BGP+vrf - ネットワークエンジニアの備忘録

BGPはaddress-familyを使用することでvrfごとにネイバーを形成することが可能です。今後のプロジェクトではOSPFとBGPを使用する頻度が高くなりそうなので設定例を書き起こしておきます。

f:id:hy0:20180107191516p:plain

AS10000#
ip vrf VRF-1
 rd 10001:1
!
ip vrf VRF-2
 rd 10002:1
!
no ip domain lookup
ip domain name lab.local
no ip ips deny-action ips-interface
!
interface Loopback1
 ip vrf forwarding VRF-1
 ip address 1.1.1.1 255.255.255.255
!
interface Loopback2
 ip vrf forwarding VRF-2
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip vrf forwarding VRF-1
 ip address 10.0.0.1 255.255.255.252
!
interface FastEthernet0/1
 ip vrf forwarding VRF-2
 ip address 10.10.0.1 255.255.255.252
!
router bgp 10000
 no synchronization
 bgp log-neighbor-changes
 no auto-summary
1
 address-family ipv4 vrf VRF-2
 neighbor 10.10.0.2 remote-as 10002
 neighbor 10.10.0.2 activate
 no auto-summary
 no synchronization
 network 2.2.2.2 mask 255.255.255.255
 exit-address-family
 !
 address-family ipv4 vrf VRF-1
 neighbor 10.0.0.2 remote-as 10001
 neighbor 10.0.0.2 activate
 no auto-summary
 no synchronization
 network 1.1.1.1 mask 255.255.255.255
 exit-address-family

AS10001#
interface Loopback1
 ip address 100.0.0.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 10.0.0.2 255.255.255.252
!
router bgp 10001
 no synchronization
 bgp log-neighbor-changes
 redistribute connected
 neighbor 10.0.0.1 remote-as 10000
 no auto-summary

AS10002#
interface Loopback1
 ip address 100.100.0.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 10.10.0.2 255.255.255.252
!
router bgp 10002
 no synchronization
 bgp log-neighbor-changes
 redistribute connected
 neighbor 10.10.0.1 remote-as 10000
 no auto-summary

vrfを使用しているAS10000のshow コマンドが若干馴染み無いものでした、、、

AS10000#show ip route vrf VRF-1 bgp
 100.0.0.0/32 is subnetted, 1 subnets
B 100.0.0.1 [20/0] via 10.0.0.2, 01:02:42

AS10000#show ip route vrf VRF-2 bgp
 100.0.0.0/32 is subnetted, 1 subnets
B 100.100.0.1 [20/0] via 10.10.0.2, 00:58:08
AS10000#

show ip bgp summuryの代わりが見つからない、、、

AS10000#show ip bgp all
For address family: IPv4 Unicast

For address family: IPv6 Unicast

For address family: VPNv4 Unicast
BGP table version is 71, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
 r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 10001:1 (default for vrf VRF-1)
*> 1.1.1.1/32 0.0.0.0 0 32768 i
r> 10.0.0.0/30 10.0.0.2 0 0 10001 ?
*> 100.0.0.1/32 10.0.0.2 0 0 10001 ?
Route Distinguisher: 10002:1 (default for vrf VRF-2)
*> 2.2.2.2/32 0.0.0.0 0 32768 i
r> 10.10.0.0/30 10.10.0.2 0 0 10002 ?
*> 100.100.0.1/32 10.10.0.2 0 0 10002 ?

For address family: IPv4 Multicast

For address family: IPv6 Multicast

For address family: NSAP Unicast

なるほど、どうやらすべてallをつけるんですね。

AS10000#show ip bgp all summury
For address family: VPNv4 Unicast
BGP router identifier 1.1.1.1, local AS number 10000
BGP table version is 71, main routing table version 71
6 network entries using 822 bytes of memory
6 path entries using 408 bytes of memory
4/3 BGP path/bestpath attribute entries using 496 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1774 total bytes of memory
BGP activity 16/10 prefixes, 22/16 paths, scan interval 15 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.0.0.2 4 10001 569 571 71 0 0 08:05:14 2
10.10.0.2 4 10002 568 567 71 0 0 08:00:25 2