5招解决路由黑洞

如何解决路由黑洞？

1、全互联（全互联的意思就是在一个AS内的所有的BGP路由器全部都建立我们Establish的关系）
2、RR（反射器）
3、联盟（一般用的不多）
4、将BGP路由引入到IGP，从而保证IGP与BGP的同步。但是，因为Internet上的BGP路由数量十分庞大，一旦引入到IGP，会给IGP路由器带来巨大的处理和存储负担，如果路由器负担过重，则可能瘫痪 不建议
5、MPLS技术解决路由黑洞问题

解决方法1.全互联

在一个AS内的所有的BGP路由器全部都建立我们Establish的关系
R2 R3 R4之间的loopback接口之间相互建立IBGP的关系

 R2的配置

#
bgp 200
 router-id 2.2.2.2
 peer 3.3.3.3 as-number 200 
 peer 3.3.3.3 connect-interface LoopBack0
 peer 4.4.4.4 as-number 200 
 peer 4.4.4.4 connect-interface LoopBack0
 peer 192.168.12.1 as-number 100 
 #
 ipv4-family unicast
  undo synchronization
  peer 3.3.3.3 enable
  peer 3.3.3.3 next-hop-local 
  peer 4.4.4.4 enable
  peer 4.4.4.4 next-hop-local 
#

R3的BGP配置

#
bgp 200
 peer 2.2.2.2 as-number 200 
 peer 2.2.2.2 connect-interface LoopBack0
 peer 4.4.4.4 as-number 200 
 peer 4.4.4.4 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 1.1.1.1 enable
  peer 4.4.4.4 enable
#

R4的BGP配置

#
bgp 200
 router-id 4.4.4.4
 peer 2.2.2.2 as-number 200 
 peer 2.2.2.2 connect-interface LoopBack0
 peer 3.3.3.3 as-number 200 
 peer 3.3.3.3 connect-interface LoopBack0
#
 ipv4-family unicast
  undo synchronization
  peer 2.2.2.2 enable
  peer 2.2.2.2 next-hop-local 
  peer 3.3.3.3 enable
  peer 3.3.3.3 next-hop-local 
#

在R3上检查IBGP的关系

[R3]display bgp peer 

 BGP local router ID : 192.168.34.3
 Local AS number : 200
 Total number of peers : 2                Peers in established state : 2

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv

  2.2.2.2         4         200        3        2     0 00:00:02 Established       1
  4.4.4.4         4         200        5        5     0 00:02:30 Established       1
[R3]

在R3上面看下是否能够学习到关系1.1.1.1和5.5.5.5的路由

[R3]display bgp routing-table 

 BGP Local router ID is 192.168.34.3 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 2
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>i  1.1.1.1/32         2.2.2.2         0          100        0      100i
 *>i  5.5.5.5/32         4.4.4.4         0          100        0      300i
[R3]

在R5上面访问R1

<R5>ping -a 5.5.5.5 1.1.1.1
  PING 1.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=252 time=80 ms
    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=252 time=60 ms
    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=252 time=50 ms

  --- 1.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 40/54/80 ms

缺点：BGP 200里面的设备越多 需要建立IBGP的数量也就越多 可以考虑用反射器解决

解决方法2.RR

删除上面BGP R2 R3 R4的BGP配置
R3设备为反射器 R2和R4设备为客户端 反射器和客户端之间IBGP关系就可以 客户端和客户端之间不需要建立起任何关系
优点：减少AS 200里面的IBGP的数量

R2的配置 

#
bgp 200
 router-id 2.2.2.2
 peer 3.3.3.3 as-number 200     //R2和反射器建立IBGP关系
 peer 3.3.3.3 connect-interface LoopBack0
#
 ipv4-family unicast
  undo synchronization
  peer 3.3.3.3 enable
  peer 3.3.3.3 next-hop-local 

R4的配置

#
bgp 200
 router-id 4.4.4.4
 peer 3.3.3.3 as-number 200     //R2和反射器建立IBGP关系
 peer 3.3.3.3 connect-interface LoopBack0
 peer 192.168.45.5 as-number 300 
 #
 ipv4-family unicast
  undo synchronization
  peer 3.3.3.3 enable
  peer 3.3.3.3 next-hop-local 
#

R3的配置

#
bgp 200
 peer 2.2.2.2 as-number 200 
 peer 2.2.2.2 connect-interface LoopBack0
 peer 4.4.4.4 as-number 200 
 peer 4.4.4.4 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 2.2.2.2 enable
  peer 2.2.2.2 reflect-client       //R2反射器和客户端建立IBGP关系
  peer 4.4.4.4 enable
  peer 4.4.4.4 reflect-client       //R2反射器和客户端建立IBGP关系
#

在R5上面访问R1

<R5>ping -a 5.5.5.5 1.1.1.1
  PING 1.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=252 time=80 ms
    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=252 time=60 ms
    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=252 time=50 ms

  --- 1.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 40/54/80 ms

解决方法3.联盟

删除RR的配置 我们可以将AS 200拆成3个子的AS 分别为1000 2000 3000AS

 在R2这边的配置

#
bgp 1000        //R2上面直接配置子AS 1000
 router-id 2.2.2.2
 confederation id 200   //R2对外还是宣称在AS 200里面
 confederation peer-as 2000     //指定和对端子AS 2000建立EBGP关系
 peer 192.168.12.1 as-number 100 
 peer 192.168.23.3 as-number 2000 
 #
 ipv4-family unicast
  undo synchronization
  peer 192.168.12.1 enable
  peer 192.168.23.3 enable
  peer 192.168.23.3 next-hop-local  //在AS 200内部虽然R2和R3是EBGP关系  但是毕竟R2 和R3在一个AS 200当中  R2从R1学习到的路由  发给R3的时候下一跳还是不变化  所以需要敲如下命令实现R2发给R3的时候下一跳为R2本身
#

在R3这边的配置

#
bgp 2000
 confederation id 200
 confederation peer-as 1000 3000
 peer 192.168.23.2 as-number 1000 
 peer 192.168.34.4 as-number 3000 
 #
 ipv4-family unicast
  undo synchronization
  peer 192.168.23.2 enable
  peer 192.168.34.4 enable
#

在R4这边的配置

#
bgp 3000
 confederation id 200
 confederation peer-as 2000
 peer 192.168.34.3 as-number 2000 
 peer 192.168.45.5 as-number 300 
 #
 ipv4-family unicast
  undo synchronization
  peer 192.168.34.3 enable
  peer 192.168.34.3 next-hop-local 
  peer 192.168.45.5 enable
#

检查R2 R3 R4的BGP关系

<R2>display bgp peer 

 BGP local router ID : 2.2.2.2
 Local AS number : 1000
 Total number of peers : 2                Peers in established state : 2

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv

  192.168.12.1    4         100       10       10     0 00:07:29 Established       1
  192.168.23.3    4        2000       20       18     0 00:08:53 Established       1
<R2>
[R3]display bgp peer 

 BGP local router ID : 192.168.34.3
 Local AS number : 2000
 Total number of peers : 2                Peers in established state : 2

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv

  192.168.23.2    4        1000       18       21     0 00:09:00 Established       1
  192.168.34.4    4        3000       13       21     0 00:08:17 Established       1
[R3]

[R4]display bgp peer 

 BGP local router ID : 192.168.34.4
 Local AS number : 3000
 Total number of peers : 2                Peers in established state : 2

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv

  192.168.34.3    4        2000       20       13     0 00:08:21 Established       1
  192.168.45.5    4         300       10       12     0 00:07:23 Established       1
[R4]

检查R2 R3 R4的路由

[R4]display bgp routing-table 

 BGP Local router ID is 192.168.34.4 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 2
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>i  1.1.1.1/32         192.168.23.2    0          100        0      (2000 1000) 100i
 *>   5.5.5.5/32         192.168.45.5    0                     0      300i
[R4]

[R3]display bgp routing-table 

 BGP Local router ID is 192.168.34.3 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 2
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>i  1.1.1.1/32         192.168.23.2    0          100        0      (1000) 100i
 *>i  5.5.5.5/32         192.168.34.4    0          100        0      (3000) 300i
[R3]

<R2>display bgp routing-table 

 BGP Local router ID is 2.2.2.2 
 Status codes: * - valid, > - best, d - damped,
               h - history,  i - internal, s - suppressed, S - Stale
               Origin : i - IGP, e - EGP, ? - incomplete

 Total Number of Routes: 2
      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn

 *>   1.1.1.1/32         192.168.12.1    0                     0      100i
 *>i  5.5.5.5/32         192.168.34.4    0          100        0      (2000 3000) 300i
<R2>

在R5上面访问R1

<R5>ping -a 5.5.5.5 1.1.1.1
  PING 1.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=252 time=80 ms
    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=252 time=60 ms
    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=252 time=50 ms

  --- 1.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 40/54/80 ms

缺点：联盟的配置改动量特别大 不建议还割接的时候用这个方式

解决方法4. 将BGP路由引入到IGP

删除联盟的配置 将BGP路由引入到IGP里面 在R2上引入和R4上面 将BGP路由引入到OSPF里面

 R2的配置

#
ospf 1 router-id 2.2.2.2 
 import-route bgp
#

R4的配置

#
ospf 1 router-id 4.4.4.4
 import-route bgp
#

查看R3的路由表

<R3>display ip routing-table protocol ospf 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
         Destinations : 4        Routes : 4        

OSPF routing table status : <Active>
         Destinations : 4        Routes : 4

Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface

        1.1.1.1/32  O_ASE   150  1           D   192.168.23.2    GigabitEthernet0/0/1
        2.2.2.2/32  OSPF    10   1           D   192.168.23.2    GigabitEthernet0/0/1
        4.4.4.4/32  OSPF    10   1           D   192.168.34.4    GigabitEthernet0/0/0
        5.5.5.5/32  O_ASE   150  1           D   192.168.34.4    GigabitEthernet0/0/0

OSPF routing table status : <Inactive>
         Destinations : 0        Routes : 0

在R5上面访问R1

<R5>ping -a 5.5.5.5 1.1.1.1
  PING 1.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=252 time=80 ms
    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=252 time=60 ms
    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=252 time=50 ms

  --- 1.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 40/54/80 ms

思考如下：
能不能只在R2或者R4上面进行引入？会有什么问题？如何解决？

解决方法5.MPLS技术

删除上面引入的配置 
在R2 R3 R4设备之间配置MPLS 和MPLS LDP协议 让R5访问R1的数据走2.5层进行转发

 在R2上的配置

#
mpls lsr-id 2.2.2.2
#
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/1
 mpls
 mpls ldp
#

在R3上的配置

#
mpls lsr-id 3.3.3.3
#
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/1
 mpls
 mpls ldp
#
interface GigabitEthernet0/0/0
 mpls
 mpls ldp
#

在R4上的配置

#
mpls lsr-id 4.4.4.4
#
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/0
 mpls
 mpls ldp
#

检查LDP的关系

<R3>display mpls ldp session all 

 LDP Session(s) in Public Network
 Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
 A '*' before a session means the session is being deleted.
 ------------------------------------------------------------------------------
 PeerID             Status      LAM  SsnRole  SsnAge      KASent/Rcv
 ------------------------------------------------------------------------------
 2.2.2.2:0          Operational DU   Active   0000:00:04  17/17
 4.4.4.4:0          Operational DU   Passive  0000:00:03  16/16
 ------------------------------------------------------------------------------
 TOTAL: 2 session(s) Found.

<R3>

在R5上面访问R1

<R5>ping -a 5.5.5.5 1.1.1.1
  PING 1.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=252 time=80 ms
    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=252 time=60 ms
    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=252 time=40 ms
    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=252 time=50 ms

  --- 1.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 40/54/80 ms

注意：MPLS 虚拟私有网络就是靠这种方式实现的