;<br>routes: \u76ee\u524dbgp table,\u5df2\u7d93\u5728inbound filter\u904e\u6ffe\u5f8c\u7684\u8def\u5f91\u3000&nbsp;<br>advertised-routes:\u516c\u544a\u7d66neighbor-ip,\u4f46\u5df2\u5957\u7528\u5728outbound filter\u7684\u8def\u5f91<br>ps:<br>\u5f9ebgp\u66f4\u65b0\u7684\u8def\u5f91\u6703\u5148\u7d93\u904einbound filter\uff0c\u624d\u6703\u5230bgp table,<br>\u8981\u6e96\u5099\u767c\u51fabgp\u66f4\u65b0\u7684\u8def\u5f91\u6703\u5148\u7d93\u904eoutbound filter\uff0c\u624d\u6703\u516c\u544a\u51fa\u53bb<br><br><strong>#show ip bgp neighbors 1.1.1.1 routes<\/strong><br>BGP table version is 78, local router ID is 11.11.11.11<br>Status codes: s suppressed, d damped, h history, * valid, &gt; best, i &#8211; internal,r RIB-failure, S Stale<br>Origin codes: i &#8211; IGP, e &#8211; EGP, ? &#8211; incomplete<br>\u3000Network Next Hop Metric LocPrf Weight Path<br>*&gt; 0.0.0.0 1.1.1.1 0 0 1 i<br>*&gt; 181.0.0.0\/8 1.1.1.1 0 1 2 111 111 i<br>*&gt; 182.0.0.0\/8 1.1.1.1 0 1 2 222 i<br>*&gt; 183.0.0.0\/8 1.1.1.1 0 1 2 i<br>* 192.135.250.0\/28 1.1.1.1 0 1 2 3 4 i<\/p>\n\n\n\n<p><strong># show ip bgp neighbors 1.1.1.1<\/strong><br>BGP neighbor is 1.1.1.1, remote AS 1, external link\u3000\u3000\/\/\u9130\u5c45rid=1.1.1.1,\u4e14\u9130\u5c45\u70baexternal link(eBGP)<br>\u3000BGP version 4, remote router ID 1.1.1.1<br>\u3000BGP state = Established, up for 00:45:08\u3000\u3000\/\/\u76ee\u524d\u72c0\u614b\u70baestablished<br>\u3000Last read 00:00:02, last write 00:00:38, hold time is 180, keepalive interval\u3000is 60 seconds<br>\u3000Neighbor capabilities:<br>\u3000\u3000Route refresh: advertised and received(new) \/\/\u5df2\u555f\u7528\u8def\u5f91\u66f4\u65b0<br>\u3000\u3000Address family IPv4 Unicast: advertised and received<br>\u3000Message statistics:<br>\u3000\u3000InQ depth is 0<br>\u3000\u3000OutQ depth is 0<br>\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000Sent Rcvd<br>\u3000\u3000Opens: 2 2<br>\u3000\u3000Notifications: 0 0<br>\u3000\u3000Updates: 16 12<br>\u3000\u3000Keepalives: 43 47<br>\u3000\u3000Route Refresh: 0 0<br>\u3000\u3000Total: 61 61<br>\u3000Default minimum time between advertisement runs is 30 seconds<br>For address family: IPv4 Unicast<br>\u3000BGP table version 26, neighbor version 26\/0<br>\u3000Output queue size : 0<br>\u3000Index 1, Offset 0, Mask 0x2<br>\u30001 update-group member<br>\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000Sent Rcvd<br>\u3000Prefix activity: &#8212; &#8212;<br>\u3000\u3000Prefixes Current: 6 6 (Consumes 312 bytes)<br>\u3000\u3000Prefixes Total: 19 7<br>\u3000\u3000Implicit Withdraw: 11 0<br>\u3000\u3000Explicit Withdraw: 2 1<br>\u3000\u3000Used as bestpath: n\/a 5<br>\u3000\u3000Used as multipath: n\/a 0<br>\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000Outbound Inbound<br>\u3000Local Policy Denied Prefixes: &#8212;- &#8212;-<br>\u3000\u3000AS_PATH loop: n\/a 2<br>\u3000\u3000Total: 0 2<br>\u3000Number of NLRIs in the update sent: max 3, min 1<br>\u3000Address tracking is enabled, the RIB does have a route to 1.1.1.1<br>\u3000Connections established 2; dropped 1\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\/\/router\u5df2\u5efa\u7acb\u7684tcp connection\u6b21\u6578&nbsp;<br>\u3000Last reset 00:45:10, due to Peer closed the session<br>\u3000External BGP neighbor may be up to 2 hops away.<br>\u3000Transport(tcp) path-mtu-discovery is enabled<br>Connection state is ESTAB, I\/O status: 1, unread input bytes: 0<br>Connection is ECN Disabled, Minimum incoming TTL 0, Outgoing TTL 2\u3000\u3000\/\/ebgp multihop\u7684ttl\u8a2d\u5b9a\u70ba2<br>Local host: 11.11.11.11, Local port: 179\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\/\/router\u672c\u8eabtcp\u901a\u8a0a\u7aef\u8cc7\u8a0a<br>Foreign host: 1.1.1.1, Foreign port: 28995\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\u3000\/\/\u9060\u7aefrouter\u7684tcp\u901a\u8a0a\u7aef\u8cc7\u8a0a<br>Connection tableid (VRF): 0<\/p>\n\n\n\n<p>Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes)<br>Event Timers (current time is 0x8217A0):<br>Timer Starts Wakeups Next<br>Retrans 49 0 0x0<br>TimeWait 0 0 0x0<br>AckHold 49 46 0x0<br>SendWnd 0 0 0x0<br>KeepAlive 0 0 0x0<br>GiveUp 0 0 0x0<br>PmtuAger 0 0 0x0<br>DeadWait 0 0 0x0<br>Linger 0 0 0x0<br>ProcessQ 0 0 0x0<br>iss: 2070882650 snduna: 2070884280 sndnxt: 2070884280 sndwnd: 15890<br>irs: 3327995414 rcvnxt: 3327996693 rcvwnd: 16156 delrcvwnd: 228<\/p>\n\n\n\n<p>SRTT: 300 ms, RTTO: 306 ms, RTV: 6 ms, KRTT: 0 ms<br>minRTT: 0 ms, maxRTT: 300 ms, ACK hold: 200 ms<br>Status Flags: passive open, gen tcbs<br>Option Flags: nagle, path mtu capable, md5<br>IP Precedence value : 6<\/p>\n\n\n\n<p>Datagrams (max data segment is 516 bytes):<br>Rcvd: 98 (out of order: 0), with data: 50, total data bytes: 1278<br>Sent: 99 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0),<br>with data: 50, tot<br>al data bytes: 1629<br>\u3000Packets received in fast path: 0, fast processed: 0, slow path: 0<br>\u3000fast lock acquisition failures: 0, slow path: 0<\/p>\n\n\n\n<p>&#8230;&nbsp;<\/p>\n\n\n\n<p><strong>#debug ip bgp<\/strong><br>\u7576\u624b\u52d5\u6307\u5b9a\u9130\u5c45\u9032\u5165idle\u72c0\u614b\u6642(bgp &lt; neighbor-ip&gt; shutdown)<br>\u6703\u7522\u751f\u4ee5\u4e0b\u8a0a\u606f<br>*Aug 11 20:23:01.335: BGPNSF state: 1.1.1.1 went from nsf_not_active to nsf_not_active<br>*Aug 11 20:23:01.335: BGP: 1.1.1.1 went from Established to Idle \/\/\u5f9eestablished\u72c0\u614b\u5230idle\u72c0\u614b<br>*Aug 11 20:23:01.335: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Down Admin. Shutdown<\/p>\n\n\n\n<p>\u7576\u624b\u52d5\u6307\u5b9a\u9130\u5c45\u96e2\u958bidle\u72c0\u614b\u6642(no bgp &lt; neighbor-ip&gt; shutdown)<br>\u6703\u7522\u751f\u4ee5\u4e0b\u8a0a\u606f<br>*Aug 11 20:23:26.571: BGP: 1.1.1.1 went from Idle to Active\u3000\u3000\/\/\u5f9eidle\u72c0\u614b\u5230active\u72c0\u614b<br>*Aug 11 20:23:26.571: BGP: 1.1.1.1 open active, local address 11.11.11.11<br>*Aug 11 20:23:26.575: BGP: 1.1.1.1 read request no-op<br>*Aug 11 20:23:26.575: BGP: 1.1.1.1 went from Active to OpenSent\u3000\/\/\u5f9eactive\u72c0\u614b\u5230opensent\u72c0\u614b<br>*Aug 11 20:23:26.575: BGP: 1.1.1.1 sending OPEN, version 4, my as: 11, holdtime 180 seconds<br>*Aug 11 20:23:26.579: BGP: 1.1.1.1 send message type 1, length (incl. header) 45<br>*Aug 11 20:23:26.583: BGP: 1.1.1.1 rcv message type 1, length (excl. header) 26<br>*Aug 11 20:23:26.587: BGP: 1.1.1.1 rcv OPEN, version 4, holdtime 180 seconds<br>*Aug 11 20:23:26.587: BGP: 1.1.1.1 rcv OPEN w\/ OPTION parameter len: 16<br>*Aug 11 20:23:26.587: BGP: 1.1.1.1 rcvd OPEN w\/ optional parameter type 2 (Capability) len 6<br>*Aug 11 20:23:26.587: BGP: 1.1.1.1 OPEN has CAPABILITY code: 1, length 4<br>*Aug 11 20:23:26.587: BGP: 1.1.1.1 OPEN has MP_EXT CAP for afi\/safi: 1\/1<br>*Aug 11 20:23:26.587: BGP: 1.1.1.1 rcvd OPEN w\/ optional parameter type 2 (Capability) len 2<br>*Aug 11 20:23:26.587: BGP: 1.1.1.1 OPEN has CAPABILITY code: 128, length 0<br>*Aug 11 20:23:26.587: BGP: 1.1.1.1 OPEN has ROUTE-REFRESH capability(old) for all address-families<br>*Aug 11 20:23:26.587: BGP: 1.1.1.1 rcvd OPEN w\/ optional parameter type 2 (Capability) len 2<br>*Aug 11 20:23:26.587: BGP: 1.1.1.1 OPEN has CAPABILITY code: 2, length 0<br>*Aug 11 20:23:26.587: BGP: 1.1.1.1 OPEN has ROUTE-REFRESH capability(new) for all address-families BGP: 1.1.1.1 rcvd OPEN w\/ remote AS 1<br>*Aug 11 20:23:26.587: BGP: 1.1.1.1 went from OpenSent to OpenConfirm \/\/\u5f9eopensent\u72c0\u614b\u5230openconfirm\u72c0\u614b<br>*Aug 11 20:23:26.591: BGP: 1.1.1.1 went from OpenConfirm to Established \/\/\u5f9eopenconfirm\u72c0\u614b\u5230established\u72c0\u614b<br>*Aug 11 20:23:26.591: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up<br>*Aug 11 20:23:26.603: BGP_Router: unhandled major event code 128, minor 0<\/p>\n\n\n\n<p>BGP neighbor10.0.0.2\u6c92\u8a2dpassword<br>\u6703\u7522\u751f\u4ee5\u4e0b\u8a0a\u606f<br>*Mar 1 05:29:00.821 %TCP-6-BADAUTH:No MD5 digest from 10.0.0.2:179 to 10.0.0.1:11031<\/p>\n\n\n\n<p>BGP neighbor10.0.0.7\u5df2\u8a2dpassword\u4f46\u4e0d\u6b63\u78ba<br>\u6703\u7522\u751f\u4ee5\u4e0b\u8a0a\u606f<br>*Mar 1 05:30:00.831 %TCP-6-BADAUTH:Invalid MD5 digest from 10.0.0.7:179 to 10.0.0.6:11037<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6307\u5b9arid(config-router)# bgp rout &#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[33],"tags":[],"class_list":["post-932","post","type-post","status-publish","format-standard","hentry","category-cisco-layer3"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/932","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/comments?post=932"}],"version-history":[{"count":0,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/932\/revisions"}],"wp:attachment":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/media?parent=932"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/categories?post=932"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/tags?post=932"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}