BGP邻居关系建立深入探讨(一):默认路由

是自己的心得,谁看到了,大家探讨一下吧,不知道自己分析的对不对

R2----------------R3--------------------R4

 

R2和R3之间是ospf total stub区域,在area 1.R3和R4之间是ospf backbone(area 0)

bgp邻居关系是在r2和r4之间建立起来的

下面分析3种case:

 

r4#sh ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

       * - candidate default, U - per-user static route, o - ODR

 

Gateway of last resort is not set

 

     2.0.0.0/32 is subnetted, 1 subnets

O IA    2.2.2.2 [110/129] via 10.1.34.3, 08:27:11, Serial0

     3.0.0.0/32 is subnetted, 1 subnets

O       3.3.3.3 [110/65] via 10.1.34.3, 08:27:11, Serial0

     4.0.0.0/32 is subnetted, 1 subnets

C       4.4.4.4 is directly connected, Loopback0

     5.0.0.0/32 is subnetted, 1 subnets

O       5.5.5.5 [110/65] via 10.1.45.5, 08:27:11, Serial1

     10.0.0.0/24 is subnetted, 4 subnets

O IA    10.1.12.0 [110/192] via 10.1.34.3, 08:27:11, Serial0

O IA    10.1.23.0 [110/128] via 10.1.34.3, 08:27:11, Serial0

C       10.1.45.0 is directly connected, Serial1

C       10.1.34.0 is directly connected, Serial0

 

r2#sh ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

       * - candidate default, U - per-user static route, o - ODR

 

Gateway of last resort is 10.1.23.3 to network 0.0.0.0

 

     2.0.0.0/32 is subnetted, 1 subnets

C       2.2.2.2 is directly connected, Loopback0

     10.0.0.0/24 is subnetted, 2 subnets

C       10.1.12.0 is directly connected, Serial0

C       10.1.23.0 is directly connected, Serial1

O*IA 0.0.0.0/0 [110/65] via 10.1.23.3, 09:05:59, Serial1

 

 

 

 

 

r4#sh ip b summary

BGP router identifier 2.2.2.2, local AS number 1

BGP table version is 1, main routing table version 1

 

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

2.2.2.2         4     1      62      62        0    0    0 08:01:03 Active

 

r4#

r4#sh tcp b

 

r4#sh ru | b r b

router bgp 1

 no synchronization

 bgp router-id 2.2.2.2

 bgp log-neighbor-changes

 neighbor 2.2.2.2 remote-as 1    这里没有update source lo 0

 no auto-summary

!

ip classless

no ip pim bidir-enable

!

!

!

line con 0

 logging synchronous

line aux 0

line vty 0 4

!

end      

 

r4#

SP_Access_Server_1>2

[Resuming connection 2 to 1-r2 ... ]

 

09:2#

r2#sh

09:26:04: TCP: checksum failure <10.1.34.4,11188> <2.2.2.2,179>

r2#sh ru | b r b

router bgp 1

 no synchronization

 bgp router-id 4.4.4.4

 bgp cluster-id 33686018

 bgp log-neighbor-changes

 neighbor 4.4.4.4 remote-as 1

 neighbor 4.4.4.4 update-source Loopback0

 no auto-summary

!

ip classless

no ip pim bidir-enable

!

!

!

line con 0

 logging synchronous

line aux 0

line vty 0 4

!

end

 

r2#

09:26:08: TCP: checksum failure <10.1.34.4,11188> <2.2.2.2,179>

r2#

09:26:14: BGP: 4.4.4.4 multihop open delayed 15544ms (no route)

r2#

09:26:16: TCP: checksum failure <10.1.34.4,11188> <2.2.2.2,179>

r2#

09:26:30: BGP: 4.4.4.4 multihop open delayed 11840ms (no route)

r2#

09:26:41: BGP: 4.4.4.4 multihop open delayed 10304ms (no route)

r2#

09:26:52: BGP: 4.4.4.4 multihop open delayed 10480ms (no route)

r2#

09:27:02: BGP: 4.4.4.4 multihop open delayed 10144ms (no route)

r2#

09:27:12: BGP: 4.4.4.4 multihop open delayed 14032ms (no route)

r2#

r2#sh

09:27:26: BGP: 4.4.4.4 multihop open delayed 16384ms (no route)

r2#sh ip b su

BGP router identifier 4.4.4.4, local AS number 1

BGP table version is 1, main routing table version 1

 

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

4.4.4.4         4     1      62      62        0    0    0 08:02:59 Active

 

 

r2#cle       

r2#clear

r2#clear ip b *

r2#

r2#

09:28:20: BGP: 4.4.4.4 went from Active to Idle

r2#

09:28:32: TCP: checksum failure <10.1.34.4,11189> <2.2.2.2,179>

r2#

09:28:34: TCP: checksum failure <10.1.34.4,11189> <2.2.2.2,179>

r2#

09:28:38: TCP: checksum failure <10.1.34.4,11189> <2.2.2.2,179>

r2#

09:28:41: BGP: 4.4.4.4 went from Idle to Active

09:28:41: BGP: 4.4.4.4 open active, delay 5004ms

r2#

09:28:46: BGP: 4.4.4.4 multihop open delayed 19168ms (no route)

09:28:46: TCP: checksum failure <10.1.34.4,11189> <2.2.2.2,179>

r2#

09:29:05: BGP: 4.4.4.4 multihop open delayed 10208ms (no route)

r2#

SP_Access_Server_1>4

[Resuming connection 4 to 1-r4 ... ]

 

r2因为使用默认路由所以不能主动发起tcp连接,因为r4没有做环回口的update source ,所以,它的更新源是出接口s0(10.1.34.4),而r2做了update source lo 0,其更新源是环回口,这时候从r4主动发起的tcp连接,r2收到这个请求后,尝试用自己的环回口地址(2.2.2.2)对r4发起更新的源地址(10.1.34.4)做相应,而r2没有neighbor这个地址,所以会出现tcp 校验和错误,并且向r4发送tcp rst,要求重新发起tcp连接.

09

r4#

r4#cle

r4#clear ip b *

r4#

09:29:25: BGP: 2.2.2.2 went from Active to Idle

r4#

09:29:45: BGP: 2.2.2.2 went from Idle to Active

09:29:45: BGP: 2.2.2.2 open active, delay 8368ms

r4#

09:29:53: BGP: 2.2.2.2 open active, local address 10.1.34.4  其出接口的更新源

09:29:53: TCB004F26A4 created

09:29:53: TCB004F26A4 setting property TCP_WINDOW_SIZE (0) 4FDE76

09:29:53: TCB004F26A4 setting property TCP_TOS (11) 4FDE75

09:29:53: TCB004F26A4 bound to 10.1.34.4.11190

09:29:53: TCP: sending SYN, seq 3358096071, ack 0

09:29:53: TCP0: Connection to 2.2.2.2:179, advertising (after MSS set) MSS 536

09:29:53: TCP0: state was CLOSED -> SYNSENT [11190 -> 2.2.2.2(179)]

09:29:53: TCP0: state was SYNSENT -> CLOSED [11190 -> 2.2.2.2(179)]

09:29:53: TCP0: bad seg from 2.2.2.2 -- closing connection: seq 0 ack 3358096072 rcvnxt 0 rcvwnd 0

09:29:53: TCP0: connection closed - remote sent RST

09:29:53: TCB 0x4F26A4 destroyed

09:29:53: BGP: 2.2.2.2 open failed: Connection refused by remote host

r4#

 

因为r2没有对r4的tcp连接做出响应,以它向r4发送tcp  RST

 

----------------------------------------------------------------------------

 

如果把r2的update source lo 0去掉:

 

r2(config)#router bgp 1

r2(config-router)#

09:43:00: BGP: 4.4.4.4 multihop open delayed 10564ms (no route)

09:44:16: TCP: checksum failure <10.1.34.4,11196> <2.2.2.2,179>

r2(config-router)#no

09:44:18: TCP: checksum failure <10.1.34.4,11196> <2.2.2.2,179>

r2(config-router)#no  neighbor 4.4.4.4 update-source Loopback0

09:44:22: TCP: checksum failure <10.1.34.4,11196> <2.2.2.2,179>

r2(config-router)#end

r2#

SP_Access_Server_1>4

[Resuming connection 4 to 1-r4 ... ]

 

09:

r4>en

09:41:53: BGP: 2.2.2.2 open active, local address 0.0.0.0

09:41:53: TCB0079170C created

09:41:53: TCB0079170C setting property TCP_WINDOW_SIZE (0) 4FDE76

09:41:53: TCB0079170C setting property TCP_TOS (11) 4FDE75

09:41:53: TCB0079170C bound to 0.0.0.0.11195

09:41:53: TCP: sending SYN, seq 2734427470, ack 0

09:41:53: TCP0: Connection to 2.2.2.2:179, advertising (after MSS set) MSS 536

09:41:53: TCP0: state was CLOSED -> SYNSENT [11195 -> 2.2.2.2(179)]

09:42:07: TCP0: timeout #3 - timeout is 16000 ms, seq 2734427470

r4#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

r4(config)#

r4(config)#

r4(config)#

r4(config)#

09:42:07: TCP: (11195) -> 2.2.2.2(179)

09:42:23: TCP0: state was SYNSENT -> CLOSED [11195 -> 2.2.2.2(179)]

09:42:23: TCB 0x79170C destroyed

09:42:23: BGP: 2.2.2.2 open failed: Connection timed out; remote host not responding

09:42:25: TCP: sending RST, seq 0, ack 2256687541

09:42:25: TCP: sent RST to 5.5.5.5:11251 from 4.4.4.4:179

09:44:23: BGP: 2.2.2.2 open active, local address 0.0.0.0

09:44:23: TCB0079170C created

09:44:23: TCB0079170C setting property TCP_WINDOW_SIZE (0) 4FDE76

09:44:23: TCB0079170C setting property TCP_TOS (11) 4FDE75

09:44:23: TCB0079170C bound to 0.0.0.0.11196

09:44:23: TCP: sending SYN, seq 2486109609, ack 0

09:44:23: TCP0: Connection to 2.2.2.2:179, advertising (after MSS set) MSS 536

09:44:23: TCP0: state was CLOSED -> SYNSENT [11196 -> 2.2.2.2(179)]

09:44:25: TCP: sending RST, seq 0, ack 3114400074

09:44:25: TCP: sent RST to 5.5.5.5:11252 from 4.4.4.4:179

09:44:37: TCP0: timeout #3 - timeout is 16000 ms, seq 2486109609

09:44:37: TCP: (11196) -> 2.2.2.2(179)

r4(config)#end

r4#

r4#sh ip

09:44:52: %SYS-5-CONFIG_I: Configured from console by console

r4#sh ip b su

BGP router identifier 2.2.2.2, local AS number 1

BGP table version is 1, main routing table version 1

 

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

2.2.2.2         4     1      62      62        0    0    0 08:20:14 Active

5.5.5.5         4     1      10      11        0    0    0 08:19:05 Idle (Admin)

10.1.45.5       4     1      15      15        0    0    0 08:26:35 Idle (Admin)

r4#

09:44:53: TCP0: state was SYNSENT -> CLOSED [11196 -> 2.2.2.2(179)]

09:44:53: TCB 0x79170C destroyed

09:44:53: BGP: 2.2.2.2 open failed: Connection timed out; remote host not responding

r4#

 

因为对于r2其更新源是10.1.12.1,连基本的update source lo 0都没有,连发送一个rst都没有,所以超时.

r4#

r4#

r4#

09:46:53: BGP: 2.2.2.2 open active, local address 0.0.0.0

09:46:53: TCB0079170C created

09:46:53: TCB0079170C setting property TCP_WINDOW_SIZE (0) 4FDE76

09:46:53: TCB0079170C setting property TCP_TOS (11) 4FDE75

09:46:53: TCB0079170C bound to 0.0.0.0.11197

09:46:53: TCP: sending SYN, seq 1906822626, ack 0

09:46:53: TCP0: Connection to 2.2.2.2:179, advertising (after MSS set) MSS 536

09:46:53: TCP0: state was CLOSED -> SYNSENT [11197 -> 2.2.2.2(179)]

r4#

 

-------------------------------------------------------------------------

在r4上打上update source lo 0

 

r4(config)#router bgp 1

r4(config-router)#nei 2.2.2.2 up lo0

r4(config-router)#end

 

 

这时候 bgp邻居建立起来了.

看debug信息

09:51:53: BGP: 2.2.2.2 open active, local address 4.4.4.4

09:51:53: TCB0079170C created

09:51:53: TCB0079170C setting property TCP_WINDOW_SIZE (0) 4FDE76

09:51:53: TCB0079170C setting property TCP_TOS (11) 4FDE75    协商tcp窗口大小

09:51:53: TCB0079170C bound to 4.4.4.4.11199

09:51:53: TCP: sending SYN, seq 1260969948, ack 0           

09:51:53: TCP0: Connection to 2.2.2.2:179, advertising (after MSS set) MSS 536

09:51:53: TCP0: state was CLOSED -> SYNSENT [11199 -> 2.2.2.2(179)]

09:51:54: TCP0: state was SYNSENT -> ESTAB [11199 -> 2.2.2.2(179)]  tcp3次握手

09:51:54: TCB0079170C connected to 2.2.2.2.179

09:51:54: BGP: 2.2.2.2 went from Active to OpenSent

09:51:54: BGP: 2.2.2.2 sending OPEN, version 4, my as: 1    主动发送open

09:51:54: BGP: 2.2.2.2 send message type 1, length (incl. header) 45

09:51:54: BGP: 2.2.2.2 rcv message type 1, length (excl. header) 26

09:51:54: BGP: 2.2.2.2 rcv OPEN, version 4

09:51:54: BGP: 2.2.2.2 rcv OPEN w/ OPTION prameter len: 16

09:51:54: BGP: 2.2.2.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 6

09:51:54: BGP: 2.2.2.2 OPEN has CAPABILITY code: 1, length 4

09:51:54: BGP: 2.2.2.2 OPEN has MP_EXT CAP for afi/safi: 1/1

09:51:54: BGP: 2.2.2.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 2

09:51:54: BGP: 2.2.2.2 OPEN has CAPABILITY code: 128, length 0

09:51:54: BGP: 2.2.2.2 OPEN has ROUTE-REFRESH capability(old) for all address-families

09:51:54: BGP: 2.2.2.2 rcvd OPEN w/ optional parameter type 2 (Capability) len 2

09:51:54: BGP: 2.2.2.2 OPEN has CAPABILITY code: 2, length 0

09:51:54: BGP: 2.2.2.2 OPEN has ROUTE-REFRESH capability for all address-families bgp能力协商

09:51:54: BGP: 2.2.2.2 went from OpenSent to OpenConfirm

09:51:54: BGP: 2.2.2.2 send message type 4, length (incl. header) 19

09:51:54: BGP: 2.2.2.2 rcv message type 4, length (excl. header) 0

09:51:54: BGP: 2.2.2.2 went from OpenConfirm to Established

09:51:54: %BGP-5-ADJCHANGE: neighbor 2.2.2.2 Up

09:51:54: BGP: 2.2.2.2 send message type 4, length (incl. header) 19

09:51:54: BGP: 2.2.2.2 send message type 4, length (incl. header) 19

09:51:54: BGP: 2.2.2.2 rcv message type 4, length (excl. header) 0

09:51:54: BGP: 2.2.2.2 rcv message type 4, length (excl. header) 0

r4#

来看看r2的debug信息

 

09:51:46: TCB004FF288 created

09:51:46: TCP0: state was LISTEN -> SYNRCVD [179 -> 4.4.4.4(11199)]

09:51:46: TCP: sending SYN, seq 1897244048, ack 1260969949

09:51:46: TCP0: Connection to 4.4.4.4:11199, advertising (after MSS set) MSS 536

09:51:46: TCP0: state was SYNRCVD -> ESTAB [179 -> 4.4.4.4(11199)]

09:51:46: TCB0079EF84 callback, connection queue = 1

09:51:46: TCB0079EF84 accepting 004FF288 from 4.4.4.4.11199

09:51:46: BGP: 4.4.4.4 passive open

09:51:46: BGP: 4.4.4.4 went from Active to Idle

09:51:46: BGP: 4.4.4.4 went from Idle to Connect

09:51:47: BGP: 4.4.4.4 rcv message type 1, length (excl. header) 26

09:51:47: BGP: 4.4.4.4 rcv OPEN, version 4

09:51:47: BGP: 4.4.4.4 went from Connect to OpenSent

09:51:47: BGP: 4.4.4.4 sending OPEN, version 4, my as: 1

09:51:47: BGP: 4.4.4.4 rcv OPEN w/ OPTION prameter len: 16

09:51:47: BGP: 4.4.4.4 rcvd OPEN w/ optional parameter type 2 (Capability) len 6

09:51:47: BGP: 4.4.4.4 OPEN has CAPABILITY code: 1, length 4

09:51:47: BGP: 4.4.4.4 OPEN has MP_EXT CAP for afi/safi: 1/1

09:51:47: BGP: 4.4.4.4 rcvd OPEN w/ optional parameter type 2 (Capability) len 2

09:51:47: BGP: 4.4.4.4 OPEN has CAPABILITY code: 128, length 0

09:51:47: BGP: 4.4.4.4 OPEN has ROUTE-REFRESH capability(old) for all address-families

09:51:47: BGP: 4.4.4.4 rcvd OPEN w/ optional parameter type 2 (Capability) len 2

09:51:47: BGP: 4.4.4.4 OPEN has CAPABILITY code: 2, length 0

09:51:47: BGP: 4.4.4.4 OPEN has ROUTE-REFRESH capability for all address-families

09:51:47: BGP: 4.4.4.4 went from OpenSent to OpenConfirm

09:51:47: BGP: 4.4.4.4 send message type 1, length (incl. header) 45

09:51:47: BGP: 4.4.4.4 send message type 4, length (incl. header) 19

09:51:47: BGP: 4.4.4.4 rcv message type 4, length (excl. header) 0

09:51:47: BGP: 4.4.4.4 went from OpenConfirm to Established

09:51:47: %BGP-5-ADJCHANGE: neighbor 4.4.4.4 Up

 

分析:r4用其环回口向r2的2.2.2.2 发起tcp连接,r2对 r4要求连接的2.2.2.2 做响应,在bgp配置里面正好有这个neighbor项,所以一切正常,但是为什么在不论是在r2还是在r4端clear ip b *,总是r2被动打开?(因为默认路由的关系?<在没有默认路由的时候也是这样好像>还是说其对方看到的neighbor地址较小?还是说在tcp之前的packet里面有一些协商位?)

 

待续…