BGP 기본 구성 / 방법 1, 방법 2
BGP
BGP AS 100 = ex. SKT
BGP AS 200 = ex. LG U+
서로 간 협약(계약)을 하게 만들고 싶다.
방법 - 명령어
R1)
router bgp 100
bgr router-id 1.1.1.1
neighbor 1.1.12.2 remote-as 100
network 192.168.10.0 mask 255.255.255.0 <- 자신의 라우터에 해당된 PC의 정보만 넣어주면 된다는 것을 기억하자.(보통 회사 쪽에 있는 네트워크만 넣어줌.)
R2)
router bgp 100
bgp router-id 2.2.2.2
neighbor 1.1.12.1 remote-as 100
network 192.168.20.0 mask 255.255.255.0
R3)
router bgp 200
bgp router-id 3.3.3.3
neighbor 3.3.12.2 remote-as 200
network 192.168.30.0 mask 255.255.255.0
R4)
router bgp 200
bgp router-id 4.4.4.4
neighbor 3.3.12.1 remote-as 200
network 192.168.40.0 mask 255.255.255.0
# show ip bgp
iBGP
- 같은 BGP 내에서 교환하는 것을 의미함.
eBGP
- 다른 AS 간 교환.
명령어 - 방법 1.
R2)
router bgp 100
neighbor 2.2.12.2 remote-as 200
R3)
router bgp 200
neighbor 2.2.12.1 remote-as 100
# show ip bgp
B라고 뜬 것을 확인할 수 있음.
이것을 우리는 BGP로 교환한 것을 알 수 있음.
역시 R3에서도 B라고 뜸.
192.168.10.1 에서 아까는 안 되던 30.1과 40.1로의 ping이 됨.
DMZ 구간 - 2.2.12.0
2.2.12.0은 누구의 소유도 아니다.
# show ip bgp summary
- neighbor 확인
![14]()
![15]()
![16]()
![17]()
방법 02. - 명령어 (ft. 상대 원칙)
R1)
ip route 3.3.3.0 255.255.255.0 1.1.12.2 <- 상대 원칙
router bgp 100
bgp router-id 1.1.1.1
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo 0
network 192.168.10.0 mask 255.255.255.0
R2)
ip route 3.3.3.0 255.255.255.0 2.2.12.2
router bgp 100
bgp router-id 2.2.2.2
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source lo 0
neighbor 3.3.3.3 remote-as 200
neighbor 3.3.3.3 update-source lo 0
neighbor 3.3.3.3 ebgp-multihop 2
network 192.168.20.0 mask 255.255.255.0
R3)
ip route 2.2.2.0 255.255.255.0 2.2.12.1
router bgp 200
bgp router-id 3.3.3.3
neighbor 4.4.4.4 remote-as 200
neighbor 4.4.4.4 update-source lo 0
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo 0
neighbor 2.2.2.2 ebgp-multihop 2
network 192.168.30.0 mask 255.255.255.0
R4)
ip route 2.2.2.0 255.255.255.0 3.3.12.1 <- 상대 원칙
router bgp 200
bgp router-id 4.4.4.4
neighbor 3.3.3.3 remote-as 200
neighbor 3.3.3.3 update-source lo 0
network 192.168.40.0 mask 255.255.255.0
결과.
Ex. 유형 01
물리적으로 직접 붙어있는 것으로 neighbor을 주기.
방법.
R1)
router bgp 100
bgp router-id 1.1.1.1
neighbor 1.1.12.2 remote-as 100
network 192.168.10.0 mask 255.255.255.0
R2)
router bgp 100
bgp router-id 2.2.2.2
neighbor 1.1.12.1 remote-as 100
network 192.168.20.0 mask 255.255.255.0
neighbor 2.2.12.3 remote-as 200
R3)
router bgp 200
bgp router-id 3.3.3.3
neighbor 3.3.12.4 remote-as 200
network 192.168.30.0 mask 255.255.255.0
neighbor 2.2.12.2 remote-as 100
R4)
router bgp 200
bgp router-id 4.4.4.4
neighbor 3.3.12.3 remote-as 200
network 192.168.40.0 mask 255.255.255.0
neighbor 4.4.12.5 remote-as 300
R5)
router bgp 300
bgp router-id 5.5.5.5
neighbor 5.5.12.6 remote-as 300
network 192.168.50.0 mask 255.255.255.0
neighbor 4.4.12.4 remote-as 200
R6)
router bgp 300
bgp router-id 6.6.6.6
neighbor 5.5.12.5 remote-as 300
network 192.168.60.0 mask 255.255.255.0
neighbor 6.6.12.7 remote-as 400
R7)
router bgp 400
bgp router-id 7.7.7.7
neighbor 7.7.12.8 remote-as 400
network 192.168.70.0 mask 255.255.255.0
neighbor 6.6.12.6 remote-as 300
R8)
router bgp 400
bgp router-id 8.8.8.8
neighbor 7.7.12.7 remote-as 400
network 192.168.80.0 mask 255.255.255.0
결과.
ping도 다 가면 됨.
Ex. 유형 2(같은 구역) + 유형 1(다른 구역)
방법.
R1)
router bgp 100
bgp router-id 1.1.1.1
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo 0
network 192.168.10.0 mask 255.255.255.0
R2)
router bgp 100
bgp router-id 2.2.2.2
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source lo 0
neighbor 2.2.12.3 remote-as 200
network 192.168.20.0 mask 255.255.255.0
R3)
router bgp 200
bgp router-id 3.3.3.3
neighbor 4.4.4.4 remote-as 200
neighbor 4.4.4.4 update-source lo 0
neighbor 2.2.12.2 remote-as 100
network 192.168.30.0 mask 255.255.255.0
R4)
router bgp 200
bgp router-id 4.4.4.4
neighbor 4.4.12.5 remote-as 300
neighbor 3.3.3.3 remote-as 200
neighbor 3.3.3.3 update-source lo 0
network 192.168.40.0 mask 255.255.255.0
R5)
router bgp 300
bgp router-id 5.5.5.5
neighbor 4.4.12.4 remote-as 200
neighbor 6.6.6.6 remote-as 300
neighbor 6.6.6.6 update-source lo 0
network 192.168.50.0 mask 255.255.255.0
R6)
router bgp 300
bgp router-id 6.6.6.6
neighbor 6.6.12.7 remote-as 400
neighbor 5.5.5.5 remote-as 300
neighbor 5.5.5.5 update-source lo 0
network 192.168.60.0 mask 255.255.255.0
R7)
router bgp 400
bgp router-id 7.7.7.7
neighbor 6.6.12.6 remote-as 300
neighbor 8.8.8.8 remote-as 400
neighbor 8.8.8.8 update-source lo 0
network 192.168.70.0 mask 255.255.255.0
R8)
router bgp 400
bgp router-id 8.8.8.8
neighbor 7.7.7.7 remote-as 400
neighbor 7.7.7.7 update-source lo 0
network 192.168.80.0 mask 255.255.255.0
결과.
Ex.
- loopback 간 neighbor를 맺으려고 하는 것임.
-> ip route 전부 2개씩. - BGP에는 loopback만 들어가도록 할 것.
방법.
R1)
ip route 192.168.20.0 255.255.255.0 1.1.12.2
ip route 192.168.30.0 255.255.255.0 1.1.12.2
router bgp 100
bgp router-id 1.1.1.1
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo 0
network 192.168.10.0 mask 255.255.255.0
R2)
ip route 192.168.10.0 255.255.255.0 1.1.12.1
ip route 192.168.30.0 255.255.255.0 2.2.12.3
router bgp 100
bgp router-id 2.2.2.2
neighbor 1.1.1.1 remote-as 100
neighbor 3.3.3.3 remote-as 200
neighbor 1.1.1.1 update-source lo 0
neighbor 3.3.3.3 update-source lo 0
neighbor 3.3.3.3 ebgp-multihop 2
network 192.168.20.0 mask 255.255.255.0
R3)
ip rotue 192.168.20.0 255.255.255.0 2.2.12.2
ip route 192.168.40.0 255.255.255.0 3.3.12.4
router bgp 200
bgp router-id 3.3.3.3
neighbor 4.4.4.4 remote-as 200
neighbor 2.2.2.2 remote-as 100
neighbor 4.4.4.4 update-source lo 0
neighbor 2.2.2.2 update-source lo 0
neighbor 2.2.2.2 ebgp-multihop 2
network 192.168.30.0 mask 255.255.255.0
R4)
ip route 192.168.30.0 255.255.255.0 3.3.12.3
ip route 192.168.20.0 255.255.255.0 3.3.12.3
router bgp 200
bgp router-id 200
bgp router-id 4.4.4.4
neighbor 3.3.3.3 remote-as 200
neighbor 3.3.3.3 update-source lo o
network 192.168.40.0 mask 255.255.255.0
※ 참고) neighbor [neighbor를 맺으려는 루프백 주소]
결과.
