bgp报文
bgp报文:
- open报文
- keepalive报文
- update报文 (route-policy export改变)
- notification报文(邻居超时、reset 邻居等)
- refresh报文(route-policy import改变)
bgp头部
Border Gateway Protocol - OPEN Message
Marker: ffffffffffffffffffffffffffffffff
Length: 51
Type: OPEN Message (1) //Type: UPDATE Message (2) //Type: NOTIFICATION Message (3) //Type: KEEPALIVE Message (4) //Type: ROUTE-REFRESH Message (5)
| 字段 | 字段说明 |
|---|---|
| Marker | 标记,该字段用于检测BGP对等体之间的同步丢失情况,并且在支持验证功能的情况下进行消息验证。 |
| Length | BGP报文的长度,包括头部。BGP报文的长度范围在19B-4096B之间。 |
| Type | 5种类型bgp报文(1)-(5) |
open报文
Border Gateway Protocol - OPEN Message
Version: 4
My AS: 100
Hold Time: 180
BGP Identifier: 24.1.1.2
Optional Parameters Length: 22
Optional Parameters
Optional Parameter: Capability
Parameter Type: Capability (2)
Parameter Length: 20
Capability: Multiprotocol extensions capability
Type: Multiprotocol extensions capability (1)
Length: 4
AFI: IPv4 (1)
Reserved: 00
SAFI: Unicast (1)
Capability: Multiprotocol extensions capability
Type: Multiprotocol extensions capability (1)
Length: 4
AFI: Layer-2 VPN (25)
Reserved: 00
SAFI: EVPN (70)
> Capability: Route refresh capability
> Capability: Support for 4-octet AS number capability
| 字段 | 字段说明 |
|---|---|
| Version | v4,默认版本,支持多协议mp(ipv6、组播、evpn等) |
| My AS | 路由器自己的AS(自治系统)号(影响建邻居的因素之一) |
| Hold Time | 邻居保持时间,默认时keepalive的3倍。路由器等待接收每60s发送一次的keepalive报文 或update报文,收到报文后,保持时间清零。 |
| BGP Identifier | 路由器 router id,选举方式和ospf相同。 (影响建邻居的因素之一) |
| Optional Parameters | 选项参数 |
| Capability | 路由器所支持的能力,上述案例1.多协议拓展:AFI: IPv4 (1)(SAFI: Unicast (1))、AFI: Layer-2 VPN (25)(SAFI: EVPN (70)) 2.路由刷新能力 3.四字节AS号能力。 |
update报文
-------------1-------------------
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 55
Type: UPDATE Message (2)
Withdrawn Routes Length: 0
Total Path Attribute Length: 28
Path attributes
Path Attribute - ORIGIN: IGP
Path Attribute - AS_PATH: empty
Path Attribute - NEXT_HOP: 12.1.1.2
Path Attribute - MULTI_EXIT_DISC: 0
Path Attribute - LOCAL_PREF: 100
Network Layer Reachability Information (NLRI)
2.2.2.0/24
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 56
Type: UPDATE Message (2)
Withdrawn Routes Length: 0
Total Path Attribute Length: 28
Path attributes
Path Attribute - ORIGIN: IGP //在bgp中network的路由,起源属性是IGP
Path Attribute - AS_PATH: empty
Path Attribute - NEXT_HOP: 12.1.1.2
Path Attribute - MULTI_EXIT_DISC: 0
Path Attribute - LOCAL_PREF: 100
Network Layer Reachability Information (NLRI)
2.2.22.2/32 //当有多条bgp路由时,bgp在每一层携带一条bgp路由(上面的分成了两条)
-------------2-------------------
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 114
Type: UPDATE Message (2)
Withdrawn Routes Length: 0
Total Path Attribute Length: 91
Path attributes
Path Attribute - ORIGIN: INCOMPLETE //起源属性
Path Attribute - AS_PATH: empty //AS-Path属性
Path Attribute - LOCAL_PREF: 100 //LP本地优先级属性
Path Attribute - ORIGINATOR_ID: 34.1.1.3 //ORIGINATOR id属性
Path Attribute - CLUSTER_LIST: 24.1.1.4 //CLUSTER_LIST属性
Path Attribute - EXTENDED_COMMUNITIES //扩展团体属性
Path Attribute - PMSI_TUNNEL_ATTRIBUTE
Path Attribute - MP_REACH_NLRI //NLRI网络层可达信息
Flags: 0x90, Optional, Extended-Length, Non-transitive, Complete
Type Code: MP_REACH_NLRI (14)
Length: 28
Address family identifier (AFI): Layer-2 VPN (25)
Subsequent address family identifier (SAFI): EVPN (70)
Next hop: 3.3.3.3
Number of Subnetwork points of attachment (SNPA): 0
Network Layer Reachability Information (NLRI)
EVPN NLRI: Inclusive Multicast Route
Route Type: Inclusive Multicast Route (3)
Length: 17
Route Distinguisher: 0000000100000001 (1:1)
Ethernet Tag ID: 0
IP Address Length: 32
IPv4 address: 3.3.3.3
-------------3-------------------
#
bgp 12
router-id 2.2.2.2
peer 12.1.1.1 as-number 12
peer 12.1.1.1 password simple 123
#
ipv4-family unicast
undo synchronization
network 2.2.2.0 255.255.255.0
network 2.2.22.2 255.255.255.255
network 22.22.0.0 255.255.0.0
peer 12.1.1.1 enable
peer 12.1.1.1 route-policy bgp export
#
旧:acl name bgp 3000
rule 5 permit ip 改变acl内容后,bgp撤销路由(2.2.2.0/24、2.2.22.2/32)
新:acl name bgp 3000
rule 5 permit ip source 22.22.0.0 0.0.255.255
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 32
Type: UPDATE Message (2)
Withdrawn Routes Length: 9
Withdrawn Routes
2.2.2.0/24 //bgp 撤销路由
2.2.22.2/32 //bgp 撤销路由
Total Path Attribute Length: 0
- route-policy export方向增加、删除、修改后,都会发送update报文。(比如报文中携带撤销路由等)
| 字段 | 字段说明 |
|---|---|
| Path Attribute | BGP路由路径属性,分公认必遵,公认任意,可选过渡,可选非过渡四类。起源、下一跳、AS-PATH属性公认必遵,每个bgp update报文中必须携带这三个字段。 |
| MP_REACH_NLRI | 多协议BGP,支持evpn,下面是evpn路由。 |
| AFI | 地址族,可选IPv4、IPv6 、L2VPN等 |
| SAFI | 子地址族,可选unicast、evpn等 |
| NLRI | 路由3.3.3.3,RD携带在Route Distinguisher字段。路径属性种携带团体、扩展团体属性 |
| Next hop | 下一跳属性 |
notification报文
Border Gateway Protocol - NOTIFICATION Message
Marker: ffffffffffffffffffffffffffffffff
Length: 21
Type: NOTIFICATION Message (3)
Major error Code: Hold Timer Expired (4)
Minor error Code (Hold Timer Expired): 0
另一个数据包中的报文
Border Gateway Protocol - NOTIFICATION Message
Marker: ffffffffffffffffffffffffffffffff
Length: 21
Type: NOTIFICATION Message (3)
Major error Code: Cease (6)
Minor error Code (Cease): Administratively Reset (4)
当检测到差错的时候就会发送notification消息,并且会导致BGP连接终止,例如对等体之间的AS号不对称、邻居地址不可达等原因造成的邻居终止,都会有一个差错列表表示。
在设备上手动将bgp邻居reset后 或者 经过180s没有收到对端路由器的keepalive报文, 对端会发送notification报文,要求重新建立bgp邻居。
| 字段 | 字段说明 |
|---|---|
| error Code | 错误代码 1表示消息头错误;2表示open消息错误;3表示update报文错误;4保持时间超时;5状态机错误;6终止。 |
| sub error Code | 错误子码 |
keepalive报文
Border Gateway Protocol - KEEPALIVE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 19
Type: KEEPALIVE Message (4)
- keepalive消息以保持时间1/3的时间间隔进行交互,用于检测tcp连接是否正常,但是不能够低于1s,如果保持时间为0,则表示不会发送keepalive报文,keepalive报文只包含bgp头部,在保持时间内,如果bgp发送过update报文,就会抑制keepalive消息的发送。
refresh报文
Border Gateway Protocol - ROUTE-REFRESH Message
Marker: ffffffffffffffffffffffffffffffff
Length: 23
Type: ROUTE-REFRESH Message (5)
Address family identifier (AFI): IPv4 (1)
Subtype: Normal route refresh request [RFC2918] with/without ORF [RFC5291] (0)
Subsequent address family identifier (SAFI): Unicast (1)
- route-policy import方向增加、删除、修改后,都会发送refresh报文,重新请求邻居路由表
[扩展]:bgp的认证密钥存放在tcp "option字段"
Options: (20 bytes), TCP MD5 signature, End of Option List (EOL)
TCP Option - TCP MD5 signature
Kind: MD5 Signature Option (19)
Length: 18
MD5 digest: ee6fdfa9617b88a538ac256e16e0fdf5
参考资料:
《HCIE路由交换学习指南》
浙公网安备 33010602011771号