Upload
trinhvanphuoc
View
222
Download
0
Embed Size (px)
Citation preview
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
1/18
© 2011 Juniper Networks, Inc. All rights reserved. | www.juniper.net
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 2
L BGP
A
AS
L PL PAS PAS P
OO
MEDMED
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
2/18
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 3
L BGP I ,
100
S [edit protocols bgp]
C local-preference
P F , BGP 170
S [edit protocols bgp]
C preference
M , !
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 4
E IBGP
AS
IBGP AS
172.17.2.0?
R B
IBGP
172.17.2.0/24
EBGP
IBGP R B
B
AS AS
A
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
3/18
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 5
A OC12 OC3
1
A
IBGP
B C
192.168.27.0/24
10 GE1 GE
R1 R2
192.168.27.0/24192.168.27.0/24
L P = 200 L P = 300
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 6
L P
P BGP
2
A
192.168.27.0/24
10 GE1 GE192.168.27.0/24192.168.27.0/24
P
1/E1192.168.27.0/24
1/E1192.168.27.0/24
B C
R1 R2
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
4/18
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 7
S:D AS
M BGP
AS
S AS
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 8
C AS
124 44 13 200 ( 100)
[edit policy-options]
as-path look-for-path “124 44 13”
policy-statement check-the-path {
term got-path {
from as-path look-for-path;
then {
local-preference 200;
accept;
}
}
}
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
5/18
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 9
B , ?B R1 R2 1000 IBGP
( ) export
D R1 R2 ?
172.17/16
172.17/16
172.17/16
LP = 1000
172.17/16
LP = 1000172.17/16
LP = 1000
R2
R1
R3
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 10
IBGP , R1 R2 A R2 1000
R1 R2 R2
A
172.17/16
172.17/16
172.17/16
LP = 1000
172.17/16
LP = 1000
172.17/16
LP = 1000
R2
R1
R3
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
6/18
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 11
BGP () BGP
()
A
S
AS ( )
IP ( ?)
, ,
BGP
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 12
(1 2)
E
O
C
I ,
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
7/18
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 13
(2 2)
M
C ,
R
AS
AS
R ( ,
200:666)
A AS 0 65535 : 000000000
00000FFFF 0FFFF0000 0FFFFFFFF
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 14
:
N (0FFFFFF01):
( AS),
N (0FFFFFF02):
BGP
N (0FFFFFF03):
BGP ( AS)
N
N AS
N
O
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
8/18
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 15
R
AS 1AS 1AS 1AS 1
AS 65000AS 65000AS 65000AS 65000
AS2AS2AS2AS2
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 16
R AS
AS 1AS 1AS 1AS 1
AS 65000AS 65000AS 65000AS 65000
AS2AS2AS2AS2
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
9/18
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 17
R AS
AS 1AS 1AS 1AS 1
AS 65000AS 65000AS 65000AS 65000
AS2AS2AS2AS2
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 18
AS 2 , I /17 ?
A /16 /17 /17
172.17.0/17
172.17.128/17
172.17/16
AS1 AS2
I
172.17/16
172.17.0/17 (N )
172.17/16
172.17.128/17 (N )
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
10/181111
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 19
AS 2
C
AS 20
AS 1
172.17.144/20
172.17.144/20 (NE )
172.17/16
172.17.144/20
172.17/16
172.17.144/20
172.17.144/20
172.31/16
172.17/16
172.31/16
172.31/16
I172.17/16
172.31/16
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 20
C AS 1 AS 2
R
AS 2AS 1
1:60 = L 60
172.17.64/18
172.20.128/18 2:70 = L 70
172.17/16 172.20/16
172.17.64/18
172.20/16 1:60
172.20.128/18
172.17/16 2:70
172.17.64/18
172.20.128/18
172.20/16172.17/16
172.17/16
172.20/16
I
CAS 20
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
11/181111
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 21
C BGP AS AS AS
C
AS
, AS!
N ISP #1
N ISP #2
S ISP
N #1
R1
N #1
S ISP R2
N #1 : NOS ISP : ES
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 22
C [edit policy-options]
M community-ids AND[edit policy-options]
community name members [community-ids];
C ID :•as-number:community-value
C ID :
• no-export• no-advertise
• no-export-subconfed
A , ,
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
12/181111
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 23
L user@router> show route 182.168.0/24192.168.0.0/24 (2 entries, 1 announced)
Communities: 64512:567 100:20 50:70 1234:66
[edit policy-options]
policy-statement community-actions {
term add-a-community
then community add test-comm;
}
}
community test-comm members 65001:1234;
user@router> show route 182.168.0/24
192.168.0.0/24 (2 entries, 1 announced)
Communities: 64512:567 100:20 50:70 1234:66 65001:1234
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 24
R
user@router> show route 182.168.0/24192.168.0.0/24 (2 entries, 1 announced)
Communities: 64512:567 100:20 50:70 1234:66
[edit policy-options]
policy-statement community-actions {
term add-a-community
then community delete test-comm;
}
}
community test-comm members 64512:567;
192.168.0.0/24 (2 entries, 1 announced)
Communities: 100:20 50:70 1234:66
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
13/181111
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 25
R ALL
user@router> show route 182.168.0/24192.168.0.0/24 (2 entries, 1 announced)
Communities: 64512:567 100:20 50:70 1234:66
[edit policy-options]
policy-statement community-actions {
term add-a-community
then community set test-comm;
}
}
community test-comm members 65001:1234;
192.168.0.0/24 (2 entries, 1 announced)
Communities: 65001:1234
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 26
1
C customers
S MED 20
S BGP 200 ( 100)
[edit policy-options]
community customers members [56:2379 23:46944];
policy-statement from-customers {
from community customers;
then {
metric 20;
local-preference 200;next policy;
}
}
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
14/181111
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 27
2
C my-acceptR /19 C A, /16
C B, /24 C C
[edit policy-options]community my-accept members 567:1;policy-statement drop-specifics {
term drop-specifics {from {
route-filter 0.0.0.0/1 upto /19 {community add my-accept;next policy;
}route-filter 128.0.0.0/2 upto /16 {
community add my-accept;next policy;
}route-filter 192.0.0.0/3 upto /24 {
community add my-accept;next policy;
}}
}then reject;
}
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 28
S ,
AS
B ,
,
( * )
[edit policy-options]
community wild-match members “*:*”;. . .
policy-statement delete-all-communities {
term all-gone {
then community delete wild-match;
}
}
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
15/181111
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 29
S (*) (.)
AS
AS
(.*)
E :
A AS: as-number :*
F , 600:* AS 600
A AS : *:community-value
F ,*:20 20 AS
A 3
F ,1111:50.0 5000, 5010, 5020, . 5090
AS 1111
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 30
(1 2)user@router> show route community *:20 terse
inet.0: 123 destinations, 123 routes (123 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
A Destination P Prf Metric 1 Metric 2 Next hop AS path
* 192.168.128.0/24 S 5 5 Reject
user@router> show route community *:20 detail
inet.0: 123 destinations, 123 routes (123 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.128.0/24 (1 entry, 1 announced)
*Static Preference: 5
Next hop type: RejectState:
Age: 3d 6:07:37 Metric: 5
Task: RT
Announcement bits (3): 0-KRT 1-BGP.0.0.0.0+179 5-Aggregate
AS path: I
Communities: 1:20
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
16/1811
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 31
(2 2)
user@router> show configuration policy-options
policy-options {
community community-1 members 1:20;
}
user@router> show route community-name community-1 detail
inet.0: 123 destinations, 123 routes (123 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.128.0/24 (1 entry, 1 announced)
*Static Preference: 5
Next hop type: Reject
State:
Age: 3d 6:07:37 Metric: 5
Task: RT
Announcement bits (3): 0-KRT 1-BGP.0.0.0.0+179 5-AggregateAS path: I
Communities: 1:20
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 32
C
C ( AS )
F term operator
R (^) ($) ,
show route
• show route community regex
• community match-this members regex
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
17/18
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 33
, M
M
, M
* M 0 , 0,
+ M 1 , 1,
? M 0 1 , 0,1
M
M
$ M M
( ),() ,
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 34
C
: R: M:
AS 56 78 ((56)(78)):(.*)$ 56:1000,
78:65000
AS 56 2 56:(2.*)$ 56:234, 56:2,
56:222
AS
5, 7, 9
(.*):(.*579)$ 1234:5,
78:2357,
34:65005
AS 56 78,
2
2 8
((56)(78)):(2.*28)$ 56:22,
56:21197,
78:2678
8/17/2019 08 BGP Attributes and Policy LocalPref Communities
18/18
© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net | 35
D ?
AS 105, 207, 309
4 5 1
O, 2, 5, 6
O, 3, 4, 7, 9
"^((105)|(207)|(309)):((1.{3,4})|([256].*)|
(.*[3479]))$"