濡備綍鍦?Quagga BGP 璺敱鍣ㄤ腑璁剧疆 IPv6 鐨?BGP 瀵圭瓑浣撳拰杩囨护,
濡備綍鍦?Quagga BGP 璺敱鍣ㄤ腑璁剧疆 IPv6 鐨?BGP 瀵圭瓑浣撳拰杩囨护,
鍦ㄤ箣鍓嶇殑鏁欑▼涓紝鎴戜滑婕旂ず浜嗗浣曚娇鐢≦uagga寤虹珛涓€涓?a href="https://linux.cn/article-4232-1.html">瀹屽鐨凚GP璺敱鍣?/a>鍜岄厤缃?a href="http://xmodulo.com/filter-bgp-routes-quagga-bgp-router.html">鍓嶇紑杩囨护銆傚湪鏈暀绋嬩腑锛屾垜浠細鍚戜綘婕旂ず濡備綍鍒涘缓IPv6 BGP瀵圭瓑浣撳苟閫氳繃BGP閫氬憡IPv6鍓嶇紑銆傚悓鏃舵垜浠篃灏嗘紨绀哄浣曚娇鐢ㄥ墠缂€鍒楄〃鍜岃矾鐢辨槧灏勭壒鎬ф潵杩囨护閫氬憡鐨勬垨鑰呰幏鍙栧埌鐨処Pv6鍓嶇紑銆?/p>
鎷撴墤
鏁欑▼涓紝鎴戜滑涓昏鍙傝€冨涓嬫嫇鎵戙€?/p>
鏈嶅姟渚涘簲鍟咥鍜孊甯屾湜鍦ㄤ粬浠箣闂村缓绔嬩竴涓狪Pv6鐨凚GP瀵圭瓑浣撱€備粬浠殑IPv6鍦板潃鍜孉S淇℃伅濡備笅鎵€绀恒€?/p>
- 瀵圭瓑浣揑P鍧? 2001:DB8:3::/64
- 渚涘簲鍟咥: AS 100, 2001:DB8:1::/48
- 渚涘簲鍟咮: AS 200, 2001:DB8:2::/48
CentOS/RHEL瀹夎Quagga
濡傛灉Quagga杩樻病鏈夊畨瑁咃紝鎴戜滑鍙互鍏堜娇鐢▂um瀹夎銆?/p>
# yum install quagga
鍦–entOS/RHEL 7锛孲ELinux绛栫暐浼氶粯璁ょ殑闃绘瀵逛簬/usr/sbin/zebra閰嶇疆鐩綍鐨勫啓鎿嶄綔锛岃繖浼氬鎴戜滑灏嗚浠嬬粛鐨勫畨瑁呮搷浣滄湁鎵€褰卞搷銆傚洜姝ゆ垜浠渶瑕佸儚涓嬮潰杩欐牱鍏抽棴杩欎釜绛栫暐銆傚鏋滀綘浣跨敤鐨勬槸CentOS/RHEL 6鍙互璺宠繃杩欎竴姝ャ€?/p>
# setsebool -P zebra_write_config 1
鍒涘缓閰嶇疆鏂囦欢
鍦ㄥ畨瑁呰繃鍚庯紝鎴戜滑鍏堝垱寤洪厤缃枃浠秡ebra/bgpd浣滀负閰嶇疆娴佺▼鐨勫紑濮嬨€?/p>
# cp /usr/share/doc/quagga-XXXXX/zebra.conf.sample /etc/quagga/zebra.conf
# cp /usr/share/doc/quagga-XXXXX/bgpd.conf.sample /etc/quagga/bgpd.conf
鐒跺悗锛屽厑璁歌繖浜涙湇鍔″紑鏈鸿嚜鍚€?/p>
鍦?CentOS/RHEL 6:
# service zebra start; service bgpd start
# chkconfig zebra on; chkconfig bgpd on
鍦?CentOS/RHEL 7:
# systemctl start zebra; systemctl start bgpd
# systemctl enable zebra; systmectl enable bgpd
Quagga鍐呴儴鎻愪緵涓€涓彨浣渧tysh鐨剆hell锛屽叾鐣岄潰涓庨偅浜涗富娴佽矾鐢卞巶鍟咰isco鎴朖uniper鍗佸垎鐩镐技銆傚惎鍔╲tysh shell鍛戒护琛岋細
# vtysh
鎻愮ず绗﹀皢鏀逛负锛?/p>
router-a#
鎴?/p>
router-b#
鍦ㄦ暀绋嬬殑鍏朵綑閮ㄥ垎锛岃繖涓彁绀哄彲浠ヨ〃鏄庝綘姝h韩澶勫湪鍝釜璺敱鐨剉tysh shell涓€?/p>
涓篫ebra鎸囧畾鏃ュ織鏂囦欢
鏉ヤ负Zebra閰嶇疆鏃ュ織鏂囦欢锛岃繖浼氭湁鍔╀簬璋冭瘯銆?/p>
棣栧厛锛岃繘鍏ュ叏灞€閰嶇疆妯″紡閫氳繃杈撳叆锛?/p>
router-a# configure terminal
鎻愮ず绗﹀皢鍙樻洿鎴愶細
router-a(config)#
鎸囧畾鏃ュ織鏂囦欢鐨勪綅缃€傜劧鍚庨€€鍑洪厤缃ā寮忥細
router-a(config)# log file /var/log/quagga/quagga.log
router-a(config)# exit
淇濆瓨閰嶇疆閫氳繃锛?/p>
router-a# write
閰嶇疆鎺ュ彛IP鍦板潃
鐜板湪锛岃鎴戜滑涓篞uagga鐨勭墿鐞嗘帴鍙i厤缃甀P鍦板潃銆?/p>
棣栧厛锛屾煡鐪嬩竴涓媣tysh涓幇鏈夌殑鎺ュ彛銆?/p>
router-a# show interfaces
Interface eth0 is up, line protocol detection is disabled
## OUTPUT TRUNCATED ###
Interface eth1 is up, line protocol detection is disabled
## OUTPUT TRUNCATED ##
鐜板湪鎴戜滑閰嶇疆IPv6鍦板潃銆?/p>
router-a# conf terminal
router-a(config)# interface eth0
router-a(config-if)# ipv6 address 2001:db8:3::1/64
router-a(config-if)# interface eth1
router-a(config-if)# ipv6 address 2001:db8:1::1/64
鍦ㄨ矾鐢盉涓婇噰鐢ㄥ悓鏍风殑鏂瑰紡鍒嗛厤IPv6鍦板潃銆傛垜灏嗛厤缃眹鎬绘垚濡備笅銆?/p>
router-b# show running-config
interface eth0
ipv6 address 2001:db8:3::2/64
interface eth1
ipv6 address 2001:db8:2::1/64
鐢变簬涓ゅ彴璺敱鐨別th0绔彛鍚屽睘涓€涓瓙缃戯紝鍗?001锛欴B8锛?::/64锛屼綘搴旇鍙互鐩镐簰ping閫氥€傚湪淇濊瘉ping閫氱殑鎯呭喌涓嬶紝鎴戜滑寮€濮嬩笅闈㈢殑鍐呭銆?/p>
router-a# ping ipv6 2001:db8:3::2
PING 2001:db8:3::2(2001:db8:3::2) 56 data bytes
64 bytes from 2001:db8:3::2: icmp_seq=1 ttl=64 time=3.20 ms
64 bytes from 2001:db8:3::2: icmp_seq=2 ttl=64 time=1.05 ms
姝ラ 1: IPv6 BGP 瀵圭瓑浣?/h3>
鏈锛屾垜浠皢鍦ㄤ袱涓矾鐢变箣闂撮厤缃甀Pv6 BGP銆傞鍏堬紝鎴戜滑鍦ㄨ矾鐢盇涓婃寚瀹欱GP閭诲眳銆?/p>
router-a# conf t
router-a(config)# router bgp 100
router-a(config-router)# no auto-summary
router-a(config-router)# no synchronization
router-a(config-router)# neighbor 2001:DB8:3::2 remote-as 200
鐒跺悗锛屾垜浠畾涔塈Pv6鐨勫湴鍧€鏃忋€傚湪鍦板潃鏃忎腑锛屾垜浠渶瑕佸畾涔夎閫氬憡鐨勭綉娈碉紝骞舵縺娲婚偦灞呫€?/p>
router-a(config-router)# address-family ipv6
router-a(config-router-af)# network 2001:DB8:1::/48
router-a(config-router-af)# neighbor 2001:DB8:3::2 activate
鎴戜滑鍦ㄨ矾鐢盉涓婁篃瀹炴柦鐩稿悓鐨勯厤缃€傝繖閲屾彁渚涙垜褰掓€诲悗鐨勯厤缃€?/p>
router-b# conf t
router-b(config)# router bgp 200
router-b(config-router)# no auto-summary
router-b(config-router)# no synchronization
router-b(config-router)# neighbor 2001:DB8:3::1 remote-as 100
router-b(config-router)# address-family ipv6
router-b(config-router-af)# network 2001:DB8:2::/48
router-b(config-router-af)# neighbor 2001:DB8:3::1 activate
濡傛灉涓€鍒囬『鍒╋紝鍦ㄨ矾鐢遍棿灏嗕細褰㈡垚涓€涓狪Pv6 BGP浼氳瘽銆傚鏋滃け璐ヤ簡锛岃纭繚鍦ㄩ槻鐏涓紑鍚簡蹇呰鐨勭鍙o紙TCP 179锛夈€?/p>
鎴戜滑浣跨敤浠ヤ笅鍛戒护鏉ョ‘璁Pv6 BGP浼氳瘽鐨勪俊鎭€?/p>
鏌ョ湅BGP姹囨€伙細
router-a# show bgp ipv6 unicast summary
鏌ョ湅BGP閫氬憡鐨勮矾鐢憋細
router-a# show bgp ipv6 neighbors <neighbor-IPv6-address> advertised-routes
鏌ョ湅BGP鑾峰緱鐨勮矾鐢憋細
router-a# show bgp ipv6 neighbors <neighbor-IPv6-address> routes
姝ラ 2锛?杩囨护IPv6鍓嶇紑
姝e鎴戜滑鍦ㄤ笂闈㈢湅鍒扮殑杈撳嚭淇℃伅閭f牱锛岃矾鐢遍棿閫氬憡浜嗕粬浠畬鏁寸殑/48 IPv6鍓嶇紑銆傚嚭浜庢紨绀虹殑鐩殑锛屾垜浠細鑰冭檻浠ヤ笅瑕佹眰銆?/p>
- Router-B灏嗛€氬憡涓€涓?64鍓嶇紑锛屼竴涓?56鍓嶇紑锛屽拰涓€涓畬鏁寸殑/48鍓嶇紑.
- Router-A灏嗘帴鍙椾换鐢盉鎻愪緵鐨勪綍褰㈠紡鐨処Pv6鍓嶇紑锛屽叾涓寘鍚湁/56鍜?64涔嬮棿鐨勭綉缁滄帺鐮侀暱搴︺€?/li>
鎴戜滑灏嗘牴鎹渶瑕佽繃婊ょ殑鍓嶇紑锛屾潵浣跨敤璺敱鍣ㄧ殑鍓嶇紑鍒楄〃鍜岃矾鐢辨槧灏勩€?/p>
涓鸿矾鐢盉淇敼閫氬憡鐨勫墠缂€
鐩墠锛岃矾鐢盉鍙€氬憡涓€涓?48鍓嶇紑銆傛垜浠慨鏀硅矾鐢盉鐨凚GP閰嶇疆浣垮畠鍙互閫氬憡棰濆鐨?56鍜?64鍓嶇紑銆?/p>
router-b# conf t
router-b(config)# router bgp 200
router-b(config-router)# address-family ipv6
router-b(config-router-af)# network 2001:DB8:2::/56
router-b(config-router-af)# network 2001:DB8:2::/64
鎴戜滑灏嗚矾鐢盇涓婇獙璇佷簡鎵€鏈夌殑鍓嶇紑閮借幏寰楀埌浜嗐€?/p>
澶ソ浜嗭紒鎴戜滑鍦ㄨ矾鐢盇涓婃敹鍒颁簡鎵€鏈夌殑鍓嶇紑锛岄偅涔堟垜浠彲浠ユ洿杩涗竴姝ュ垱寤哄墠缂€鍒楄〃鍜岃矾鐢辨槧灏勬潵杩囨护杩欎簺鍓嶇紑銆?/p>
鍒涘缓鍓嶇紑鍒楄〃
灏卞儚鍦?a href="http://xmodulo.com/filter-bgp-routes-quagga-bgp-router.html">涓婂垯鏁欑▼涓?/a>鎻忚堪鐨勯偅鏍凤紝鍓嶇紑鍒楄〃鏄竴绉嶆満鍒剁敤鏉ュ尮閰嶅甫鏈夊瓙缃戦暱搴︾殑IP鍦板潃鍓嶇紑銆傛寜鐓ф垜浠寚瀹氱殑闇€姹傦紝鎴戜滑闇€瑕佸湪璺敱A鐨勫墠缂€鍒楄〃涓垱寤轰竴鍒欏繀瑕佺殑鏉$洰銆?/p>
router-a# conf t
router-a(config)# ipv6 prefix-list FILTER-IPV6-PRFX permit 2001:DB8:2::/56 le 64
浠ヤ笂鐨勫懡浠や細鍒涘缓涓€涓悕涓?FILTER-IPV6-PRFX'鐨勫墠缂€鍒楄〃锛岀敤浠ュ尮閰嶄换浣?001:DB8:2::姹犲唴鎺╃爜鍦?6鍜?4涔嬮棿鐨勬墍鏈夊墠缂€銆?/p>
鍒涘缓骞跺簲鐢ㄨ矾鐢辨槧灏?/h4>
鐜板湪宸茬粡鍦ㄥ墠缂€鍒楄〃涓垱寤轰簡鏉$洰锛屾垜浠篃搴旇鐩稿簲鐨勫垱寤轰竴鏉′娇鐢ㄦ鏉$洰鐨勮矾鐢辨槧灏勮鍒欎簡銆?/p>
router-a# conf t
router-a(config)# route-map FILTER-IPV6-RMAP permit 10
router-a(config-route-map)# match ipv6 address prefix-list FILTER-IPV6-PRFX
浠ヤ笂鐨勫懡浠や細鍒涘缓涓€鏉″悕涓?FILTER-IPV6-RMAP'鐨勮矾鐢辨槧灏勮鍒欍€傝繖鍒欒鍒欏皢浼氬厑璁镐笌涔嬪墠鍦ㄥ墠缂€鍒楄〃涓垱寤?FILTER-IPV6-PRFX'鎵€鍖归厤鐨処Pv6
瑕佽浣忚矾鐢辨槧灏勮鍒欏彧鏈夊湪搴旂敤鍦ㄩ偦灞呮垨鑰呯鍙g殑鎸囧畾鏂瑰悜鏃舵墠鏈夋晥銆傛垜浠皢鎶婅矾鐢辨槧灏勫簲鐢ㄥ埌BGP鐨勯偦灞呴厤缃腑銆傛垜浠皢璺敱鏄犲皠搴旂敤浜庡叆鏂瑰悜锛屼綔涓鸿繘鍏ヨ矾鐢辩鐨勫墠缂€杩囨护鍣ㄣ€?/p>
router-a# conf t
router-a(config)# router bgp 100
router-a(config-router)# address-family ipv6
router-a(config-router-af)# neighbor 2001:DB8:3::2 route-map FILTER-IPV6-RMAP in
鐜板湪鎴戜滑鍦ㄨ矾鐢盇涓婂啀鏌ョ湅涓€杈硅幏寰楀埌鐨勮矾鐢憋紝鎴戜滑搴旇鍙兘鐪嬭涓や釜琚厑璁哥殑鍓嶇紑浜嗐€?/p>
娉ㄦ剰锛?浣犲彲鑳介渶瑕侀噸缃瓸GP浼氳瘽鏉ュ埛鏂拌矾鐢辫〃銆?/p>
鎵€鏈塈Pv6鐨凚GP浼氳瘽鍙互浣跨敤浠ヤ笅鐨勫懡浠ら噸鍚細
router-a# clear bgp ipv6 *
鎴戞眹鎬讳簡涓や釜璺敱鐨勯厤缃紝骞跺仛鎴愪簡涓€寮犳竻鏅扮殑鍥剧墖浠ヤ究闃呰銆?/p>
鎬荤粨
鎬荤粨涓€涓嬶紝杩欑瘒鏁欑▼閲嶇偣鍦ㄤ簬濡備綍鍒涘缓BGP瀵圭瓑浣撳拰IPv6鐨勮繃婊ゃ€傛垜浠紨绀轰簡濡備綍鍚戦偦灞匓GP璺敱閫氬憡IPv6鍓嶇紑锛屽拰濡備綍杩囨护閫氬憡鍓嶇紑鎴栬幏寰楃殑閫氬憡銆傞渶瑕佹敞鎰忥紝鏈暀绋嬩娇鐢ㄧ殑杩囩▼鍙兘浼氬缃戠粶渚涘簲鍟嗙殑缃戠粶杩愪綔鏈夋墍褰卞搷锛岃璋ㄦ厧鍙傝€冦€?/p>
甯屾湜杩欎簺瀵逛綘鏈夌敤銆?/p>
评论暂时关闭