BGP-OSPF 路由注入不起作用

网络工程 思科 路由 BGP ospf
2022-02-24 09:53:21

在此处输入图像描述

背景:BGP 功能齐全,按预期工作,因此无需担心,问题是 HK_Office <> HK2 和 LON1 <> LON_Office 之间的路由注入,正如您在下面 HK_Office 和 LON_Office 的“显示 ip route”部分中看到的那样,它看不到中间的路由,例如在 HK_Office 中,它不包含到 10.10.20.0/24 或 192.168.20.0/24 的路由......反之亦然,我应该如何正确地将这些子网注入HK_Office 和 LON_Office 是否正确,所以两端可以看到彼此的子网?

备注:这实际上是在我的实验室内运行的,因为我们必须在上线前对其进行测试;我正在采取捷径使用环回接口IP来模仿将来应该注入OSPF / BGP的子网,在生产环境中不应使用环回接口。由于流量工程,我们在中间使用 BGP,请不要尝试提出其他建议,因为它不在我的控制范围内。

=========================

配置部分,

HK_办公室:

interface Loopback0
 ip address 10.10.0.1 255.255.255.0
interface Loopback1
 ip address 192.168.10.1 255.255.255.0
interface FastEthernet1/0
 ip address 172.16.0.1 255.255.255.0
 duplex auto
 speed auto
router ospf 10
 log-adjacency-changes
 redistribute connected
 passive-interface default
 no passive-interface FastEthernet1/0
 network 10.10.0.0 0.0.0.255 area 0
 network 172.16.0.0 0.0.0.255 area 0
 network 192.168.10.0 0.0.0.255 area 0

香港2:

interface FastEthernet0/0
 description VIP Network
 ip address 10.0.0.1 255.255.255.0
 duplex auto
 speed auto
interface FastEthernet0/1
 description General network
 ip address 192.168.0.1 255.255.255.0
 duplex auto
 speed auto
interface FastEthernet1/0
 ip address 172.16.0.2 255.255.255.0
 duplex auto
 speed auto

router ospf 10
 log-adjacency-changes
 redistribute connected subnets
 redistribute bgp 64512 metric-type 1 subnets
 passive-interface default
 no passive-interface FastEthernet1/0
 network 172.16.0.0 0.0.0.255 area 0
  redistribute ospf 10

router bgp 64512
 bgp log-neighbor-changes
 neighbor 10.0.0.2 remote-as 64512
 neighbor 192.168.0.2 remote-as 64512
 address-family ipv4
  redistribute connected
  redistribute ospf 10
  neighbor 10.0.0.2 activate
  neighbor 10.0.0.2 next-hop-self
  neighbor 10.0.0.2 route-map VIP_NET out
  neighbor 192.168.0.2 activate
  neighbor 192.168.0.2 next-hop-self
  neighbor 192.168.0.2 route-map General_NET out
  no auto-summary
  no synchronization
  network 10.0.0.0
  network 172.16.0.0
  network 192.168.0.0
 exit-address-family
route-map VIP_NET permit 10
 match ip address prefix-list PREFIX-TO-HK-VIP-NETWORK
 set local-preference 50
route-map VIP_NET permit 20
 match ip address prefix-list PREFIX-TO-HK-GENERAL-NETWORK
 set local-preference 5000
route-map VIP_NET permit 10
 match ip address prefix-list PREFIX-TO-HK-VIP-NETWORK
 set local-preference 5000
route-map VIP_NET permit 20
 match ip address prefix-list PREFIX-TO-HK-GENERAL-NETWORK
 set local-preference 50

LON1:

interface FastEthernet0/0
 description VIP Network
 ip address 10.0.0.2 255.255.255.0
 duplex auto
 speed auto
interface FastEthernet0/1
 description General network
 ip address 192.168.0.2 255.255.255.0
 duplex auto
 speed auto
interface FastEthernet1/0
 ip address 172.16.20.2 255.255.255.0
 duplex auto
 speed auto

router ospf 10
 log-adjacency-changes
 redistribute connected subnets
 redistribute bgp 64512 metric-type 1 subnets
 passive-interface default
 no passive-interface FastEthernet1/0
 network 172.16.20.0 0.0.0.255 area 0
  redistribute ospf 10

router bgp 64512
 bgp log-neighbor-changes
 neighbor 10.0.0.1 remote-as 64512
 neighbor 192.168.0.1 remote-as 64512
 address-family ipv4
  redistribute connected
  redistribute ospf 10
  neighbor 10.0.0.1 activate
  neighbor 10.0.0.1 next-hop-self
  neighbor 10.0.0.1 route-map VIP_NET out
  neighbor 192.168.0.1 activate
  neighbor 192.168.0.1 next-hop-self
  neighbor 192.168.0.1 route-map General_NET out
  no auto-summary
  no synchronization
  network 10.0.0.0
  network 192.168.0.0
 exit-address-family
route-map GENERALNET permit 20
 match ip address prefix-list PREFIX-TO-LON-OFFICE-GENERAL-NETWORK
 set local-preference 5000
!
route-map VIP_NET permit 10
 match ip address prefix-list PREFIX-TO-LON-OFFICE-VIP-NETWORK
 set local-preference 5000
!
route-map VIP_NET permit 20
 match ip address prefix-list PREFIX-TO-LON-OFFICE-GENERAL-NETWORK
 set local-preference 50

LON_办公室:

interface Loopback0
 ip address 10.10.20.1 255.255.255.0
interface Loopback1
 ip address 192.168.20.1 255.255.255.0
interface FastEthernet1/0
 ip address 172.16.20.1 255.255.255.0
 duplex auto
 speed auto
router ospf 10
 log-adjacency-changes
 redistribute connected
 passive-interface default
 no passive-interface FastEthernet1/0
 network 10.10.20.0 0.0.0.255 area 0
 network 172.16.20.0 0.0.0.255 area 0
 network 192.168.20.0 0.0.0.255 area 0

=========================

“显示 IP 路由”部分,

HK_办公室:

C    192.168.10.0/24 is directly connected, Loopback1
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.0.0 is directly connected, FastEthernet1/0
     10.0.0.0/24 is subnetted, 2 subnets
C       10.10.0.0 is directly connected, Loopback0
O E2    10.0.0.0 [110/20] via 172.16.0.2, 2d00h, FastEthernet1/0
O E2 192.168.0.0/24 [110/20] via 172.16.0.2, 2d00h, FastEthernet1/0

香港2:

     192.168.10.0/32 is subnetted, 1 subnets
O       192.168.10.1 [110/2] via 172.16.0.1, 2d00h, FastEthernet1/0
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.0.0 is directly connected, FastEthernet1/0
     192.168.20.0/32 is subnetted, 1 subnets
B       192.168.20.1 [200/2] via 192.168.0.2, 00:33:23
     10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O       10.10.0.1/32 [110/2] via 172.16.0.1, 2d00h, FastEthernet1/0
C       10.0.0.0/24 is directly connected, FastEthernet0/0
B       10.10.20.1/32 [200/2] via 10.0.0.2, 00:33:24
C    192.168.0.0/24 is directly connected, FastEthernet0/1

LON1:

     192.168.10.0/32 is subnetted, 1 subnets
B       192.168.10.1 [200/2] via 192.168.0.1, 00:29:20
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.20.0 is directly connected, FastEthernet1/0
     192.168.20.0/32 is subnetted, 1 subnets
O       192.168.20.1 [110/2] via 172.16.20.1, 01:28:43, FastEthernet1/0
     10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B       10.10.0.1/32 [200/2] via 10.0.0.1, 00:29:20
C       10.0.0.0/24 is directly connected, FastEthernet0/0
O       10.10.20.1/32 [110/2] via 172.16.20.1, 01:28:44, FastEthernet1/0
C    192.168.0.0/24 is directly connected, FastEthernet0/1

LON_办公室:

     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.20.0 is directly connected, FastEthernet1/0
C    192.168.20.0/24 is directly connected, Loopback1
     10.0.0.0/24 is subnetted, 2 subnets
O E2    10.0.0.0 [110/20] via 172.16.20.2, 00:42:44, FastEthernet1/0
C       10.10.20.0 is directly connected, Loopback0
O E2 192.168.0.0/24 [110/20] via 172.16.20.2, 00:42:44, FastEthernet1/0

====================================================

更新:在我对 LON1 和 HK2 路由器进行了一些配置更改后,最后两个办公室都可以看到来自“show ip route”的路由,但是!路由仍然有问题,让我们看看下面......

HK_Office“显示IP路由”:

C    192.168.10.0/24 is directly connected, Loopback1
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.0.0 is directly connected, FastEthernet1/0
     192.168.20.0/32 is subnetted, 1 subnets
O E2    192.168.20.1 [110/1] via 172.16.0.2, 00:39:33, FastEthernet1/0
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       10.10.0.0/24 is directly connected, Loopback0
O E2    10.10.20.1/32 [110/1] via 172.16.0.2, 00:39:33, FastEthernet1/0
O E2 192.168.0.0/24 [110/1] via 172.16.0.2, 01:43:34, FastEthernet1/0

LON_Office “显示 ip 路由”:

     192.168.10.0/32 is subnetted, 1 subnets
O E2    192.168.10.1 [110/1] via 172.16.20.2, 00:42:52, FastEthernet1/0
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.20.0 is directly connected, FastEthernet1/0
C    192.168.20.0/24 is directly connected, Loopback1
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
O E2    10.10.0.1/32 [110/1] via 172.16.20.2, 00:42:52, FastEthernet1/0
C       10.10.20.0/24 is directly connected, Loopback0
O E2 192.168.0.0/24 [110/1] via 172.16.20.2, 00:45:09, FastEthernet1/0

LON_Office 跟踪路由到 HK_Office:

  1 172.16.20.2 8 msec 12 msec 8 msec
  2  *  *  * 
  3  *  *  *

HK_Office 跟踪路由到 LON_Office:

  1 172.16.0.2 8 msec 8 msec 12 msec
  2  *  *  * 
  3  *  *  *

LON1 配置:

router ospf 10
 log-adjacency-changes
 redistribute bgp 64512 subnets
 passive-interface default
 no passive-interface FastEthernet1/0
 network 172.16.20.0 0.0.0.255 area 0
  redistribute ospf 10

router bgp 64512
 bgp log-neighbor-changes
 neighbor 10.0.0.1 remote-as 64512
 neighbor 192.168.0.1 remote-as 64512
 
 address-family ipv4
  redistribute ospf 10
  neighbor 10.0.0.1 activate
  neighbor 10.0.0.1 next-hop-self
  neighbor 10.0.0.1 route-map VIP_NET out
  neighbor 192.168.0.1 activate
  neighbor 192.168.0.1 next-hop-self
  neighbor 192.168.0.1 route-map General_NET out
  no auto-summary
  no synchronization
  bgp redistribute-internal
  network 10.0.0.0
  network 172.16.20.0
  network 192.168.0.0
 exit-address-family

HK2配置:

router ospf 10
 log-adjacency-changes
 redistribute bgp 64512 subnets
 passive-interface default
 no passive-interface FastEthernet1/0
 network 172.16.0.0 0.0.0.255 area 0
  redistribute ospf 10

router bgp 64512
 bgp log-neighbor-changes
 neighbor 10.0.0.2 remote-as 64512
 neighbor 192.168.0.2 remote-as 64512
 
 address-family ipv4
  redistribute ospf 10
  neighbor 10.0.0.2 activate
  neighbor 10.0.0.2 next-hop-self
  neighbor 10.0.0.2 route-map VIP_NET out
  neighbor 192.168.0.2 activate
  neighbor 192.168.0.2 next-hop-self
  neighbor 192.168.0.2 route-map General_NET out
  no auto-summary
  no synchronization
  bgp redistribute-internal
  network 10.0.0.0
  network 172.16.0.0
  network 192.168.0.0
 exit-address-family

====================================================

更新:我得到它的工作,请检查我的答案

3个回答

添加

no auto-summary

到您的 BGP 配置

我现在一切正常,这是配置:

HK_办公室:

interface Loopback0
 ip address 10.10.0.1 255.255.255.0
!
interface Loopback1
 ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet1/0
 ip address 172.16.0.1 255.255.255.0
 duplex auto
 speed auto
!
router ospf 10
 log-adjacency-changes
 passive-interface default
 no passive-interface FastEthernet1/0
 network 10.10.0.0 0.0.0.255 area 0
 network 172.16.0.0 0.0.0.255 area 0
 network 192.168.10.0 0.0.0.255 area 0
!
ip forward-protocol nd

香港2:

interface FastEthernet0/0
 description VIP Network
 ip address 10.0.0.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 description General Network
 ip address 192.168.0.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 172.16.0.2 255.255.255.0
 duplex auto
 speed auto
!
router ospf 10
 log-adjacency-changes
 redistribute bgp 64512 subnets
 passive-interface default
 no passive-interface FastEthernet1/0
 network 172.16.0.0 0.0.0.255 area 0
!
router bgp 64512
 bgp log-neighbor-changes
 neighbor 10.0.0.2 remote-as 64512
 neighbor 192.168.0.2 remote-as 64512
 !
 address-family ipv4
  redistribute ospf 10
  neighbor 10.0.0.2 activate
  neighbor 10.0.0.2 next-hop-self
  neighbor 10.0.0.2 route-map VIP_NET out
  neighbor 192.168.0.2 activate
  neighbor 192.168.0.2 next-hop-self
  neighbor 192.168.0.2 route-map General_NET out
  no auto-summary
  no synchronization
  bgp redistribute-internal
  network 10.0.0.0
  network 172.16.0.0
  network 192.168.0.0
 exit-address-family
!         
ip forward-protocol nd
!
ip prefix-list PREFIX-TO-HK-GENERAL-NETWORK seq 5 permit 192.168.10.1/32
ip prefix-list PREFIX-TO-HK-GENERAL-NETWORK seq 15 permit 172.16.0.0/24
!
ip prefix-list PREFIX-TO-HK-VIP-NETWORK seq 5 permit 10.10.0.1/32
ip prefix-list PREFIX-TO-HK-VIP-NETWORK seq 15 permit 172.16.0.0/24
!
route-map General_NET permit 10
 match ip address prefix-list PREFIX-TO-HK-VIP-NETWORK
 set local-preference 50
!
route-map General_NET permit 20
 match ip address prefix-list PREFIX-TO-HK-GENERAL-NETWORK
 set local-preference 5000
!
route-map VIP_NET permit 10
 match ip address prefix-list PREFIX-TO-HK-VIP-NETWORK
 set local-preference 5000
!
route-map VIP_NET permit 20
 match ip address prefix-list PREFIX-TO-HK-GENERAL-NETWORK
 set local-preference 50

LON1:

interface FastEthernet0/0
 description VIP Network
 ip address 10.0.0.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 description General Network
 ip address 192.168.0.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 172.16.20.2 255.255.255.0
 duplex auto
 speed auto
!
router ospf 10
 log-adjacency-changes
 redistribute bgp 64512 subnets
 passive-interface default
 no passive-interface FastEthernet1/0
 network 172.16.20.0 0.0.0.255 area 0
!
router bgp 64512
 bgp log-neighbor-changes
 neighbor 10.0.0.1 remote-as 64512
 neighbor 192.168.0.1 remote-as 64512
 !
 address-family ipv4
  redistribute ospf 10
  neighbor 10.0.0.1 activate
  neighbor 10.0.0.1 next-hop-self
  neighbor 10.0.0.1 route-map VIP_NET out
  neighbor 192.168.0.1 activate
  neighbor 192.168.0.1 next-hop-self
  neighbor 192.168.0.1 route-map General_NET out
  no auto-summary
  no synchronization
  bgp redistribute-internal
  network 10.0.0.0
  network 172.16.20.0
  network 192.168.0.0
 exit-address-family
!         
ip forward-protocol nd
!
ip prefix-list PREFIX-TO-LON-OFFICE-GENERAL-NETWORK seq 5 permit 192.168.20.1/32
ip prefix-list PREFIX-TO-LON-OFFICE-GENERAL-NETWORK seq 15 permit 172.16.20.0/24
!
ip prefix-list PREFIX-TO-LON-OFFICE-VIP-NETWORK seq 5 permit 10.10.20.1/32
ip prefix-list PREFIX-TO-LON-OFFICE-VIP-NETWORK seq 15 permit 172.16.20.0/24
no cdp log mismatch duplex
!
route-map General_NET permit 10
 match ip address prefix-list PREFIX-TO-LON-OFFICE-VIP-NETWORK
 set local-preference 50
!
route-map General_NET permit 20
 match ip address prefix-list PREFIX-TO-LON-OFFICE-GENERAL-NETWORK
 set local-preference 5000
!
route-map VIP_NET permit 10
 match ip address prefix-list PREFIX-TO-LON-OFFICE-VIP-NETWORK
 set local-preference 5000
!
route-map VIP_NET permit 20
 match ip address prefix-list PREFIX-TO-LON-OFFICE-GENERAL-NETWORK
 set local-preference 50

LON_办公室:

interface Loopback0
 ip address 10.10.20.1 255.255.255.0
!
interface Loopback1
 ip address 192.168.20.1 255.255.255.0
!
interface FastEthernet1/0
 ip address 172.16.20.1 255.255.255.0
 duplex auto
 speed auto
!
router ospf 10
 log-adjacency-changes
 passive-interface default
 no passive-interface FastEthernet1/0
 network 10.10.20.0 0.0.0.255 area 0
 network 172.16.20.0 0.0.0.255 area 0
 network 192.168.20.0 0.0.0.255 area 0
!
ip forward-protocol nd

测试目标:测试链路故障转移

备注:BGP 收敛速度慢,需要几分钟才能接收到变化,BFD 可用于改善链路故障检测但不在此范围内

下面的所有 traceroute 都是从 HK_Office 路由器运行的,它也应该从 LON_Office 类似地工作

Before link shut:

Type escape sequence to abort.
Tracing the route to 10.10.20.1

1 172.16.0.2 24 msec 16 msec 12 msec
2 10.0.0.2 16 msec 24 msec 16 msec
3 172.16.20.1 24 msec 36 msec 24 msec

Type escape sequence to abort.
Tracing the route to 192.168.20.1

1 172.16.0.2 28 msec 20 msec 20 msec
2 192.168.0.2 28 msec 44 msec 48 msec
3 172.16.20.1 64 msec 44 msec 56 msec

--------------------------------------------------------------

After link shut:

Tracing the route to 10.10.20.1

1 172.16.0.2 8 msec 20 msec 16 msec
2 192.168.0.2 40 msec 40 msec 40 msec
3 172.16.20.1 20 msec 40 msec 20 msec

Type escape sequence to abort.
Tracing the route to 192.168.20.1

1 172.16.0.2 28 msec 8 msec 8 msec
2 192.168.0.2 24 msec 36 msec 20 msec
3 172.16.20.1 40 msec 36 msec 40 msec

--------------------------------------------------------------

no shut the link again:

Type escape sequence to abort.
Tracing the route to 10.10.20.1

1 172.16.0.2 40 msec 20 msec 8 msec
2 10.0.0.2 16 msec 28 msec 16 msec
3 172.16.20.1 44 msec 36 msec 56 msec


Type escape sequence to abort.
Tracing the route to 192.168.20.1

1 172.16.0.2 36 msec 8 msec 12 msec
2 192.168.0.2 16 msec 20 msec 16 msec
3 172.16.20.1 20 msec 44 msec 40 msec

您可以尝试创建路由映射以将 BGP 重新分配到 OSPF,它还可以让您更好地控制重新分配的内容。下面的配置来自 Arista,但您应该能够将其映射到 cisco。我也会尝试在实验室中旋转它,看看我能找到什么。

HK2 示例

路由映射 bgp_to_ospf 许可 10

匹配 ip 地址访问列表 bgp_to_ospf

-

ip 访问列表标准 bgp_to_ospf

许可 172.16.20.0 0.0.0.255

许可 192.168.20.0 0.0.0.255

-

路由器 ospf 10

重新分配 bgp 路由映射 bgp_to_ospf

其它你可能感兴趣的问题
上一篇TCP ACK 混淆 下一篇堆叠式 Cisco C9200 固件升级