前言
BGP 支缓 Multiprotocol Extension,本文将会介绍 BGP 中的其中一个 Extension,即 Multicast BGP (MBGP)。Multicast Routing 一向依赖 Reverse Path Forwarding (RPF) 原理去判断及防止 Looping,本文探讨 MBGP 如何在 RPF Check 中发挥作用。要了解 MBGP 对读者的基本功要求较高,笔者假设读者已相当了解 RPF 原理丶AD 原理及 BGP 的基本设定,如有疑问请先阅读关於 PIM丶AD 和 BGP 的教学。
用 Unicast Routing Table 查找 Reverse Path
一般情况下,Router 会使用 Unicast Routing Table 去处理 RPF,但当网络有多条 Path 时,此处理方法可能会失败。请看以下例子。
各 Router 起始设定如下:
hostname R1 ! ip multicast-routing ! interface Ethernet1/0 ip address 192.168.12.1 255.255.255.0 ip pim dense-mode ! interface Ethernet1/1 ip address 192.168.13.1 255.255.255.0 ! interface Ethernet1/2 ip address 192.168.14.1 255.255.255.0 ip pim dense-mode ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0
hostname R2 ! ip multicast-routing ! interface Ethernet1/0 ip address 192.168.12.2 255.255.255.0 ip pim dense-mode ! interface Ethernet1/1 ip address 192.168.23.2 255.255.255.0 ip pim dense-mode ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0
hostname R3 ! ip multicast-routing ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 ip pim dense-mode ip igmp join-group 224.1.1.1 ! interface Ethernet1/0 ip address 192.168.13.3 255.255.255.0 ! interface Ethernet1/1 ip address 192.168.23.3 255.255.255.0 ip pim dense-mode ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0
hostname R4 ! ip multicast-routing ! interface Ethernet1/0 ip address 192.168.14.4 255.255.255.0 ip pim dense-mode ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0
从设定可见,所有网络用 OSPF 打通,R3 的 Loopback0 Join 224.1.1.1 Group,然而只有 R4>R1>R2>R3 这条 Path 有跑 PIM,而 R4>R1>R3 这条 Path 则没有。这会出现什麽问题呢?
R4#ping 224.1.1.1 repeat 5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 224.1.1.1, timeout is 2 seconds: .....
Multicast Ping 不通的原因是 R3 做 RPF Check 时使用了 Unicast Routing Table,要到达 Source 192.168.14.4 的 Best Path 为经 E1/0, 与 Multicast Traffic 到达位罝 E1/1 不刎合,因而 Multicast Traffic 被 Drop 掉。
R3#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
3.0.0.0/32 is subnetted, 1 subnets
C 3.3.3.3 is directly connected, Loopback0
O 192.168.12.0/24 [110/20] via 192.168.23.2, 00:34:57, Ethernet1/1
[110/20] via 192.168.13.1, 01:12:46, Ethernet1/0
192.168.13.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.13.0/24 is directly connected, Ethernet1/0
L 192.168.13.3/32 is directly connected, Ethernet1/0
O 192.168.14.0/24 [110/20] via 192.168.13.1, 00:20:40, Ethernet1/0
192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.23.0/24 is directly connected, Ethernet1/1
L 192.168.23.3/32 is directly connected, Ethernet1/1
O 192.168.34.0/24 [110/30] via 192.168.13.1, 00:20:30, Ethernet1/0
R3#
R3#show ip rpf 192.168.14.4
failed, no route exists
最简单的解决方法当然可以把 R3 的 E1/0 的 OSPF cost 调高,去改变 R3 使用 E1/1 到达 192.168.14.4,从而让 RPF Check 成功。
R3(config)#int ethernet 1/0
R3(config-if)#ip ospf cost 9999
R3(config-if)#end
R3#
R3#show ip route 192.168.14.4
Routing entry for 192.168.14.0/24
Known via "ospf 1", distance 110, metric 30, type intra area
Last update from 192.168.23.2 on Ethernet1/1, 00:00:39 ago
Routing Descriptor Blocks:
* 192.168.23.2, from 4.4.4.4, 00:00:39 ago, via Ethernet1/1
Route metric is 30, traffic share count is 1
从 show ip rpf 可见 RPF Type 是源自 OSPF Process 1。
R3#show ip rpf 192.168.14.4
RPF information for ? (192.168.14.4)
RPF interface: Ethernet1/1
RPF neighbor: ? (192.168.23.2)
RPF route/mask: 192.168.14.0/24
RPF type: unicast (ospf 1)
Doing distance-preferred lookups across tables
RPF topology: ipv4 multicast base, originated from ipv4 unicast base
又或者干脆用 Static Route 把 192.168.14.0/24 指向 E1/1。
R3(config)#ip route 192.168.14.0 255.255.255.0 192.168.23.2
由於 Static Route 的 AD 为 1,较 OSPF 110 低,所以 RPF Type 来源是 Static Route。
R3#show ip rpf 192.168.14.4
RPF information for ? (192.168.14.4)
RPF interface: Ethernet1/1
RPF neighbor: ? (192.168.23.2)
RPF route/mask: 192.168.14.0/24
RPF type: unicast (static)
Doing distance-preferred lookups across tables
RPF topology: ipv4 multicast base, originated from ipv4 unicast base
无论使用上述那个方法,都可以使 RPF Check 成功,令 Multicast Traffic Ping 通。
R4#ping 224.1.1.1 repeat 5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 224.1.1.1, timeout is 2 seconds: Reply to request 0 from 3.3.3.3, 120 ms Reply to request 1 from 3.3.3.3, 36 ms Reply to request 2 from 3.3.3.3, 36 ms Reply to request 3 from 3.3.3.3, 24 ms Reply to request 4 from 3.3.3.3, 28 ms
不过以上两个方法都会改变了 Unicast Routing 的 Best Path,影响了 Unicast Packet 的流动方向。
Static Multicast Route (mroute)
比较理想的方法是使用 Static Multicast Route (或称 mroute),mroute 只改变 RPF Type 而不会对 Unicast Route Table 造成影响。
R3(config)#ip mroute 192.168.14.0 255.255.255.0 192.168.23.2
由於 mroute 的 AD 是 1 (相等於 Unicast 的 Static Route) 优於 OSPF 的 110,因此成为 RPF Type 来源,RPF 也会成功。
R3#show ip rpf 192.168.14.4
RPF information for ? (192.168.14.4)
RPF interface: Ethernet1/1
RPF neighbor: ? (192.168.23.2)
RPF route/mask: 192.168.14.0/24
RPF type: multicast (static)
Doing distance-preferred lookups across tables
RPF topology: ipv4 multicast base
MBGP
最後尝试使用 MBGP 去解决问题。先在 R2 和 R3 建立 BGP Neighbor。
R2(config)#router bgp 65002 R2(config-router)#neighbor 192.168.23.3 remote-as 65003
R3(config)#router bgp 65003 R3(config-router)#neighbor 192.168.23.2 remote-as 65002
然後建立 Multicast 的 Address-family 设定,并发布 192.168.14.0/24 Network。
R2(config-router)#address-family ipv4 multicast R2(config-router-af)#neighbor 192.168.23.3 activate R2(config-router-af)#network 192.168.14.0 mask 255.255.255.0
R3(config-router)#address-family ipv4 multicast R3(config-router-af)#neighbor 192.168.23.2 activate
由於 R2 和 R3 的 BGP AS Number 不同,属於 eBGP,AD 为 20,优於 OSPF 110,因而成为 RPF Type,RPF Check 成功。
R3#show ip rpf 192.168.14.4
RPF information for ? (192.168.14.4)
RPF interface: Ethernet1/1
RPF neighbor: ? (192.168.23.2)
RPF route/mask: 192.168.14.0/24
RPF type: multicast (bgp 65003)
Doing distance-preferred lookups across tables
RPF topology: ipv4 multicast base
以上例子使用了 eBGP,但若使用 iBGP 则会因 AD 200 低於 OSPF 的 AD 110,未能成为了 RPF Type。以下例子中,我们把 R2 的 AS 改为 65003,使其成为 iBGP。
R2(config)#router bgp 65003 R2(config-router)#neighbor 192.168.23.3 remote-as 65003 R2(config-router)#address-family ipv4 multicast R2(config-router-af)#neighbor 192.168.23.3 activate R2(config-router-af)#network 192.168.14.0 mask 255.255.255.0
R3(config)#router bgp 65003 R3(config-router)#neighbor 192.168.23.2 remote-as 65003 R3(config-router)#address-family ipv4 multicast R3(config-router-af)#neighbor 192.168.23.2 activate
RPF Check 失败了。
R3#show ip rpf 192.168.14.4 failed, no route exists
由於 PRF Check 跟 Unicast Routing 一样会先比较 Longest Match 後才比较 AD,所以遇到这个情况可以在 R2 把要发布的 Network Prefix 加长,例如直接发布 Source 的 Host Route 192.168.14.4/32,但当然要先附合 BGP 的发布条件,在 R2 的 Route Table 中加入这条 Host Route。
R2(config-router)#address-family ipv4 multicast R2(config-router-af)#no network 192.168.14.0 mask 255.255.255.0 R2(config-router-af)#network 192.168.14.4 mask 255.255.255.255 R2(config-router-af)#exit R2(config-router)#exit R2(config)#ip route 192.168.14.4 255.255.255.255 192.168.12.1
相關主題
Jan Ho 2021-07-22
Posted In: Layer 3 网络技术
发表回复