※noteから引っ越してきた記事※
設定
iosv-6,9: AS100
iosv-7: AS200
AS100ではLoopbackをnetworkで広告。
as-overrideのみ
Before
R7#sh ip bgp nei 155.1.79.9 adv
Total number of prefixes 0
R7#sh ip bgp nei 155.1.67.6 adv
Total number of prefixes 0
R9#sh ip bgp
BGP table version is 4, local router ID is 150.1.9.9
<略>
Network Next Hop Metric LocPrf Weight Path
*> 150.1.9.9/32 0.0.0.0 0 32768 i
R6#sh ip bgp
BGP table version is 4, local router ID is 150.1.6.6
<略>
Network Next Hop Metric LocPrf Weight Path
*> 150.1.6.6/32 0.0.0.0 0 32768 i
iosv-7を挟んでiosv-6,9がどちらもAS100なので、互いのLoopbackはiosv-7でストップする。
設定
R7(config-router)#nei 155.1.79.9 as-override
R7(config-router)#nei 155.1.67.6 as-override
After
7#sh ip bgp nei 155.1.67.6 adv | b validation
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 150.1.6.6/32 155.1.67.6 0 0 100 i
*> 150.1.9.9/32 155.1.79.9 0 0 100 i
Total number of prefixes 2
R7#
R7#sh ip bgp nei 155.1.79.9 adv | b validation
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 150.1.6.6/32 155.1.67.6 0 0 100 i
*> 150.1.9.9/32 155.1.79.9 0 0 100 i
Total number of prefixes 2
R6#sh ip bgp | b validation
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 150.1.6.6/32 0.0.0.0 0 32768 i
*> 150.1.9.9/32 155.1.67.7 0 200 200 i
R9#sh ip bgp | b validation
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 150.1.6.6/32 155.1.79.7 0 200 200 i
* 150.1.9.9/32 155.1.79.7 0 200 200 i
*> 0.0.0.0 0 32768 i
AS番号を上書きして広告するため、iosv-6,9でのAS_Pathが200 200 iになっている。
as-override split-horizon
設定
R7(config)#router bgp 200
R7(config-router)#nei 155.1.67.6 as-override split-horizon
%BGP-5-ADJCHANGE: neighbor 155.1.67.6 Down split-horizon config change
%BGP_SESSION-5-ADJCHANGE: neighbor 155.1.67.6 IPv4 Unicast topology base removed from session split-horizon config change
%BGP-5-ADJCHANGE: neighbor 155.1.67.6 Up
R7(config-router)#nei 155.1.79.9 as-override split-horizon
%BGP-5-ADJCHANGE: neighbor 155.1.79.9 Down split-horizon config change
%BGP_SESSION-5-ADJCHANGE: neighbor 155.1.79.9 IPv4 Unicast topology base removed from session split-horizon config change
%BGP-5-ADJCHANGE: neighbor 155.1.79.9 Up
After
R7#sh ip bgp nei 155.1.67.6 adv | b validation
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 150.1.9.9/32 155.1.79.9 0 0 100 i
Total number of prefixes 1
R7#sh ip bgp nei 155.1.79.9 adv | b validation
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 150.1.6.6/32 155.1.67.6 0 0 100 i
Total number of prefixes 1
R6#sh ip bgp | b validation
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 150.1.6.6/32 0.0.0.0 0 32768 i
*> 150.1.9.9/32 155.1.67.7 0 200 200 i
R9#sh ip bgp | b validation
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 150.1.6.6/32 155.1.79.7 0 200 200 i
*> 150.1.9.9/32 0.0.0.0 0 32768 i
例)iosv-7,9間での話
as-overrideのみの場合は、ASが書き換わる都合上、150.1.9.9/32がiosv-9(AS100)→iosv-7(AS200に書き換え)→iosv-9(AS200の150.1.9.9/32を受け入れ)と戻ってくる。
as-override split-horizonを設定することで、iosv-9から広告された経路がiosv-9へ戻ってくることを防いでいる。(スプリットホライズンの維持)
iosv-7,6間でも同様に、150.1.6.6/32がiosv-6→7→6と戻ってこないようにしている。
show run
R7#sh run | s bgp
router bgp 200
bgp log-neighbor-changes
neighbor 155.1.67.6 remote-as 100
neighbor 155.1.67.6 as-override
neighbor 155.1.79.9 remote-as 100
neighbor 155.1.79.9 as-override
neighbor as-override split-horizonって入れてるのにrunning-config上ではas-overrideしか表示されない。
show ip bgp update-group
Before
R7#sh ip bgp update-group
BGP version 4 update-group 5, external, Address Family: IPv4 Unicast
BGP Update version : 11/0, messages 0, active RGs: 1
Overrides the neighbor AS 100 with my AS before sending updates
Topology: global, highest version: 11, tail marker: 11
Format state: Current working (OK, last minimum advertisement interval)
Refresh blocked (not in list, last not in list)
Update messages formatted 2, replicated 4, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 1, min 0
Minimum time between advertisement runs is 30 seconds
Has 2 members:
155.1.67.6 155.1.79.9
After
R7#sh ip bgp update-group
BGP version 4 update-group 3, external, Address Family: IPv4 Unicast
BGP Update version : 7/0, messages 0, active RGs: 2
Overrides the neighbor AS 100 with my AS before sending updates
Split horizon processing before sending updates
Topology: global, highest version: 7, tail marker: 7
Format state: Current working (OK, last minimum advertisement interval)
Refresh blocked (not in list, last not in list)
Update messages formatted 3, replicated 3, current 0, refresh 0, limit 1000
Number of NLRIs in the update sent: max 1, min 0
Minimum time between advertisement runs is 30 seconds
Has 2 members:
155.1.79.9 155.1.67.6