Difference between revisions of "EBGP JUNOS Projekt"

From Teknologisk videncenter
Jump to: navigation, search
m (Verificering)
m (Verificering)
Line 113: Line 113:
 
10.255.0.10          65004        124        126      0      0      54:19 <notice>Establ</notice>
 
10.255.0.10          65004        124        126      0      0      54:19 <notice>Establ</notice>
 
   <notice>PE1.inet.0: 18/18/18/0</notice>
 
   <notice>PE1.inet.0: 18/18/18/0</notice>
 +
 +
root@SRX240> <input>show bgp neighbor 10.255.0.5</input>
 +
Peer: 10.255.0.5+64085 AS 65002 Local: 10.255.0.6+179 AS 65001
 +
  Type: External    State: <notice>Established</notice>    Flags: <Sync>
 +
  Last State: OpenConfirm  Last Event: RecvKeepAlive
 +
  Last Error: None
 +
  Export: <notice>[ VR-EBGP-EXPORT ]</notice>
 +
  Options: <Preference PeerAS Refresh>
 +
  Holdtime: 90 Preference: 170
 +
  Number of flaps: 0
 +
  Peer ID: 10.255.255.2    Local ID: 10.255.255.1      Active Holdtime: 90
 +
  Keepalive Interval: 30        Peer index: 0
 +
  BFD: disabled, down
 +
  Local Interface: lt-0/0/0.6
 +
  NLRI for restart configured on peer: inet-unicast
 +
  NLRI advertised by peer: inet-unicast
 +
  NLRI for this session: inet-unicast
 +
  Peer supports Refresh capability (2)
 +
  Stale routes from peer are kept for: 300
 +
  Peer does not support Restarter functionality
 +
  NLRI that restart is negotiated for: inet-unicast
 +
  NLRI of received end-of-rib markers: inet-unicast
 +
  NLRI of all end-of-rib markers sent: inet-unicast
 +
  Peer supports 4 byte AS extension (peer-as 65002)
 +
  Peer does not support Addpath
 +
  Table PE1.inet.0 Bit: 30000
 +
    RIB State: BGP restart is complete
 +
    RIB State: VPN restart is complete
 +
    Send state: in sync
 +
    <notice>Active prefixes:              25
 +
    Received prefixes:            36
 +
    Accepted prefixes:            36
 +
    Suppressed due to damping:    0
 +
    Advertised prefixes:          32</notice>
 +
  Last traffic (seconds): Received 27  Sent 2    Checked 48
 +
  <notice>Input messages:  Total 140    Updates 9      Refreshes 0    Octets 3107
 +
  Output messages: Total 142    Updates 8      Refreshes 0    Octets 3133</notice>
 +
  Output Queue[2]: 0
 
</source>
 
</source>
 +
 
Kontroller der bliver modtaget routes
 
Kontroller der bliver modtaget routes
 
<source lang=cli>
 
<source lang=cli>

Revision as of 12:17, 5 November 2014

Prøv at konfigurer følgende setup på en Juniper SRX: BGP Demo Setup

Opgave

Grundlæggende forbindelser

  • Konfigurer IP Adresser på alle Logical Tunnel interfaces
    • De skal ligge i 10.255.0.X/30 netværkene
    • LT interfacet skal have samme unit nummer som .4 oktet i op adressen(10.255.0.2 = lt-0/0/0.2)
  • Configurer lo så de passer med <routernummer>x10. og en management adresse(PE1 = Lo0.10:10.255.255.1/32)

Konfiguration

Konfigurer de logiske interfaces og forbind dem

root@SRX240> <input>show configuration interfaces lt-0/0/0.2</input>
<notice>encapsulation ethernet;
peer-unit 1;</notice>
family inet {
    address 10.255.0.2/30;
}

root@SRX240> <input>show configuration interfaces lt-0/0/0.1</input>
<notice>encapsulation ethernet;
peer-unit 2;</notice>
family inet {
    address 10.255.0.1/30;
}
root@SRX240> <input>show configuration interfaces lo0.10</input>
family inet {
    address 10.255.255.1/32;
}

Opret en virtual router instance og forbind lt interfaces til instancen.

root@SRX240> <input>show configuration routing-instances PE2</input>
instance-type virtual-router;
<notice>interface lt-0/0/0.2;
interface lt-0/0/0.5;
interface lt-0/0/0.22;
interface lo0.20;</notice>

Verificering

Kontroller at routerne har sat alle interfaces og IP adresser

root@SRX240> <input>show interfaces routing-instance PE2 terse</input>
Interface               Admin Link Proto    Local                 Remote
<notice>lt-0/0/0.2              up    up   inet     10.255.0.2/30
lt-0/0/0.5              up    up   inet     10.255.0.5/30
lt-0/0/0.22             up    up   inet     10.255.0.22/30
lo0.20                  up    up   inet     10.255.255.2        --> 0/0</notice>

Kontroller at de virtuelle routere kan pinge hinanden.

root@SRX240> <input>ping 10.255.0.2 routing-instance PE5</input>
PING 10.255.0.2 (10.255.0.2): 56 data bytes
<notice>64 bytes from 10.255.0.2: icmp_seq=0 ttl=64 time=1.132 ms
64 bytes from 10.255.0.2: icmp_seq=1 ttl=64 time=1.068 ms
64 bytes from 10.255.0.2: icmp_seq=2 ttl=64 time=1.012 ms</notice>
^C
--- 10.255.0.2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 1.012/1.071/1.132/0.049 ms

BGP opsætning

  • Lav en export regl til bgp
  • Konfigurer lo0 interfacets ip adresse som router-id
  • konfigurer eBGP imellem alle routerne.

Konfiguration

Lav en export regl i global routing instance

root@SRX240> <input>show configuration policy-options policy-statement VR-EBGP-EXPORT</input>
term 1 {
    from {
        protocol direct;
    }
    then accept;
}

Konfigurer router-id og ASN under den virtuelle router.

[edit routing-instances]
root@SRX240# <input>show</input>
PE1 {
    routing-options {
        <notice>router-id 10.255.255.1;
        autonomous-system 65001;</notice>
    }
}

Lav eBGP under den virtuelle router

[edit]
root@SRX240# <input>show routing-instances PE1 protocols bgp</input>
group EXT-PEERS {
    type external;
    export VR-EBGP-EXPORT;
    neighbor 10.255.0.5 {
        peer-as 65002;
    }
    neighbor 10.255.0.10 {
        peer-as 65004;
    }
}

Verificering

Kontroller BGP naboer kommer op i Established state og der bliver udvækslet routes

root@SRX240> <input>show bgp summary instance PE1</input>
Groups: 1 Peers: 2 Down peers: 0
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
PE1.inet.0            54         43          0          0          0          0
PE1.mdt.0              0          0          0          0          0          0
Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
10.255.0.5            65002        127        128       0       0       54:27 <notice>Establ</notice>
  <notice>PE1.inet.0: 25/36/36/0</notice>
10.255.0.10           65004        124        126       0       0       54:19 <notice>Establ</notice>
  <notice>PE1.inet.0: 18/18/18/0</notice>

root@SRX240> <input>show bgp neighbor 10.255.0.5</input>
Peer: 10.255.0.5+64085 AS 65002 Local: 10.255.0.6+179 AS 65001
  Type: External    State: <notice>Established</notice>    Flags: <Sync>
  Last State: OpenConfirm   Last Event: RecvKeepAlive
  Last Error: None
  Export: <notice>[ VR-EBGP-EXPORT ]</notice>
  Options: <Preference PeerAS Refresh>
  Holdtime: 90 Preference: 170
  Number of flaps: 0
  Peer ID: 10.255.255.2    Local ID: 10.255.255.1      Active Holdtime: 90
  Keepalive Interval: 30         Peer index: 0
  BFD: disabled, down
  Local Interface: lt-0/0/0.6
  NLRI for restart configured on peer: inet-unicast
  NLRI advertised by peer: inet-unicast
  NLRI for this session: inet-unicast
  Peer supports Refresh capability (2)
  Stale routes from peer are kept for: 300
  Peer does not support Restarter functionality
  NLRI that restart is negotiated for: inet-unicast
  NLRI of received end-of-rib markers: inet-unicast
  NLRI of all end-of-rib markers sent: inet-unicast
  Peer supports 4 byte AS extension (peer-as 65002)
  Peer does not support Addpath
  Table PE1.inet.0 Bit: 30000
    RIB State: BGP restart is complete
    RIB State: VPN restart is complete
    Send state: in sync
    <notice>Active prefixes:              25
    Received prefixes:            36
    Accepted prefixes:            36
    Suppressed due to damping:    0
    Advertised prefixes:          32</notice>
  Last traffic (seconds): Received 27   Sent 2    Checked 48
  <notice>Input messages:  Total 140    Updates 9       Refreshes 0     Octets 3107
  Output messages: Total 142    Updates 8       Refreshes 0     Octets 3133</notice>
  Output Queue[2]: 0

Kontroller der bliver modtaget routes

root@SRX240> <input>show route receive-protocol bgp 10.255.0.10</input>

inet.0: 65 destinations, 65 routes (65 active, 0 holddown, 0 hidden)

PE1.inet.0: <notice>63 destinations, 74 routes (63 active, 0 holddown, 0 hidden)</notice>
  Prefix                  Nexthop              MED     Lclpref    AS path
* 10.202.0.0/16           10.255.0.10                             65004 65003 I
* 10.202.0.0/24           10.255.0.10                             65004 65003 I
* 10.202.1.0/24           10.255.0.10                             65004 65003 I
* 10.202.2.0/24           10.255.0.10                             65004 65003 I
* 10.202.10.0/24          10.255.0.10                             65004 65003 I
* 10.202.20.0/24          10.255.0.10                             65004 65003 I
* 10.204.0.0/16           10.255.0.10                             65004 I
* 10.204.0.0/24           10.255.0.10                             65004 I
* 10.204.1.0/24           10.255.0.10                             65004 I
* 10.204.2.0/24           10.255.0.10                             65004 I
* 10.204.10.0/24          10.255.0.10                             65004 I
* 10.204.20.0/24          10.255.0.10                             65004 I
* 10.205.0.0/16           10.255.0.10                             65004 65006 I
* 10.205.0.0/24           10.255.0.10                             65004 65006 I
* 10.205.1.0/24           10.255.0.10                             65004 65006 I
* 10.205.2.0/24           10.255.0.10                             65004 65006 I
* 10.205.10.0/24          10.255.0.10                             65004 65006 I
* 10.205.20.0/24          10.255.0.10                             65004 65006 I

Links