Описание:
Один из вариантов возможности обмена маршрутной информации протокола BGP между vrf и vrf/vrf и global на маршрутизаторе это решение Route Leaking.
Задача:
На маршрутизаторе ESR настроены eBGP соседства в vrf_A и в vrf_B, необходимо организовать доступность сетей между ESR-B и ESR-A.
В конфигурациях маршрутизаторов не используется firewall дабы не нагромождать конфигурацию.
Решение:
Конфигурация ESR
ip vrf vrf_A
ip protocols bgp max-routes 100
rd 65512:1
route-target export 65512:1
route-target import 65512:2
exit
ip vrf vrf_B
ip protocols bgp max-routes 100
rd 65512:2
route-target export 65512:2
route-target import 65512:1
exit
system fan-speed auto
route-map out
rule 1
exit
exit
router bgp log-neighbor-changes
router bgp 65512
neighbor 172.16.1.1 # создание fake peer для работы Route Leaking
description "fake peer"
remote-as 65512
address-family vpnv4 unicast
send-community extended
enable
exit
enable
exit
enable
vrf vrf_A
router-id 192.168.12.2
neighbor 192.168.12.1
description "to_neighbor_ESR_A"
remote-as 65513
address-family ipv4 unicast
route-map out out
enable
exit
enable
exit
address-family ipv4 unicast
redistribute bgp 65512
exit
enable
exit
vrf vrf_B
router-id 192.168.23.2
neighbor 192.168.23.3
description "to_neighbor_ESR_B"
remote-as 65514
address-family ipv4 unicast
route-map out out
enable
exit
enable
exit
address-family ipv4 unicast
redistribute bgp 65512
exit
enable
exit
exit
interface gigabitethernet 1/0/1
ip vrf forwarding vrf_A
ip firewall disable
ip address 192.168.12.2/24
exit
interface gigabitethernet 1/0/2
ip vrf forwarding vrf_B
ip firewall disable
ip address 192.168.23.2/24
exit
Выводы диагностических команд на ESR для neighbor ESR-A
ESR# show bgp vrf vrf_A neighbors
BGP neighbor is 192.168.12.1
Description: to_neighbor_ESR_A
BGP state: Established
Type: Static neighbor
Neighbor address: 192.168.12.1
Neighbor AS: 65513
Neighbor ID: 192.168.12.1
Neighbor caps: refresh enhanced-refresh restart-aware AS4
Session: external AS4
Source address: 192.168.12.2
Weight: 0
Hold timer: 141/180
Keepalive timer: 12/60
Address family ipv4 unicast:
Send-label: No
Default originate: No
Default information originate: No
Outgoing route-map: out
Uptime: 89 s
ESR#
ESR#
ESR# show ip route vrf vrf_A
Codes: C - connected, S - static, R - RIP derived,
O - OSPF derived, IA - OSPF inter area route,
E1 - OSPF external type 1 route, E2 - OSPF external type 2 route
B - BGP derived, D - DHCP derived, K - kernel route, V - VRRP route
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
H - NHRP, * - FIB route
B * 172.16.30.0/24 [170] via 192.168.12.1 on gi1/0/1 [bgp65512 01:28:48] (AS65513i)
B * 172.16.20.0/24 [170] dev gi1/0/2 [bgp65512 01:29:47]
C * 192.168.12.0/24 [0/0] dev gi1/0/1 [direct 01:20:47]
ESR#
ESR#
ESR# show bgp vrf vrf_A ipv4 unicast neighbor 192.168.12.1 routes
Status codes: u - unicast, b - broadcast, m - multicast, a - anycast
* - valid, > - best
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> u 172.16.30.0/24 192.168.12.1 -- 100 0 65513 i
ESR#
ESR#
ESR# show bgp vrf vrf_A ipv4 unicast neighbor 192.168.12.1 advertise-routes
Status codes: u - unicast, b - broadcast, m - multicast, a - anycast
* - valid, > - best
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> u 172.16.20.0/24 :: -- -- -- 65512 65514 i
ESR#
ESR#
ESR# show bgp vpnv4 unicast all
Status codes: * - valid, > - best, i - internal, S - stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Codes Route Distinguisher IP Prefix Next hop Metric Label LocPrf Weight Path
----- --------------------- ------------------ --------------- ---------- ------- ---------- ------ ----------------
*> 65512:1 172.16.30.0/24 -- -- 21 100 -- 65513 i
*> 65512:2 172.16.20.0/24 -- -- 23 100 -- 65514 i
Выводы диагностических команд на ESR для neighbor ESR-B
ESR# show bgp vrf vrf_B neighbors
BGP neighbor is 192.168.23.3
Description: to_neighbor_ESR_B
BGP state: Established
Type: Static neighbor
Neighbor address: 192.168.23.3
Neighbor AS: 65514
Neighbor ID: 192.168.23.3
Neighbor caps: refresh enhanced-refresh restart-aware AS4
Session: external AS4
Source address: 192.168.23.2
Weight: 0
Hold timer: 126/180
Keepalive timer: 55/60
Address family ipv4 unicast:
Send-label: No
Default originate: No
Default information originate: No
Outgoing route-map: out
Uptime: 114 s
ESR#
ESR#
ESR# show ip route vrf vrf_B
Codes: C - connected, S - static, R - RIP derived,
O - OSPF derived, IA - OSPF inter area route,
E1 - OSPF external type 1 route, E2 - OSPF external type 2 route
B - BGP derived, D - DHCP derived, K - kernel route, V - VRRP route
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
H - NHRP, * - FIB route
C * 192.168.23.0/24 [0/0] dev gi1/0/2 [direct 01:20:47]
B * 172.16.30.0/24 [170] dev gi1/0/1 [bgp65512 01:28:48]
B * 172.16.20.0/24 [170] via 192.168.23.3 on gi1/0/2 [bgp65512 01:29:47] (AS65514i)
ESR#
ESR#
ESR# show bgp vrf vrf_B ipv4 unicast neighbor 192.168.23.3 routes
Status codes: u - unicast, b - broadcast, m - multicast, a - anycast
* - valid, > - best
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> u 172.16.20.0/24 192.168.23.3 -- 100 0 65514 i
ESR#
ESR#
ESR# show bgp vrf vrf_B ipv4 unicast neighbor 192.168.23.3 advertise-routes
Status codes: u - unicast, b - broadcast, m - multicast, a - anycast
* - valid, > - best
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> u 172.16.30.0/24 :: -- -- -- 65512 65513 i
Конфигурация и выводы диагностических команд на ESR-A
hostname ESR-A
route-map out
rule 1
exit
exit
router bgp log-neighbor-changes
router bgp 65513
router-id 192.168.12.1
neighbor 192.168.12.2
remote-as 65512
address-family ipv4 unicast
route-map out out
enable
exit
enable
exit
address-family ipv4 unicast
network 172.16.30.0/24
exit
enable
exit
interface gigabitethernet 1/0/1
ip firewall disable
ip address 192.168.12.1/24
exit
interface loopback 1
ip address 172.16.30.30/24
exit
ESR-A#
ESR-A#
ESR-A# show bgp neighbors
BGP neighbor is 192.168.12.2
BGP state: Established
Type: Static neighbor
Neighbor address: 192.168.12.2
Neighbor AS: 65512
Neighbor ID: 192.168.12.2
Neighbor caps: refresh enhanced-refresh restart-aware AS4
Session: external AS4
Source address: 192.168.12.1
Weight: 0
Hold timer: 152/180
Keepalive timer: 45/60
Address family ipv4 unicast:
Send-label: No
Default originate: No
Default information originate: No
Outgoing route-map: out
Uptime: 116 s
ESR-A#
ESR-A#
ESR-A# show ip route
Codes: C - connected, S - static, R - RIP derived,
O - OSPF derived, IA - OSPF inter area route,
E1 - OSPF external type 1 route, E2 - OSPF external type 2 route
B - BGP derived, D - DHCP derived, K - kernel route, V - VRRP route
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
H - NHRP, * - FIB route
C * 172.16.30.0/24 [0/0] dev lo1 [direct 11:43:35]
B * 172.16.20.0/24 [170] via 192.168.12.2 on gi1/0/1 [bgp65513 16:18:15] (AS65514i)
C * 192.168.12.0/24 [0/0] dev gi1/0/1 [direct 11:40:21]
ESR-A#
ESR-A# ping 172.16.20.20 source ip 172.16.30.30
PING 172.16.20.20 (172.16.20.20) from 172.16.30.30 : 56 bytes of data.
!!!!!
--- 172.16.20.20 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4004ms
rtt min/avg/max/mdev = 0.241/0.261/0.335/0.040 ms
Конфигурация и выводы диагностических команд на ESR-B
hostname ESR-B
route-map out
rule 1
exit
exit
router bgp log-neighbor-changes
router bgp 65514
router-id 192.168.23.3
neighbor 192.168.23.2
remote-as 65512
address-family ipv4 unicast
route-map out out
enable
exit
enable
exit
address-family ipv4 unicast
network 172.16.20.0/24
exit
enable
exit
interface gigabitethernet 1/0/1
ip firewall disable
ip address 192.168.23.3/24
exit
interface loopback 1
ip address 172.16.20.20/24
exit
ESR-B#
ESR-B# show bgp neighbors
BGP neighbor is 192.168.23.2
BGP state: Established
Type: Static neighbor
Neighbor address: 192.168.23.2
Neighbor AS: 65512
Neighbor ID: 192.168.23.2
Neighbor caps: refresh enhanced-refresh restart-aware AS4
Session: external AS4
Source address: 192.168.23.3
Weight: 0
Hold timer: 141/180
Keepalive timer: 41/60
Address family ipv4 unicast:
Send-label: No
Default originate: No
Default information originate: No
Outgoing route-map: out
Uptime: 214 s
ESR-B#
ESR-B# sh ip route
Codes: C - connected, S - static, R - RIP derived,
O - OSPF derived, IA - OSPF inter area route,
E1 - OSPF external type 1 route, E2 - OSPF external type 2 route
B - BGP derived, D - DHCP derived, K - kernel route, V - VRRP route
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
H - NHRP, * - FIB route
C * 192.168.23.0/24 [0/0] dev gi1/0/1 [direct 11:29:59]
B * 172.16.30.0/24 [170] via 192.168.23.2 on gi1/0/1 [bgp65514 16:06:03] (AS65513i)
C * 172.16.20.0/24 [0/0] dev lo1 [direct 11:31:49]
ESR-B#
ESR-B# ping 172.16.30.30 source ip 172.16.20.20
PING 172.16.30.30 (172.16.30.30) from 172.16.20.20 : 56 bytes of data.
!!!!!
--- 172.16.30.30 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4003ms
rtt min/avg/max/mdev = 0.228/0.277/0.347/0.050 ms