routes - 关于 ibgp 配置和 ping 超时:跳数限制
问题描述
我正在配置 iBGP
现在有两台机器RS1和RS2
他们使用 Ubuntu 18 和 Bird 1.6
RS1 连接到 as6939
RS2 连接到 as20473
2000:1::/48 在 RS1 上公布
2000:2:: 48 在 RS2 上公布
RS1和RS2通过zerotier连接,然后建立iBGP
他们的个人资料看起来像这样
RS1
router id 1.1.1.1;
function is_my_net()
{
return net ~ [
2000::/44+,
];
}
filter normal_out
{
if proto = "Announce" then accept;
if is_my_net() then accept;
if proto = "NA" then reject;
reject;
}
protocol static Announce
{
route 2000:1::/48 reject; #tunnel
}
protocol static NA
{
}
protocol kernel
{
scan time 60;
import none;
#export all;
metric 2000;
}
protocol device
{
scan time 60;
}
protocol direct {
interface "*";
import all;
}
template bgp ibgp {
local fd15:9924:d630:e01c:2333:93f4:229e:9998 as 123456;
import all;
export all;
graceful restart on;
}
protocol bgp ibgp_rs2 from ibgp {
neighbor fd15:9924:d630:e01c:2333:9391:ba13:598b as 123456;
}
protocol bgp he
{
local 2001:2333:2333:a4::2 as 123456;
neighbor 2001:2333:2333:a4::1 as 6939;
import all;
export filter normal_out;
graceful restart on;
}
protocol ospf myospf {
import all;
export where source ~ [ RTS_DEVICE, RTS_STATIC, RTS_OSPF ] && proto != "static_bgp" && proto != "static_bgp_vultr";
area 0 {
interface "bgp" {
cost 450;
};
};
}
RS2
router id 1.1.1.2;
function is_my_net()
{
return net ~ [
2000::/44+
];
}
filter normal_out
{
if proto = "Announce" then accept;
if is_my_net() then accept;
if proto = "NA" then reject;
reject;
}
protocol static Announce
{
route 2000:2::/48 reject; #tunnel
}
protocol static NA
{
}
protocol static static_vultr {
route 2001:19f0:ffff::1/128 via fe80::fc00:2333:fe88:2333%ens3;
}
protocol kernel
{
scan time 60;
import none;
#export all;
metric 2000;
}
protocol device
{
scan time 60;
}
protocol direct {
interface "*";
import all;
}
protocol bgp vultr
{
local 2001:19f0:4400:5132:5400:2333:fe88:2333 as 123456;
neighbor 2001:19f0:ffff::1 as 64515;
import all;
export filter normal_out;
graceful restart on;
multihop 2;
password "hidepasswd";
}
template bgp ibgp {
local fd15:9924:d630:e01c:2333:9391:ba13:598b as 123456;
import all;
export all;
graceful restart on;
}
protocol bgp ibgp_rs1 from ibgp {
neighbor fd15:9924:d630:e01c:2333:93f4:229e:9998 as 123456;
}
protocol ospf myospf {
import all;
export where source ~ [ RTS_DEVICE, RTS_STATIC, RTS_OSPF ] && proto != "static_bgp" && proto != "static_bgp_vultr";
area 0 {
interface "bgp" {
cost 450;
};
};
}
在 RS1 运行birdc6 show route 2000:2::/48
root@rs1:~# birdc6 show route 2000:2::/48
BIRD 1.6.3 ready.
2000:2::/48 via fd15:9924:d630:e01c:2333:9391:ba13:598b on ztyou4jsxl [ibgp_rs2 14:10:51] * (100/0) [i]
在 RS2 运行birdc6 show route 2000:1::/48
root@rs2:~# birdc6 show route 2000:1::/48
BIRD 1.6.6 ready.
2000:1::/48 via fd15:9924:d630:e01c:2333:93f4:229e:9998 on ztyou4jsxl [ibgp_rs1 06:10:45] * (100/0) [i]
但我traceroute6 2000:2::
在 rs1 上运行
root@rs1:~# traceroute6 2000:2::
traceroute to 2000:2:: (2000:2::) from 2001:2333:2333:a4::2, 30 hops max, 24 byte packets
1 tunnel562333.tunnel.tserv19.hkg1.ipv6.he.net (2001:2333:2333:a4::1) 2.144 ms 2.095 ms 1.969 ms
2 tunnel562333-pt.tunnel.tserv19.hkg1.ipv6.he.net (2001:2333:2333:a4::2) 1.87 ms 21.406 ms 10.724 ms
3 tunnel562333.tunnel.tserv19.hkg1.ipv6.he.net (2001:2333:2333:a4::1) 7.368 ms 3.664 ms 3.776 ms
4 tunnel562333-pt.tunnel.tserv19.hkg1.ipv6.he.net (2001:2333:2333:a4::2) 3.396 ms 3.457 ms 3.546 ms
5 tunnel562333.tunnel.tserv19.hkg1.ipv6.he.net (2001:2333:2333:a4::1) 5.58 ms 5.604 ms 5.788 ms
6 tunnel562333-pt.tunnel.tserv19.hkg1.ipv6.he.net (2001:2333:2333:a4::2) 5.089 ms 5.405 ms 5.056 ms
7 tunnel562333.tunnel.tserv19.hkg1.ipv6.he.net (2001:2333:2333:a4::1) 7.197 ms 7.266 ms 6.965 ms
8 tunnel562333-pt.tunnel.tserv19.hkg1.ipv6.he.net (2001:2333:2333:a4::2) 6.64 ms 7.773 ms 7.013 ms
traceroute6 2000:1::
在 rs2 上运行
root@rs2:~# traceroute6 2000:1::
traceroute to 2000:1:: (2000:1::) from 2001:19f0:4400:5132:5400:2333:fe88:2333, 30 hops max, 24 byte packets
1 * * *
2 2001:19f0:4400:5132:5400:2333:fe88:2333 (2001:19f0:4400:5132:5400:2333:fe88:2333) 0.551 ms 0.164 ms 0.107 ms
3 * * *
4 2001:19f0:4400:5132:5400:2333:fe88:2333 (2001:19f0:4400:5132:5400:2333:fe88:2333) 0.445 ms 0.226 ms 0.138 ms
5 * * *
6 2001:19f0:4400:5132:5400:2333:fe88:2333 (2001:19f0:4400:5132:5400:2333:fe88:2333) 0.353 ms 0.251 ms 0.365 ms
7 * * *
8 2001:19f0:4400:5132:5400:2333:fe88:2333 (2001:19f0:4400:5132:5400:2333:fe88:2333) 0.346 ms 0.319 ms 0.216 ms
就像 traceroute6
IBGP 不起作用并破坏 BGP 路由
我怎么解决这个问题?
解决方案
这个问题已经解决 问题是路由没有导出到内核
protocol kernel
{
scan time 60;
import none;
export all;
metric 2000;
}
另外我使用OSPF路由IGP
推荐阅读
- javascript - 在多个 npm 项目中使用相同的包
- pdf - 如何使用 javascript 在 acroforms 中获取单选按钮组的导出值?
- c# - 如何在列表项的子字符串中获取最高可用数字
- go - fmt.Scanf 不等待控制台输入
- steam - 如何获取所有已存在的 Steam ID?
- python - 使用 Pandas Python 计算白天站点中断持续时间
- arrays - 在算法中需要帮助 - 找到输出的最大和
- php - 如何将文件夹中的所有图像加载到 HTML 中
- php - PHP 运行时会影响复杂的 php 脚本吗?
- cordova - 如何从磁盘播放 AudioWorkletNode