BGP Dual AS Configuration : neighbor local-as 參數釋疑(Part 4)
replace-as
Prepends only the local AS number to the AS-path attribute. The AS number from the local BGP routing process is not prepended.
基本上我覺得這一段話真的很像英文文言文,我看了很久還是看不懂它所要表達的意義…我看我們還是來看看實際實驗結果來檢查AS-Path的變化吧。
網路架構圖:
在R2上直接再加上replace-as這個參數:
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router bgp 100
R2(config-router)# neighbor 192.168.1.10 local-as 200 no-prepend replace-as
00:16:35: %SYS-5-CONFIG_I: Configured from console by console
00:16:35: %BGP-5-ADJCHANGE: neighbor 192.168.1.10 Down Local AS change[OK]
00:17:14: %BGP-5-ADJCHANGE: neighbor 192.168.1.10 Up
R2#
接著我們來看看每個Router上的BGP Table
R1#sh ip bgp
BGP table version is 8, local router ID is 10.3.3.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.3.3.11/32 0.0.0.0 0 32768 i
*>i10.3.3.22/32 192.168.1.2 0 100 0 i
*>i10.3.3.33/32 192.168.1.10 0 100 0 300 i
* i192.168.1.0/30 192.168.1.2 0 100 0 ?
*> 0.0.0.0 0 32768 ?
*>i192.168.1.8/30 192.168.1.2 0 100 0 ?
R2#sh ip bgp
BGP table version is 8, local router ID is 10.3.3.22
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i10.3.3.11/32 192.168.1.1 0 100 0 i
*> 10.3.3.22/32 0.0.0.0 0 32768 i
*> 10.3.3.33/32 192.168.1.10 0 0 300 i
* i192.168.1.0/30 192.168.1.1 0 100 0 ?
*> 0.0.0.0 0 32768 ?
* 192.168.1.8/30 192.168.1.10 0 0 300 ?
*> 0.0.0.0 0 32768 ?
R3#sh ip bgp
BGP table version is 12, local router ID is 10.3.3.33
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.3.3.11/32 192.168.1.9 0 200 i
*> 10.3.3.22/32 192.168.1.9 0 0 200 i
*> 10.3.3.33/32 0.0.0.0 0 32768 i
*> 192.168.1.0/30 192.168.1.9 0 0 200 ?
* 192.168.1.8/30 192.168.1.9 0 0 200 ?
*> 0.0.0.0 0 32768 ?
各位可以仔細觀察一下這幾個BGP Table中的AS-Path變化,不論是R1, R2 or R3,AS-Path都只有一個AS了,因此各位可以想像成是當R2 advertise BGP routes到R1時,只prepend AS200而不再prepend AS100,也就是只利用AS200直接"replace" AS100,這樣各位會比較容易記起來!
dual-as
Configure the EBGP neighbor to establish a peering session using the real AS number(from the local BGP routing process) or by using the AS number configured with the ip-address argument(local-as)
最後,我們來談到dual-as這個參數,這個參數有沒有使用對於BGP Table沒有太大的差異,事實上這個參數是讓neighbor可以同時接受使用不同的AS來建立bgp session(在本例中,R2可以使用AS100 or AS200來跟R3建立BGP session,也就是R3那端的bgp configure中的neighbor X.X.X.X remote-as後面可接100 or 200);不過就我實驗的結果來看,似乎從idle到established完全的狀態會比一般的設定來得久,超過50秒甚至超過1分鐘以上才完成,各位如果有任何這方面的實務使用心得,歡迎給我一些回饋,讓更多人對這些參數的應用有更深一步的認知。
Prepends only the local AS number to the AS-path attribute. The AS number from the local BGP routing process is not prepended.
基本上我覺得這一段話真的很像英文文言文,我看了很久還是看不懂它所要表達的意義…我看我們還是來看看實際實驗結果來檢查AS-Path的變化吧。
在R2上直接再加上replace-as這個參數:
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router bgp 100
R2(config-router)# neighbor 192.168.1.10 local-as 200 no-prepend replace-as
00:16:35: %SYS-5-CONFIG_I: Configured from console by console
00:16:35: %BGP-5-ADJCHANGE: neighbor 192.168.1.10 Down Local AS change[OK]
00:17:14: %BGP-5-ADJCHANGE: neighbor 192.168.1.10 Up
R2#
接著我們來看看每個Router上的BGP Table
R1#sh ip bgp
BGP table version is 8, local router ID is 10.3.3.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.3.3.11/32 0.0.0.0 0 32768 i
*>i10.3.3.22/32 192.168.1.2 0 100 0 i
*>i10.3.3.33/32 192.168.1.10 0 100 0 300 i
* i192.168.1.0/30 192.168.1.2 0 100 0 ?
*> 0.0.0.0 0 32768 ?
*>i192.168.1.8/30 192.168.1.2 0 100 0 ?
R2#sh ip bgp
BGP table version is 8, local router ID is 10.3.3.22
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i10.3.3.11/32 192.168.1.1 0 100 0 i
*> 10.3.3.22/32 0.0.0.0 0 32768 i
*> 10.3.3.33/32 192.168.1.10 0 0 300 i
* i192.168.1.0/30 192.168.1.1 0 100 0 ?
*> 0.0.0.0 0 32768 ?
* 192.168.1.8/30 192.168.1.10 0 0 300 ?
*> 0.0.0.0 0 32768 ?
R3#sh ip bgp
BGP table version is 12, local router ID is 10.3.3.33
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.3.3.11/32 192.168.1.9 0 200 i
*> 10.3.3.22/32 192.168.1.9 0 0 200 i
*> 10.3.3.33/32 0.0.0.0 0 32768 i
*> 192.168.1.0/30 192.168.1.9 0 0 200 ?
* 192.168.1.8/30 192.168.1.9 0 0 200 ?
*> 0.0.0.0 0 32768 ?
各位可以仔細觀察一下這幾個BGP Table中的AS-Path變化,不論是R1, R2 or R3,AS-Path都只有一個AS了,因此各位可以想像成是當R2 advertise BGP routes到R1時,只prepend AS200而不再prepend AS100,也就是只利用AS200直接"replace" AS100,這樣各位會比較容易記起來!
dual-as
Configure the EBGP neighbor to establish a peering session using the real AS number(from the local BGP routing process) or by using the AS number configured with the ip-address argument(local-as)
最後,我們來談到dual-as這個參數,這個參數有沒有使用對於BGP Table沒有太大的差異,事實上這個參數是讓neighbor可以同時接受使用不同的AS來建立bgp session(在本例中,R2可以使用AS100 or AS200來跟R3建立BGP session,也就是R3那端的bgp configure中的neighbor X.X.X.X remote-as後面可接100 or 200);不過就我實驗的結果來看,似乎從idle到established完全的狀態會比一般的設定來得久,超過50秒甚至超過1分鐘以上才完成,各位如果有任何這方面的實務使用心得,歡迎給我一些回饋,讓更多人對這些參數的應用有更深一步的認知。
Comments
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hirp_c/ch05/hbgphla.htm
Changing the Autonomous System Number in a BGP Network
Changing the autonomous system number may be necessary when 2 separate BGP networks are combined under a single autonomous system. This typically occurs when one ISP purchases another ISP. The neighbor local-as command is used initially to configure BGP peers to support 2 local autonomous system numbers to maintain peering between 2 separate BGP networks. This configuration allows the ISP to immediately make the transition without any impact on existing customer configurations.
When the customer configurations have been updated, The next step is to complete the transition from the old autonomous system number to the new autonomous system number. However, when the neighbor local-as command is configured on a BGP peer, the local autonomous system number is automatically prepended to all routes that are learned from eBGP peers by default. This behavior, however, makes changing the autonomous system number for a service provider or large BGP network difficult because routes, with the prepended autonomous system number, will be rejected by internal BGP (iBGP) peers that are configured with the same autonomous system number. For example, if you configure an iBGP peer with the neighbor 10.0.0.2 local-as 20 statement, all routes that are learned from the 10.0.0.2 external peer will automatically have the autonomous system number 20 prepended. Internal routers that are configured with the autonomous number 20 will detect these routes as routing loops and reject them. This behavior requires you to change the autonomous system number for all iBGP peers at the same time.
neighbor 10.0.0.2 local-as 20
所有來自於neighbor 10.0.0.2的bgp route將會帶著AS-Path 20的資訊。(請參考Part 1)
而內部路由器若是使用router bgp 20的process,根據EBGP split-horizon的原則將會drop這些路由而且不會發出任何的通知或warning,這就是文中所指的routing loop的意思。
最後一句話談到:This behavior requires you to change the autonomous system number for all iBGP peers at the same time. 這是指在transition的過程中(全部改為一般的方式,停止使用local-as)一定要同時間修改所有的iBGP neighbor才可避免此問題的發生。
1.將R2使用local-as 200參數,並且改用新的router bgp 100
2.同時R4也必須使用router bgp 100,不得再使用原有的router bgp 200,因為local-as的參數不是為了讓被併購的公司內部IBGP沒有變動,只是單純為了不影響客戶的設定而有的一種過渡時期作法。
如果R4維持原有的設定router bgp 200,那麼R4將不會收到R2轉送過來的EBGP route,除非R2使用更進一步的參數如no-prepend, 來避免發生EBGP routing loop detection。
祝早日取得號碼!