BGP dampening(惩罚)
BGP这个唯一的EGP协议、这个工作在AS by AS之间的外部网关路由协议、
具有了先天的稳定性、主要体现在以下方面:
(1)采用TCP传输层协议、端口号179
(2)协议具有惩罚机制、对不稳定的路由进行惩罚、
下文将介绍惩罚的相关实验、证明BGP的稳定性、
(1)底层配置
上图中所有路由器都配有 Loopback 地址,地址分别为:
R1 Loopback 0 1.1.1.1/32
R2 Loopback 0 2.2.2.2/32
所有路由器之间运行 OSPF,并将 Loopback 0 的地址发布到 OSPF 中,保证全网Loopback 0 之间是可以通信的。
(2)R1 与 R2 建立 eBGP 邻居关系。
R1:
R1(config)#router bgp 1
R1(config-router)#bgp router-id 1.1.1.1
R1(config-router)#neighbor 2.2.2.2 remote-as 2
R1(config-router)#neighbor 2.2.2.2 update-source loopback 1
R1(config-router)#neighbor 2.2.2.2 ebgp-multihop
R2:
R2(config)#router bgp 2
R2(config-router)#bgp router-id 2.2.2.2
R2(config-router)#neighbor 1.1.1.1 remote-as 1
R2(config-router)#neighbor 1.1.1.1 update-source loopback 0
R2(config-router)#neighbor 1.1.1.1 ebgp-multihop
R2(config-router)#network 10.1.1.0 mask 255.255.255.0
R2(config-router)#network 20.1.1.0 mask 255.255.255.0
说明:R2 将 10.1.1.0/24 和 20.1.1.0/24 导入 BGP 路由表中。
确保R1能收到R2发送出来的路由、
R1#sh ip bgp
BGP table version is 3, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
> 10.1.1.0/24 2.2.2.2 0 0 2 i
> 20.1.1.0/24 2.2.2.2 0 0 2 i
R1#
(3)配置BGP惩罚
.针对所有路由配置 BGP Dampening
1、在 R1 上对所有路由配置 BGP Dampening
R1(config)#router bgp 1
R1(config-router)#bgp dampening
2、查看 BGP Dampening 参数
R1#show ip bgp dampening parameters
dampening 15 750 2000 60 (DEFAULT)
Half-life time : 15 mins Decay Time : 2320 secs
Max suppress penalty: 12000 Max suppress time: 60 mins
Suppress penalty : 2000 Reuse penalty : 750
R1#
说明:以上值为 BGP Dampening 默认值。
3、查看被 BGP Dampening 监控的路由
R1#show ip bgp dampening dampened-paths `
R1#
说明:因为没有路由发生翻动,所以路由为空。
4、测试dampening
R2(config)#interface loopback 10
R2(config-if)#shutdown
说明:将 10.1.1.0/24 的接口断开,表示翻动一次。
R1#show ip bgp 10.1.1.0
BGP routing table entry for 10.1.1.0/24, version 4
Paths: (1 available, no best path)
Flag: 0x820
Not advertised to any peer
2 (history entry)
2.2.2.2 (metric 11) from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, external
Dampinfo: penalty 950, flapped 1 times in 00:01:07
R1#
说明:可以看到,由于10.1.1.0/24 发生了一次翻动,所以有了 penalty 值,为950。
5、测试dampening
再次shutdown接口、10.1.1.0/24 翻动了多次,现在 penalty 值为1849 ,但还是低于抑制值 2000。
R2(config)#interface loopback 10
R2(config-if)#sh
R2(config-if)#shutdown
R2(config-if)#
*Mar 1 00:28:08.647: %LINK-5-CHANGED: Interface Loopback10, changed state to administratively down
*Mar 1 00:28:09.647: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback10, changed state to down
R2(config-if)#no sh
R2(config-if)#no shutdown
R2(config-if)#sh
R2(config-if)#
*Mar 1 00:31:10.799: %LINK-3-UPDOWN: Interface Loopback10, changed state to up
*Mar 1 00:31:11.799: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback10, changed state to up
R2(config-if)#shu
R2(config-if)#shutdown
R2(config-if)#
*Mar 1 00:31:23.143: %LINK-5-CHANGED: Interface Loopback10, changed state to administratively down
*Mar 1 00:31:24.143: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback10, changed state to down
R2(config-if)#shu
R2(config-if)#shutdown
R2(config-if)#
R1#show ip bgp 10.1.1.0
BGP routing table entry for 10.1.1.0/24, version 6
Paths: (1 available, no best path)
Not advertised to any peer
2 (history entry)
2.2.2.2 (metric 11) from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, external
Dampinfo: penalty 1849, flapped 2 times in 00:03:39
R1#
6、超过数值惩罚路由
说明:翻动 N次后,penalty 值为 2630,大于抑制值 2000,可以被抑制了。
R1#show ip bgp 10.1.1.0
BGP routing table entry for 10.1.1.0/24, version 8
Paths: (1 available, no best path)
Flag: 0x820
Not advertised to any peer
2 (history entry)
2.2.2.2 (metric 11) from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, external
Dampinfo: penalty 2630, flapped 3 times in 00:06:27
R1#
说明:BGP 路由表中也显示了 10.1.1.0/24 是被抑制的。
R1#show ip bgp
BGP table version is 8, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*d 10.1.1.0/24 2.2.2.2 0 0 2 i
*> 20.1.1.0/24 2.2.2.2 0 0 2 i
注:*d 10.1.1.0/24 中的d代表是惩罚、
R1#show ip bgp dampening dampened-paths
BGP table version is 8, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network From Reuse Path
*d 10.1.1.0/24 2.2.2.2 00:02:59 2 i
说明:可以看到 10.1.1.0/24 是被抑制的路由,需要注意,只有该路由重新活动 后,才能看见被抑制,否则断开的路由也是不会显示在抑制表中的。
(4).针对特定路由配置
R1(config)#access-list 20 permit 20.1.1.0
R1(config)#route-map damo permit 10
R1(config-route-map)#match ip address 20
R1(config-route-map)#set dampening 15 800 2100 60
R1(config-route-map)#exit
R1(config)#route-map damo permit 20
R1(config)#router bgp 1
R1(config-router)#bgp dampening route-map damo
说明:只对 20.1.1.0/24 配置 BGP Dampening,并且自定义 Dampening 值。
查看 BGP Dampening 参数
R1#show ip bgp dampening parameters
dampening 15 800 2100 60 (route-map damo 10)
Half-life time : 15 mins Decay Time : 2345 secs
Max suppress penalty: 12800 Max suppress time: 60 mins
Suppress penalty : 2100 Reuse penalty : 800
R1#
说明:以上值为自定义的值。
1、翻滚一次
R2(config)#interface loopback 20
R2(config-if)#shutdown
R2(config-if)#no shutdown
R1#sh ip bgp 20.1.1.0
BGP routing table entry for 20.1.1.0/24, version 10
Paths: (1 available, no best path)
Flag: 0x820
Not advertised to any peer
2 (history entry)
2.2.2.2 (metric 11) from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, external
Dampinfo: penalty 1000, flapped 1 times in 00:00:18
R1#
说明:由于 20.1.1.0/24 翻动了一次,当前 penalty 值为 1000。
2、翻滚三次
R1#sh ip bgp 20.1.1.0
BGP routing table entry for 20.1.1.0/24, version 14
Paths: (1 available, no best path)
Flag: 0x820
Not advertised to any peer
2 (history entry)
2.2.2.2 (metric 11) from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, external
Dampinfo: penalty 2807, flapped 3 times in 00:03:58
R1#sh ip bgp dampening dampened-paths
BGP table version is 14, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network From Reuse Path
*d 20.1.1.0/24 2.2.2.2 00:04:49 2 i
说明:BGP 路由表中也显示 20.1.1.0/24 是被抑制的。
R1#sh ip bgp
BGP table version is 14, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.1.1.0/24 2.2.2.2 0 0 2 i
*d 20.1.1.0/24 2.2.2.2 0 0 2 i
R1#
来源:51CTO
作者:jacking520
链接:https://blog.51cto.com/jinchengzheng/2366788