Multicast Border Gateway Protocol (MBGP) 多播邊界網關協定

前言

BGP 支緩 Multiprotocol Extension,本文將會介紹 BGP 中的其中一個 Extension,即 Multicast BGP (MBGP)。Multicast Routing 一向依賴 Reverse Path Forwarding (RPF) 原理去判斷及防止 Looping,本文探討 MBGP 如何在 RPF Check 中發揮作用。要了解 MBGP 對讀者的基本功要求較高,筆者假設讀者已相當了解 RPF 原理、AD 原理及 BGP 的基本設定,如有疑問請先閱讀關於 PIMAD 和 BGP 的教學。

用 Unicast Routing Table 查找 Reverse Path

一般情況下,Router 會使用 Unicast Routing Table 去處理 RPF,但當網絡有多條 Path 時,此處理方法可能會失敗。請看以下例子。

multicast-bgp

各 Router 起始設定如下:

hostname R1
!
ip multicast-routing 
!
interface Ethernet1/0
 ip address 192.168.12.1 255.255.255.0
 ip pim dense-mode
!
interface Ethernet1/1
 ip address 192.168.13.1 255.255.255.0
!
interface Ethernet1/2
 ip address 192.168.14.1 255.255.255.0
 ip pim dense-mode
!
router ospf 1
 network 0.0.0.0 255.255.255.255 area 0
hostname R2
!
ip multicast-routing 
!
interface Ethernet1/0
 ip address 192.168.12.2 255.255.255.0
 ip pim dense-mode
!
interface Ethernet1/1
 ip address 192.168.23.2 255.255.255.0
 ip pim dense-mode
!
router ospf 1
 network 0.0.0.0 255.255.255.255 area 0
hostname R3
!
ip multicast-routing
!
interface Loopback0
 ip address 3.3.3.3 255.255.255.255
 ip pim dense-mode
 ip igmp join-group 224.1.1.1
!
interface Ethernet1/0
 ip address 192.168.13.3 255.255.255.0
!
interface Ethernet1/1
 ip address 192.168.23.3 255.255.255.0
 ip pim dense-mode
!
router ospf 1
 network 0.0.0.0 255.255.255.255 area 0
hostname R4
!
ip multicast-routing 
!
interface Ethernet1/0
 ip address 192.168.14.4 255.255.255.0
 ip pim dense-mode
!
router ospf 1
 network 0.0.0.0 255.255.255.255 area 0

從設定可見,所有網絡用 OSPF 打通,R3 的 Loopback0 Join 224.1.1.1 Group,然而只有 R4>R1>R2>R3 這條 Path 有跑 PIM,而 R4>R1>R3 這條 Path 則沒有。這會出現什麼問題呢?

R4#ping 224.1.1.1 repeat 5 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 224.1.1.1, timeout is 2 seconds:
.....

Multicast Ping 不通的原因是 R3 做 RPF Check 時使用了 Unicast Routing Table,要到達 Source 192.168.14.4 的 Best Path 為經 E1/0, 與 Multicast Traffic 到達位罝 E1/1 不刎合,因而 Multicast Traffic 被 Drop 掉。

R3#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      3.0.0.0/32 is subnetted, 1 subnets
C        3.3.3.3 is directly connected, Loopback0
O     192.168.12.0/24 [110/20] via 192.168.23.2, 00:34:57, Ethernet1/1
                      [110/20] via 192.168.13.1, 01:12:46, Ethernet1/0
      192.168.13.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.13.0/24 is directly connected, Ethernet1/0
L        192.168.13.3/32 is directly connected, Ethernet1/0
O     192.168.14.0/24 [110/20] via 192.168.13.1, 00:20:40, Ethernet1/0
      192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.23.0/24 is directly connected, Ethernet1/1
L        192.168.23.3/32 is directly connected, Ethernet1/1
O     192.168.34.0/24 [110/30] via 192.168.13.1, 00:20:30, Ethernet1/0
R3#
R3#show ip rpf 192.168.14.4
 failed, no route exists

最簡單的解決方法當然可以把 R3 的 E1/0 的 OSPF cost 調高,去改變 R3 使用 E1/1 到達 192.168.14.4,從而讓 RPF Check 成功。

R3(config)#int ethernet 1/0
R3(config-if)#ip ospf cost 9999
R3(config-if)#end
R3#
R3#show ip route 192.168.14.4
Routing entry for 192.168.14.0/24
  Known via "ospf 1", distance 110, metric 30, type intra area
  Last update from 192.168.23.2 on Ethernet1/1, 00:00:39 ago
  Routing Descriptor Blocks:
  * 192.168.23.2, from 4.4.4.4, 00:00:39 ago, via Ethernet1/1
      Route metric is 30, traffic share count is 1

show ip rpf 可見 RPF Type 是源自 OSPF Process 1。

R3#show ip rpf 192.168.14.4
RPF information for ? (192.168.14.4)
  RPF interface: Ethernet1/1
  RPF neighbor: ? (192.168.23.2)
  RPF route/mask: 192.168.14.0/24
  RPF type: unicast (ospf 1)
  Doing distance-preferred lookups across tables
  RPF topology: ipv4 multicast base, originated from ipv4 unicast base

又或者干脆用 Static Route 把 192.168.14.0/24 指向 E1/1。

R3(config)#ip route 192.168.14.0 255.255.255.0 192.168.23.2

由於 Static Route 的 AD 為 1,較 OSPF 110 低,所以 RPF Type 來源是 Static Route。

R3#show ip rpf 192.168.14.4
RPF information for ? (192.168.14.4)
  RPF interface: Ethernet1/1
  RPF neighbor: ? (192.168.23.2)
  RPF route/mask: 192.168.14.0/24
  RPF type: unicast (static)
  Doing distance-preferred lookups across tables
  RPF topology: ipv4 multicast base, originated from ipv4 unicast base

無論使用上述那個方法,都可以使 RPF Check 成功,令 Multicast Traffic Ping 通。

R4#ping 224.1.1.1 repeat 5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 224.1.1.1, timeout is 2 seconds:

Reply to request 0 from 3.3.3.3, 120 ms
Reply to request 1 from 3.3.3.3, 36 ms
Reply to request 2 from 3.3.3.3, 36 ms
Reply to request 3 from 3.3.3.3, 24 ms
Reply to request 4 from 3.3.3.3, 28 ms

不過以上兩個方法都會改變了 Unicast Routing 的 Best Path,影響了 Unicast Packet 的流動方向。

Static Multicast Route (mroute)

比較理想的方法是使用 Static Multicast Route (或稱 mroute),mroute 只改變 RPF Type 而不會對 Unicast Route Table 造成影響。

R3(config)#ip mroute 192.168.14.0 255.255.255.0 192.168.23.2

由於 mroute 的 AD 是 1 (相等於 Unicast 的 Static Route) 優於 OSPF 的 110,因此成為 RPF Type 來源,RPF 也會成功。

R3#show ip rpf 192.168.14.4
RPF information for ? (192.168.14.4)
  RPF interface: Ethernet1/1
  RPF neighbor: ? (192.168.23.2)
  RPF route/mask: 192.168.14.0/24
  RPF type: multicast (static)
  Doing distance-preferred lookups across tables
  RPF topology: ipv4 multicast base

MBGP

最後嘗試使用 MBGP 去解決問題。先在 R2 和 R3 建立 BGP Neighbor。

R2(config)#router bgp 65002
R2(config-router)#neighbor 192.168.23.3 remote-as 65003
R3(config)#router bgp 65003
R3(config-router)#neighbor 192.168.23.2 remote-as 65002

然後建立 Multicast 的 Address-family 設定,並發佈 192.168.14.0/24 Network。

R2(config-router)#address-family ipv4 multicast 
R2(config-router-af)#neighbor 192.168.23.3 activate 
R2(config-router-af)#network 192.168.14.0 mask 255.255.255.0
R3(config-router)#address-family ipv4 multicast 
R3(config-router-af)#neighbor 192.168.23.2 activate

由於 R2 和 R3 的 BGP AS Number 不同,屬於 eBGP,AD 為 20,優於 OSPF 110,因而成為 RPF Type,RPF Check 成功。

R3#show ip rpf 192.168.14.4
RPF information for ? (192.168.14.4)
  RPF interface: Ethernet1/1
  RPF neighbor: ? (192.168.23.2)
  RPF route/mask: 192.168.14.0/24
  RPF type: multicast (bgp 65003)
  Doing distance-preferred lookups across tables
  RPF topology: ipv4 multicast base

以上例子使用了 eBGP,但若使用 iBGP 則會因 AD 200 低於 OSPF 的 AD 110,未能成為了 RPF Type。以下例子中,我們把 R2 的 AS 改為 65003,使其成為 iBGP。

R2(config)#router bgp 65003
R2(config-router)#neighbor 192.168.23.3 remote-as 65003
R2(config-router)#address-family ipv4 multicast 
R2(config-router-af)#neighbor 192.168.23.3 activate 
R2(config-router-af)#network 192.168.14.0 mask 255.255.255.0
R3(config)#router bgp 65003
R3(config-router)#neighbor 192.168.23.2 remote-as 65003
R3(config-router)#address-family ipv4 multicast 
R3(config-router-af)#neighbor 192.168.23.2 activate

RPF Check 失敗了。

R3#show ip rpf 192.168.14.4
 failed, no route exists

由於 PRF Check 跟 Unicast Routing 一樣會先比較 Longest Match 後才比較 AD,所以遇到這個情況可以在 R2 把要發佈的 Network Prefix 加長,例如直接發佈 Source 的 Host Route 192.168.14.4/32,但當然要先附合 BGP 的發佈條件,在 R2 的 Route Table 中加入這條 Host Route。

R2(config-router)#address-family ipv4 multicast 
R2(config-router-af)#no network 192.168.14.0 mask 255.255.255.0
R2(config-router-af)#network 192.168.14.4 mask 255.255.255.255
R2(config-router-af)#exit    
R2(config-router)#exit
R2(config)#ip route 192.168.14.4 255.255.255.255 192.168.12.1

相關主題

發佈留言

2018-02-18

Posted In: Layer 3 網絡技術

Leave a Comment