====== Comunidade BGP ======
===== Entendendo o ambiente =====
Iremos estudar as comunidades BGP.
{{ :infra-estrutura:cisco:ciscobgp.png?direct&400 |}}
Temos o seguinte ambiente o qual possuímos para exemplificar o AS 100 e AS 30. Inicialmente achei melhor para entendimento montamos o feijão com arroz o BGP normal e aprendizado de rotas normal ai iremos inserir o uso das comunidades BGP.
Segue abaixo a configuração reduzida dos roteadores(obs tirei o exemplo do site da cisco [[https://www.cisco.com/c/pt_br/support/docs/ip/border-gateway-protocol-bgp/28784-bgp-community.html]]
===== R1 =====
interface FastEthernet0/0
ip address 10.10.12.1 255.255.255.0
duplex full
!
interface FastEthernet1/0
ip address 10.10.13.1 255.255.255.0
speed auto
duplex auto
!
router bgp 100
network 10.10.12.0 mask 255.255.255.0
neighbor 10.10.12.2 remote-as 100
neighbor 10.10.12.2 next-hop-self
neighbor 10.10.12.2 soft-reconfiguration inbound
neighbor 10.10.13.3 remote-as 30
neighbor 10.10.12.3 soft-reconfiguration inbound
===== R2 =====
interface FastEthernet0/0
ip address 10.10.12.2 255.255.255.0
duplex full
!
interface FastEthernet1/0
ip address 10.10.23.2 255.255.255.0
speed auto
duplex auto
!router bgp 100
network 10.10.12.0 mask 255.255.255.0
neighbor 10.10.12.1 remote-as 100
neighbor 10.10.12.1 next-hop-self
neighbor 10.10.12.1 soft-reconfiguration inbound
neighbor 10.10.23.3 remote-as 30
neighbor 10.10.23.3 soft-reconfiguration inbound
===== R3 =====
interface Loopback0
ip address 6.6.6.1 255.255.255.0
!
interface Loopback1
ip address 7.7.7.1 255.255.255.0
!
interface FastEthernet0/0
ip address 10.10.23.3 255.255.255.0
duplex full
!
interface FastEthernet1/0
ip address 10.10.13.3 255.255.255.0
speed auto
duplex auto
!
router bgp 30
network 6.6.6.0 mask 255.255.255.0
network 7.7.7.0 mask 255.255.255.0
neighbor 10.10.13.1 remote-as 100
neighbor 10.10.13.1 soft-reconfiguration inbound
neighbor 10.10.23.2 remote-as 100
neighbor 10.10.23.2 soft-reconfiguration inbound
===== Testes de conectividade no ambiente simples =====
Vamos verificar se todos os roteadores R1, R2 e R3 aprenderão as rotas.
R1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
6.0.0.0/24 is subnetted, 1 subnets
B 6.6.6.0 [20/0] via 10.10.13.3, 00:30:05
7.0.0.0/24 is subnetted, 1 subnets
B 7.7.7.0 [20/0] via 10.10.13.3, 00:30:05
10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 10.10.12.0/24 is directly connected, FastEthernet0/0
L 10.10.12.1/32 is directly connected, FastEthernet0/0
C 10.10.13.0/24 is directly connected, FastEthernet1/0
L 10.10.13.1/32 is directly connected, FastEthernet1/0
R1#
Notem que o roteador R1 aprendeu as rotas para as redes 6.6.6.0/24 e 7.7.7.0/24 pelo ip 10.10.13.3 que é o roteador R3 e via BGP, note o **B** no ínicio da linha.
vamos analisar a tabela BGP
R1#show ip bgp
BGP table version is 8, local router ID is 200.200.200.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 6.6.6.0/24 10.10.13.3 0 0 30 i
* i 10.10.12.2 0 100 0 30 i
*> 7.7.7.0/24 10.10.13.3 0 0 30 i
* i 10.10.12.2 0 100 0 30 i
* i 10.10.12.0/24 10.10.12.2 0 100 0 i
*> 0.0.0.0 0 32768 i
R1#
Vamos pegar apenas a primeira rede 6.6.6.0/24 note que temos duas rotas para ele pelo ip 10.10.13.3(R3) e pelo 10.10.12.2(R2), sendo a rota escolhida 10.10.13.3 por estar diretamente conectado.
Vamos verificar as rotas recebidas pelo dois peers do roteador R1.
===== Rotas Anunciadas =====
Rotas anunciadas por R1 para 10.10.12.2
R1#show ip bgp neighbors 10.10.12.2 advertised-routes
BGP table version is 8, local router ID is 200.200.200.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 6.6.6.0/24 10.10.13.3 0 0 30 i
*> 7.7.7.0/24 10.10.13.3 0 0 30 i
*> 10.10.12.0/24 0.0.0.0 0 32768 i
Total number of prefixes 3
R1#
Rotas anunciadas por R1 para 10.10.13.3(R3)
R1#show ip bgp neighbors 10.10.13.3 advertised-routes
BGP table version is 8, local router ID is 200.200.200.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.10.12.0/24 0.0.0.0 0 32768 i
Total number of prefixes 1
R1#
Notem que as rotas são anunciadas conforme o previsto para R2 a rota local(rede 10.10.12.0/24) e as rotas aprendidas por R3(6.6.6.0/24 e 7.7.7.0/24).
===== Rotas Recebiddas =====
Rotas recebidas de 10.10.12.2(R2) em R1
Note para o comando abaixo funcionar precisamos do comando **neighbor 10.10.12.2 soft-reconfiguration inbound**.
R1#show ip bgp neighbors 10.10.12.2 received-routes
BGP table version is 8, local router ID is 200.200.200.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* i 6.6.6.0/24 10.10.12.2 0 100 0 30 i
* i 7.7.7.0/24 10.10.12.2 0 100 0 30 i
* i 10.10.12.0/24 10.10.12.2 0 100 0 i
Total number of prefixes 3
R1#
Rotas recebidas de 10.10.13.3(R3) em R1
R1#show ip bgp neighbors 10.10.13.3 received-routes
BGP table version is 8, local router ID is 200.200.200.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 6.6.6.0/24 10.10.13.3 0 0 30 i
*> 7.7.7.0/24 10.10.13.3 0 0 30 i
Total number of prefixes 2
R1#
Notem que de R2 recebemos a rede local(10.10.12.0/24) e as redes do AS30(6.6.6.0/24 e 7.7.7.0/24).
E para R3 recebemos as rede do AS30. notem que não recebemos a rede 10.10.12.0/24 porque o AS 30 não é transito.
Para os outros roteadores pode executar os mesmos comandos e verificar os mesmos resultados esperados, claro cada roteador recebendo as rotas para a rede em questão.
===== Comunidades BGP =====
Vamos começar a definir como funciona comunidades BGP bem simples e rápido.
Para **R1**
! aqui definimos para o peer 10.10.13.3 tudo anuncio de rotas que entrar
! sera analisado pelo route-map Peer-R3 na entrada(IN)
neighbor 10.10.13.3 route-map Peer-R3 in
! definiremos a lista de comunidades permitidas
ip bgp-community new-format
!--- atributo de comunidade com o formato AS:Numero.
!--- Define a list de comunidade 1 e 2.
ip community-list 1 permit 100:300
ip community-list 2 permit 100:250
! Definiremos o route-map Peer-R3
! se casar com list de comunidade 1 configura o local preference 130
! se casar com list de comunidade 2 configura o local preference 125
! caso nao casar permite o anuncio
!
route-map Peer-R3 permit 10
match community 1
set local-preference 130
!
route-map Peer-R3 permit 20
match community 2
set local-preference 125
!
route-map Peer-R3 permit 30
Para **R2**
neighbor 10.10.23.3 route-map Peer-R3 in
!
ip bgp-community new-format
!
ip community-list 1 permit 100:300
ip community-list 2 permit 100:250
!
route-map Peer-R3 permit 10
match community 1
set local-preference 130
!
route-map Peer-R3 permit 20
match community 2
set local-preference 125
!
route-map Peer-R3 permit 30
!
Para **R3**
neighbor 10.10.13.1 send-community
neighbor 10.10.13.1 route-map Peer-R1 out
!
neighbor 10.10.23.2 send-community
neighbor 10.10.23.2 route-map Peer-R2 out
!
ip bgp-community new-format
!
access-list 101 permit ip host 6.6.6.0 host 255.255.255.0
access-list 102 permit ip host 7.7.7.0 host 255.255.255.0
!
!
route-map Peer-R1 permit 10
match ip address 101
set community 100:300
!
route-map Peer-R1 permit 20
match ip address 102
set community 100:250
!
route-map Peer-R2 permit 10
match ip address 101
set community 100:250
!
route-map Peer-R2 permit 20
match ip address 102
set community 100:300
!
===== Analisando resultado das comunidades BGP =====
Analise a saida do comunidade BGP para a rede 6.6.6.0 e 7.7.7.0 nos roteadores R1 e R2
**Rede 6.6.6.0 em R1**
R1#sh ip bgp 6.6.6.0
BGP routing table entry for 6.6.6.0/24, version 10
Paths: (3 available, best #2, table default)
Advertised to update-groups:
2
Refresh Epoch 2
30, (received & used)
10.10.12.2 from 10.10.12.2 (192.168.50.1)
Origin IGP, metric 0, localpref 130, valid, internal
rx pathid: 0, tx pathid: 0
Refresh Epoch 3
30
10.10.13.3 from 10.10.13.3 (7.7.7.1)
Origin IGP, metric 0, localpref 130, valid, external, best
Community: 100:300
rx pathid: 0, tx pathid: 0x0
Refresh Epoch 3
30, (received-only)
10.10.13.3 from 10.10.13.3 (7.7.7.1)
Origin IGP, metric 0, localpref 100, valid, external
Community: 100:300
rx pathid: 0, tx pathid: 0
R1#
**Rede 6.6.6.0 em R2**
R2#show ip bgp 6.6.6.0
BGP routing table entry for 6.6.6.0/24, version 10
Paths: (3 available, best #2, table default)
Advertised to update-groups:
2
Refresh Epoch 2
30, (received & used)
10.10.12.1 from 10.10.12.1 (200.200.200.1)
Origin IGP, metric 0, localpref 130, valid, internal
rx pathid: 0, tx pathid: 0
Refresh Epoch 4
30
10.10.23.3 from 10.10.23.3 (7.7.7.1)
Origin IGP, metric 0, localpref 130, valid, external, best
Community: 100:250
rx pathid: 0, tx pathid: 0x0
Refresh Epoch 4
30, (received-only)
10.10.23.3 from 10.10.23.3 (7.7.7.1)
Origin IGP, metric 0, localpref 100, valid, external
Community: 100:250
rx pathid: 0, tx pathid: 0
R2#
**Rede 7.7.7.0 em R1**
R1#sh ip bgp 7.7.7.0
BGP routing table entry for 7.7.7.0/24, version 9
Paths: (3 available, best #2, table default)
Advertised to update-groups:
2
Refresh Epoch 2
30, (received & used)
10.10.12.2 from 10.10.12.2 (192.168.50.1)
Origin IGP, metric 0, localpref 130, valid, internal
rx pathid: 0, tx pathid: 0
Refresh Epoch 3
30
10.10.13.3 from 10.10.13.3 (7.7.7.1)
Origin IGP, metric 0, localpref 130, valid, external, best
Community: 100:250
rx pathid: 0, tx pathid: 0x0
Refresh Epoch 3
30, (received-only)
10.10.13.3 from 10.10.13.3 (7.7.7.1)
Origin IGP, metric 0, localpref 100, valid, external
Community: 100:250
rx pathid: 0, tx pathid: 0
R1#
**Rede 7.7.7.7 em R2**
R2#show ip bgp 7.7.7.0
BGP routing table entry for 7.7.7.0/24, version 11
Paths: (3 available, best #2, table default)
Advertised to update-groups:
2
Refresh Epoch 2
30, (received & used)
10.10.12.1 from 10.10.12.1 (200.200.200.1)
Origin IGP, metric 0, localpref 130, valid, internal
rx pathid: 0, tx pathid: 0
Refresh Epoch 4
30
10.10.23.3 from 10.10.23.3 (7.7.7.1)
Origin IGP, metric 0, localpref 130, valid, external, best
Community: 100:300
rx pathid: 0, tx pathid: 0x0
Refresh Epoch 4
30, (received-only)
10.10.23.3 from 10.10.23.3 (7.7.7.1)
Origin IGP, metric 0, localpref 100, valid, external
Community: 100:300
rx pathid: 0, tx pathid: 0
R2#
Notem que as comunidades foram marcadas corretamente conforme previsto pelo route-map. Agora vamos analisar os local-pref.