JuniperSRXによるBGP演習(IBGP基本接続及び確認）

さっそく前回の演習トポロジーを使用して演習を始めました(^^;)！！

構成図は以下の通りです！

・・・の前に追加設定を実施します。
〇BGPビアで使用するループバックアドレスを設定しました

# set interfaces lo0 unit 0 family inet address 50.5.1.1/32
# set interfaces lo0 unit 1 family inet address 50.6.1.1/32
# set routing-instances VR2 interface lo0.0
# set routing-instances VR1 interface lo0.1　

では始めます～

①　OSPFの設定を実施しました
【VR1の場合】
admin@SRX100H2> show configuration routing-instances VR1
instance-type virtual-router;
interface fe-0/0/4.0;
interface fe-0/0/5.0;
interface fe-0/0/6.0;
interface fe-0/0/7.0;
interface lo0.1;

admin@SRX100H2# set routing-instances VR1 protocols ospf area 0 interface fe-0/0/5.0
admin@SRX100H2# set routing-instances VR1 protocols ospf area 0 interface fe-0/0/6.0
admin@SRX100H2# set routing-instances VR1 protocols ospf area 0 interface fe-0/0/7.0
admin@SRX100H2# set routing-instances VR1 protocols ospf area 0 interface lo0.1

【VR2の場合】
[edit]
admin@SRX100H2# run show configuration routing-instances VR2
instance-type virtual-router;
interface fe-0/0/0.0;
interface fe-0/0/1.0;
interface fe-0/0/2.0;
interface fe-0/0/3.0;
interface lo0.0;

admin@SRX100H2# set routing-instances VR2 protocols ospf area 0 interface fe-0/0/1
admin@SRX100H2# set routing-instances VR2 protocols ospf area 0 interface fe-0/0/2
admin@SRX100H2# set routing-instances VR2 protocols ospf area 0 interface fe-0/0/3
admin@SRX100H2# set routing-instances VR2 protocols ospf area 0 interface lo0.0

②　設定後、OSPFの状態確認を実施しました
（バーチャルルータを使用しているためコマンドに注意！！）

【ネイバー情報】
admin@SRX100H2> show ospf neighbor instance VR2
Address Interface State ID Pri Dead
172.30.3.6 fe-0/0/1.0 Full 50.6.1.1 128 32
172.30.30.6 fe-0/0/2.0 Full 50.6.1.1 128 39

admin@SRX100H2> show ospf neighbor instance VR1
Address Interface State ID Pri Dead
172.30.3.5 fe-0/0/5.0 Full 50.5.1.1 128 39
172.30.30.5 fe-0/0/6.0 Full 50.5.1.1 128 35

【データベース情報】
admin@SRX100H2> show ospf database instance VR1

OSPF database, Area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Router 50.5.1.1 50.5.1.1 0x80000004 95 0x22 0x429e 60
Router *50.6.1.1 50.6.1.1 0x80000006 125 0x22 0x2d8a 72
Network *172.30.3.6 50.6.1.1 0x80000001 134 0x22 0x3583 32
Network *172.30.30.6 50.6.1.1 0x80000001 125 0x22 0xb92 32

admin@SRX100H2> show ospf database instance VR2

OSPF database, Area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Router *50.5.1.1 50.5.1.1 0x80000004 97 0x22 0x429e 60
Router 50.6.1.1 50.6.1.1 0x80000006 129 0x22 0x2d8a 72
Network 172.30.3.6 50.6.1.1 0x80000001 138 0x22 0x3583 32
Network 172.30.30.6 50.6.1.1 0x80000001 129 0x22 0xb92 32

【経路情報】

admin@SRX100H2> show route protocol ospf

inet.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)

VR1.inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

50.5.1.1/32 *[OSPF/10] 00:07:26, metric 1
to 172.30.3.5 via fe-0/0/5.0
> to 172.30.30.5 via fe-0/0/6.0
224.0.0.5/32 *[OSPF/10] 00:11:16, metric 1
MultiRecv

VR2.inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.1.6.0/24 *[OSPF/10] 00:07:27, metric 2
to 172.30.3.6 via fe-0/0/1.0
> to 172.30.30.6 via fe-0/0/2.0
50.6.1.1/32 *[OSPF/10] 00:07:27, metric 1
> to 172.30.3.6 via fe-0/0/1.0
to 172.30.30.6 via fe-0/0/2.0
224.0.0.5/32 *[OSPF/10] 00:07:42, metric 1
MultiRecv

admin@SRX100H2>

③　IBGP設定の実施（ループバックインタフェースを使用してピア接続）
【VR1】
admin@SRX100H2# set routing-instances VR1 routing-options autonomous-system 65001
admin@SRX100H2# set routing-instances VR1 protocols bgp group INTERNAL peer-as 65001
admin@SRX100H2# set routing-instances VR1 protocols bgp group INTERNAL type internal
admin@SRX100H2# set routing-instances VR1 protocols bgp group INTERNAL neighbor 50.5.1.1
admin@SRX100H2# set routing-instances VR1 protocols bgp group INTERNAL local-address 50.6.1.1

【VR2】
admin@SRX100H2# set routing-instances VR2 protocols bgp group INTERNAL peer-as 65001
admin@SRX100H2# set routing-instances VR2 protocols bgp group INTERNAL type internal
admin@SRX100H2# set routing-instances VR2 protocols bgp group INTERNAL neighbor 50.6.1.1
admin@SRX100H2# set routing-instances VR2 protocols bgp group INTERNAL local-address 50.5.1.1

設定後、ネイバー張れていますが、経路情報は送受信されていません

〇BGPネイバーの確認　→　確立している
admin@SRX100H2> show bgp summary
Groups: 2 Peers: 2 Down peers: 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
50.5.1.1 65001 657 657 0 0 4:53:23 Establ
VR1.inet.0: 0/1/1/0
50.6.1.1 65001 656 657 0 0 4:53:23 Establ
VR2.inet.0: 0/1/1/0

〇細部を見てみると。。
[edit]
admin@SRX100H2# run show bgp neighbor instance VR2
Peer: 50.6.1.1+179 AS 65001 Local: 50.5.1.1+56683 AS 65001
Type: Internal State: Established Flags: <ImportEval Sync>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Options: <Preference LocalAddress PeerAS Refresh>
Local Address: 50.5.1.1 Holdtime: 90 Preference: 170
Number of flaps: 0
Peer ID: 50.6.1.1 Local ID: 50.5.1.1 Active Holdtime: 90
Keepalive Interval: 30 Peer index: 0
BFD: disabled, down
NLRI for restart configured on peer: inet-unicast
NLRI advertised by peer: inet-unicast
NLRI for this session: inet-unicast
Peer supports Refresh capability (2)
Stale routes from peer are kept for: 300
Peer does not support Restarter functionality
NLRI that restart is negotiated for: inet-unicast
NLRI of received end-of-rib markers: inet-unicast
NLRI of all end-of-rib markers sent: inet-unicast
Peer supports 4 byte AS extension (peer-as 65001)
Peer does not support Addpath
Table VR2.inet.0 Bit: 20000
RIB State: BGP restart is complete
RIB State: VPN restart is complete
Send state: in sync
Active prefixes: 0
Received prefixes: 0　　　　　　　　　　　→　経路受信もなし
Accepted prefixes: 0
Suppressed due to damping: 0
Advertised prefixes: 0　　　　　　　　　　　→　経路送信もなし
Last traffic (seconds): Received 18 Sent 18 Checked 48
Input messages: Total 3 Updates 1 Refreshes 0 Octets 61
Output messages: Total 4 Updates 0 Refreshes 0 Octets 139
Output Queue[1]: 0

[edit]
admin@SRX100H2#

⑥　BGPによる経路の受信は・・？

[edit]
admin@SRX100H2# run show route receive-protocol bgp 50.6.1.1

inet.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)

VR1.inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)

VR2.inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)

　　　　　　　　ないですね～(^^;)

④　BGPで広告したいNWをポリシーオプションで指定し、

　　　　　　　　　　　BGPのエクスポートポリシーに適用
【VR1】
admin@SRX100H2# set policy-options policy-statement INTERNAL-NETWORK-VR1 term 1 from route-filter 10.1.6.0/24 exact
admin@SRX100H2# set policy-options policy-statement INTERNAL-NETWORK-VR1 term 1 then accept
admin@SRX100H2# set routing-instances VR1 protocols bgp group INTERNAL export INTERNAL-NETWORK-VR1

【VR2】
admin@SRX100H2# set policy-options policy-statement INTERNAL-NETWORK-VR2 term 1 from route-filter 10.1.5.0/24 exact
admin@SRX100H2# set policy-options policy-statement INTERNAL-NETWORK-VR2 term 1 then accept
admin@SRX100H2# set routing-instances VR2 protocols bgp group INTERNAL export INTERNAL-NETWORK-VR2

⑤　BGPネイバー状態を再度確認！

admin@SRX100H2> show bgp neighbor instance VR2
Peer: 50.6.1.1+179 AS 65001 Local: 50.5.1.1+56683 AS 65001
Type: Internal State: Established Flags: <Sync>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Export: [ INTERNAL-NETWORK-VR2 ]
Options: <Preference LocalAddress PeerAS Refresh>
Local Address: 50.5.1.1 Holdtime: 90 Preference: 170
Number of flaps: 0
Peer ID: 50.6.1.1 Local ID: 50.5.1.1 Active Holdtime: 90
Keepalive Interval: 30 Peer index: 0
BFD: disabled, down
NLRI for restart configured on peer: inet-unicast
NLRI advertised by peer: inet-unicast
NLRI for this session: inet-unicast
Peer supports Refresh capability (2)
Stale routes from peer are kept for: 300
Peer does not support Restarter functionality
NLRI that restart is negotiated for: inet-unicast
NLRI of received end-of-rib markers: inet-unicast
NLRI of all end-of-rib markers sent: inet-unicast
Peer supports 4 byte AS extension (peer-as 65001)
Peer does not support Addpath
Table VR2.inet.0 Bit: 20000
RIB State: BGP restart is complete
RIB State: VPN restart is complete
Send state: in sync
Active prefixes: 0
Received prefixes: 1　　　　　　　　　　　　→ 経路を受信できている
Accepted prefixes: 1　　　　　　　
Suppressed due to damping: 0
Advertised prefixes: 1　　　　　　　　　　　　→　経路を送信できている
Last traffic (seconds): Received 12 Sent 16 Checked 27
Input messages: Total 647 Updates 6 Refreshes 0 Octets 12442
Output messages: Total 647 Updates 1 Refreshes 4 Octets 12401
Output Queue[1]: 0