bgp nÂng cao
TRANSCRIPT
BGP NNG CAO
BGP NNG CAOXy dng network dng iBGPMc d BGP l mt giao thc ngoi vng, n c hai phin bn: BGP ni (iBGP) v BGP ngoi (eBGP). S khc nhau ph thuc vo chc nng ca giao thc nh tuyn. Router s xc nh khi no th mt BGP s l eBGP hoc l mt iBGP bng cch kim tra gi tr AS c gi trong thng ip open-message. eBGP s tng thch vi cc yu cu chung ca mt giao thc ngoi vng. EBGP s gi cc thng tin nh tuyn gia cc AS khc nhau. V vy, router bin gii cc AS l eBGP router. iBGP c dng trong cc AS. IBGP chuyn cc thng tin n tt c cc BGP router bn trong domain v m bo rng tt c cc router c chung mt hiu bit v cc mng hin c. IBGP c dng gia cc router trong cng mt AS.
thit k v trin khai BGP chnh xc, c mt vi c im ca BGP cn phI c hiu. iBGP khng nht thit phi kt ni trc tip v mt vt l. Khng ging nh RIP hoc OSPF hoc IP v.6, cc router chy iBGP khng cn phi kt ni trc tip trn cng mt h tng mng. Mt s giao thc khc, chng hn nh OSPF s nh tuyn cc gi BGP gia cc iBGP router.
Hnh 8-1: Cc AS ca BGP
Thng qua cc kt ni logic, TCP s route cc gi i qua cc AS bi cc bng nh tuyn c duy tr bi OSPF. BGP c th truyn cc thng tin nh tuyn vo bn trong AS, n c th dng redistribute t BGP vo IGP. Qu trnh redistribute ny c th rt phc tp.
Mt iBGP s truyn mt route n BGP neighbor theo hai iu kin sau:
iu kin 1: Mt route c truyn bi router bng mt trong nhng phng thc sau:
thng qua lnh network
c redistribute t mt IGP
c redistribute t tuyn ng tnh
iu kin 2: Nu route c qung b l tuyn ng tnh
Nu mt route c hc t mt update t mt BGP peer trong cng mt AS, mt router BGP c th truyn route ny ch n eBGP. Bi v iBGP khng c chuyn nhng cp nht m n hc t iBGP peers, n cn phi kt ni fully-mesh vi nhau c y kin thc. Tuy nhin, mt mng fully-mesh th s khng c kh nng m rng v tt c cc router trong mt AS phi thit lp peer vi nhau.
Lut synchronization
Lut n gin ni rng trc khi mt iBGP c th truyn mt route vo mt AS khc, route phi c bit trn ton AS ca n. Ni cch khc, mt giao thc nh tuyn IGP phi c ng b (synchronized) vi BGP. Lut sync ny l c bt ON ch mc nh v n ch nn c tt nu tt c cc routers trong AS ny chy BGP.
Cc router BGP c bng nh tuyn v BGP table ring bit. Lut synchronization c pht biu nh sau: Mt route c hc t mt router IBGP lng ging (tc l route ny c trong BGP table) ch c a vo bng nh tuyn hoc qung b (advertise) ti BGP peer khi n c bit ti nh mt IGP. Khi mt router BGP nhn mt tuyn IBGP th n phi xem trong bng nh tuyn IGP c ng i n mng cha, nu c th mi xem tuyn c gi tr v c th s dng hoc gi cho cc BGP peer khc. iu ny l cn thit m bo cc router dc ng khng loi b cc gi tin do khng c tuyn.
Hnh 8-2: Lut sync
Trong hnh v trn, nu transit AS ch c cc router ngoi ra chy iBGP, ta cn phi da vo cc IGP mang traffic gia cc router iBGP. V vy, IGP cn phI c cc thng tin ny trong bng nh tuyn c th hon tt vic ny. AS400 v AS800 dng AS200 nh l transit AS. Theo lut sync, router s gi cc cp nht n AS 800 s khng truyn network 56.0.0.0 c qung b bi AS 400 tr phi OSPF c y thng tin v network 56.0.0.0. Ni cch khc, AS800 c th gI traffic n 56.0.0.0 s b mt trong AS200 bi v nu khng c thng tin trong bng nh tuyn, n s khng c kh nng y traffic n a ch ch ph hp.
Trong mt mng m c IGP v IBGP chy song song th vn khng nh hng g c. Cc IBGP cn phi c full-meshed v mt router c th bit c cch n c IBGP peer ca n , n phi da vo IGP. Trong bng nh tuyn ca mt router s c c cc route ca BGP v IGP , do tt c cc router trong mng u bit ng i n tt c cc net work ta phi thc hin redistribute , hoc qung co net work mt router trong mng. Ty theo topo ca mng m ta c nhng gii php c th.Trong mt vi trng hp, vic tt synchronization l cn thit. Cc trng hp ny l:
- Tt c cc Router trong AS u chy BGP
- AS ca bn khng phi l 1 transit AS, tc l khng advertise routes t 1 AS sang 1 AS khc.
- Nu tt c cc router trong AS l fully-mesh
- Version 12.2 th BGP Sync s tt ch mc nh.
Aggregate Address
Khi bn cu hnh aggregate-address m khng dng thm mt ty chn no, route c sinh ra s khng tha hng bt c mt attribute no ca tng specific route (v d nh AS_PATH hoc community). Khi bn dng t kha as-set, thuc tnh ca tng route thnh vin s c lu li.
router bgp 300 neighbor 2.2.2.2 remote-as 100 neighbor 3.3.3.3 remote-as 200 neighbor 4.4.4.4 remote-as 400 aggregate-address 160.0.0.0 255.0.0.0 summary-only as-set !
RouterD#show ip bgp BGP table version is 2, local router ID is 4.4.4.4 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path *> 160.0.0.0/8 4.4.4.1 0 300 {200,100} i
trong bng BGP, as-path ca aggregate-route c thm cc path ca tng route thnh vin.
A Fully Meshed Network
Lut BGP split horizon ni rng mc d cc router khng cn kt ni trc tip, n cn phi fully-mesh. iu kin ny nhm m bo cc mng phi thy nhau. trnh routing-loop, giao thc BGP phi tun theo lut split horizon rng khng c update no hc t mt peer bn trong c th gi n mt peer khc. iu ny c ngha rng, mt network khi c nhn s khng phn phi n cc router iBGP khc. Cc mng ny ch c truyn n cc router BGP trong cc AS khc, cn gi l eBGP peer.
BGP duy tr cc thng tin cp nht bng cch gi cc update trn cc kt ni TCP. Cc kt nI TCP ny l mt cch xut sc m bo tnh chnh xc ca thng tin, nhng nhc im ca n l tn nhiu ti nguyn h thng. S kt ni cng ln, ti nguyn yu cu cng nhiu. Mt cng thc n gin nh sau:
S cn n (n 1) / 2 kt nI TCP trn mt mng gm n router BGP.
Nh vy mt mng gm 10 router s yu cu 10 (10 1) / 2 = 10 * 9 / 2 = 45 phin lm vic. Cng thc ny chp nhn c trong mi trng c mt vi kt ni, tuy nhin nu h thng mng l mt nh ISP th thit k trn khng ph hp.
Chi ph qun tr trong mng fullymesh
Cng c nhng ph tn qun l trong vic duy tr cc mng kt ni fully-mesh. V d, mi ln c mt router BGP mi thm vo, s kt ni phi thit lp cng s tng ln nhiu ln tng ng. i vI TCP, khng ch phi duy tr cc kt ni rt tn ti nguyn m cn l cc cp nht updates phi i trn cc kt ni ny. Nu tt c cc router kt ni vi tt c cc router khc, mt s lng ln thng tin s c gi i trng lp.
Hnh 8-3: Cu hnh fullmesh cho iBGP
Thit k v cu hnh mt mng iBGP
Vn hn ch kh nng m rng trong mt mng fully meshed iBGP c th c gii quyt bng cc gii php thit k. Cc gii php v cu hnh s cho php ta b qua lun cc iBGP phi c full mesh. Cc lnh mi ny cho php ta pht trin mt mng hub-and-spoke n gin ha cc kt ni TCP. Gii php c gii thiu trong phn ny l gii php dng route reflector.
Route Reflectors
Mt route reflector l mt router c cu hnh chuyn nhng routing update n cc router lng ging hoc cc router chy BGP bn trong mt AS. Cc router iBGP cn phi c ch ra nh l client trong khi cu hnh. Khi mt client gi mt update n route-reflector, n s chuyn update n cc router client khc. c bit, route-reflector nh ngha lut split horizon. Lt ny ni rng mt iBGP router s khng truyn mt route c hc t mt router lng ging trong cng mt AS. Route Reflector v client s i hi mt quan h peer y bi v route reflector s gi cc cp nht t cc client khc nhng vic thit lp peer gia cc client l khng cn thit.
Mt route-reflector s kt ni n cc peers m n khng y route n. T quan im ca route-reflector, cc neighbor ny c gi l non-clients. Cc router nonclients phi c kt ni fully-meshed vi cc route-reflector v vi cc non-client khc. Khi mt router cu hnh nh mt route-reflector, n s y nhng ng i c hc t cc iBGP khc ch n cc route-reflector clients v ti cc iBGP/eBGP neighbors. iu ny c ngha l mt thit k hub-and-spoke c th c trin khai trong mt AS gia cc iBGP peers, nh vy gim thiu s session gia cc routers. C route-reflector v cc client ca n hnh thnh nn mt n v chia s thng tin. n v ny gi l cluster.
Mt Autonomous System c th c chia ra thnh cc cluster, trong cc cc cluster s c cc route-reflector c ch nh v cu hnh. Phi c t nht mt route-reflector trong mi cluster. Nu mt route-reflector kt ni n cc route reflector khc, route-reflector phi c fully-meshed. iu ny nhm m bo cc bng iBGP routing l y . Khi mt route-refletor chuyn i mt update, thuc tnh Originator_ID s c thit lp. y l BGP routerID ca router to ra ng i. Nu router ny nhn lI bn update , router s thy ID ca chnh n v s b qua packet. iu ny nhm ngn nga kh nng routing loop. Nu c nhiu route-reflector trong cluster, cc router s phn bit vi nhau bng clusterID. Thng s ny phc v cng mt mc ch nh thuc tnh Originator_ID ngn nga routing loops.
Vi cch dng route-reflector, router ng vai tr route-reflector s tn nhiu ti nguyn hn. Nu cu hnh route-reflector khng chnh xc, n c th gy ra routing-loop. C nhiu mc route-reflector c th c cu hnh bng cch to ra cc thit k theo th bc. Cc router khng l thnh phn ca route-reflector s khng b nh hng trong nhng thay i v thit k v nhng thay i v qu trnh truyn cc cp nht. Thay vo , cc router ny s khng nhn bit c bt c thay i no v n vn nhn c cc update m n cn. Bn thn cc routing update cng khng b thay i bi v khng c s thay i no trong gi tr cc thuc tnh c mang trong cc routing update.
Chnh v cc c im trn, qu trnh chuyn i thit k mt h thng mng no sang dng dng route-reflector th rt d dng. Mt thit k quan trng l bn thn cc route-reflector trong mt AS cng phi fully-meshed. Ngoi ra, mt route-reflector ny c th l client cho mt route-reflector khc. Thit k nh vy kh phc tp v yu cu xem xt cn thn bi v khi cc route-reflector c cu hnh v split horizon b disable, khng cn mt c ch no bo v routing loop.
Hnh 8-4: Thit k Route-reflector
Cc li ch ca route-reflector bao gm
- Kh nng m rng mng
- Thit k mang tnh cu trc cao
- Gim traffic trn mng.
- Gim b nh v CPU cn thit duy tr cc phin TCP session trn cc my iBGP peers.
- Hi t nhanh hn v mng tr nn n gin hn bi v c n hai giao thc nh tuyn c dng: iBGP cho cc thng tin nh tuyn bn ngoi i qua AS; IGP cho cc router bn trong mt AS.
Hnh 8-5: Cu hnh cc route-reflector
Hot ng ca RR:
Mt RR n gin ging nh mt tm gng phn hi cc update t cc client n cc client khc m khng yu cu mt mng phi fully-meshed.
Khi mt RR nhn c mt cp nht:
- Client s chuyn update cho router lng ging ca n, trong trng hp ny l RR
- Mt cp nht t client c nhn t RR v cp nht s c chuyn n cc RR clients cng nh nonclients. Thng s originatorID ban u s b loi tr ra khi cp nht.
- Nu c nhiu ng i nhn c t RR, ng i tt nht s c chn thng qua RR.
- Router duy nht m c update chuyn n n l ngun gc ca route
- Mt nonclient router s chuyn cc cp nht tI cc lng ging ca n, c th l mt RR.
- Mt RR nhn mt update t mt router nonclient v update ch c chuyn n clients
- RR s cp nht c client v non-clients.
Route Refresh
Sau khi thc hin bt k mt cu hnh BGP no, cn phi reset cc phin lm vic TCP sao cho cc thay i c hiu lc. iu ny l do cc qu trnh BGP lu tr ch nhng tin t prefix p dng cho mt chnh sch lit k trc. Nu chnh sch thay i, cc phin TCP phi c kt thc v kt ni li vi cc c im mi. C th dng cc lnh sau
Router#clear ip bgp *
hoc gi mt BGP update n mt neighnor no :
Router#clear ip bgp neighbor-address in
Cng c th cu hnh BGP lu cc mng trc khi policy thay i. Tc v ny r rng i hI nhiu b nh, nhng n cho php cc cu hnh mi c hin thc m khng hy cc session hin c. Lnh di y p dng cho tng neighbor v ch p dng cho cc cp nht theo chiu inbound
Router#neighbor neighbor-address soft-configuration inbound
Router#clear ip bgp neighbor-address soft [inbound]
Peer Groups
Nu khng c peer-group, tt c cc iBGP peer phi c fully meshed nhn cng mt update. iu ny c ngha l mi iBGP router u thc hin cng mt tnh ton, gy lng ph CPU v gii hn kh nng m rng ca iBGP. Khi peer group c cu hnh, tt c cc router bn trong peer group c cng chnh sch i vi bn ngoi, nhng vn cho php cc chnh sch i vo khc nhau c cu hnh trn nhm. C ngha l mt cp nht s c to ra cho c nhm. Kt qu l
- Ph tn qun l c gim i bi v cu hnh l n gin hn, gim thiu kh nng b li
- t i hi ti nguyn CPU, mng hi t nhanh, n nh v tin cy.
Kim sot BGP Traffic
Cc BGP update c th c kim sot. Nhn chung, trong cc giao thc nh tuyn, kim sot cc cp nht l mt vic tt. Vic kim sot cc cp nht gip cho n gin ho h thng mng v d dng bo tr. Vic thit k cc thng tin nh tuyn c chuyn i nh th no cng c xem l mt tc v c bn ca bo mt mng v iu ny gip cho gim nguy c b routing-loop.
C ba cch p t PBR trong BGP:
- Ra quyt nh da trn thuc tnh AS_PATH, thuc tnh community hoc prefix
- T chi hay chp nhn cc routes c chn
- Thit lp cc thuc tnh nh hng n qu trnh chn la ng i.
Qu trnh t chi hay chp nhn cc routes yu cu mt vi dng ca filtering thng qua cc ACL. Tc v filtering khng ch c dng trong PBR m cn kim sot traffic trong mng. C ba dng filtering trong Cisco router:
Access-list cho AS_PATH
c dng lc cc AS. Mt ACL c dng trong BGP s lc cc update c gi t mt router peer trn AS path.
Prefix list
c dng lc cc prefix, c bit trong qu trnh redistribution. T Cisco IOS v.11.2, cc ISP s dng cc prefix-list l mt dng kh hiu qu ca filtering. C ch dng prefix-list da trn prefix ca mt a ch.
Distribute lists
Distribute-list c dng lc cc cp nht. Mc d distribute-list thng c dng trong redistribution, cng c ny khng ch dnh ring cho qu trnh redistribution. N c th p dng cho cc traffic theo chiu inbound v chiu outbound t bt c cc peer no. C prefix-list v distribute-list u lc da trn a ch mng ch khng dng AS_PATH.
Route maps
Route map c dng nh ngha chnh sch nh tuyn. Mt route-map l mt access-list phc tp qua router hot ng khi mt match c nhn dng. Route map c dng trong BGP xc lp cc thuc tnh ca BGP chn ra ng i tt nht.
Prefix List hot ng nh th no?
Prefix-list ch tm kim trn phn network ca mt a ch nn qu trnh tm kim l rt nhanh. iu ny c bit quan trng trong khi tm kim nhng bng nh tuyn kch thc ln trong BGP. Mt thun li khc ca prefix-list l kh nng son tho. Mc dng trong ACL truyn thng vn cho php son tho ng (dng named ACL), prefix-list c th to v s dng d dng. iu ny khng ch ng vi tnh nng son tho m cn vi giao din ci tin.
Trc khi p dng mt prefix-list vo mt qu trnh hay mt cng giao tip, ngi qun tr phi nh ngha cc tiu ch cho access-list. Mi dng trong prefix-list c kt hp vi mt ch s, tng t nh cc dng trong mt chng trnh my tnh. Nu ta khng nhp vo ch s th t (sequence-number), ch s ny s c t ng to ra, vi mi ln tng l 5. Cc s khng c dng, chng hn nh t 1 n 4 cho php cc dng thm vo v sau. Ta c th son tho prefix-list bng cch ch ra ch s dng hoc sequence-number. Kh nng ny l khng c trong ACL.
Prefix-list hot ng bng cch tm cc prefix trong danh sch match vi cc prefix ang kim tra. Nu c mt match xy ra, route s c dng hay b loi b. C th, khi c mt prefix b deny hoc c permit, cc lut sau s c dng
- Nu mt route l permit, route s c dng
- Nu mt route l deny, route s khng c dng
- Kt thc ca mi prefix-list l mt pht biu ngm nh deny. Nh vy, nu cho trc mt prefix m prefix ny khng match vi mt entry trong prefix-list, prefix s b deny theo lut mc nh.
- Nu c nhiu entry trong mt prefix list match vi mt prefix, entry c ch s sequence number nh nht s c dng.
- Router bt u tm kim nh ca prefix-list, vi ch s sequence-number bng 1. Khi mt match l tm thy, qu trnh tm kim kt thc. Thi gian x l s c gim nu cc iu kin match/deny c t u ca danh sch. iu ny ngn nga vic phi x l cc iu kin him khi gp mi khi mt route c kim tra.
- Cc ch s sequence number t ng gia tng theo mc nh. cu hnh sequence-number, dng thng s seq seq-value trong lnh ip prefix-list.
- Ch s sequence number khng cn thit ch ra khi xa mt dng trong cu hnh.
Lm th no cu hnh BGP prefix-list?
Dng lnh sau cu hnh prefix-list:
Router(config-router)#ip prefix-list prefix-list-name [seq seq-value] {deny|permit} network/len [ge ge-value] [le le-value]
Thng s (Parameter)M t (Description)
Prefix-list-nameTn ca prefix-list
[ seq seq-value ]s th t c gn n tiu chun ang nh ngha
{deny | permit}Hnh ng l t chi hoc cho php i vi kt qu
Network/lenchiu di ca prefix phi match
[ge ge] [le le_value]ch ra chiu di ca prefix cn phi match
cu hnh mt router dng prefix-list nh l filter trong distribute-list, dng lnh sau:
Router(config-router)#neighbor {ip address|peer-group} prefix-list prefix-list-name {in|out}
Kt ni Internet dng BGP
Do l giao thc ngoi vng, BGP c dng kt ni n Interner v nh tuyn traffic trn Internet. Do bn cn phi bit mt s tiu ch thit k khi kt ni n mt ngun ti nguyn khng l nh vy. Khi kt ni Internet, mng ca bn tham gia vo mt h thng mng rng ln, v vy bn phi m bo router ca bn khng b qu ti bi lng thng tin. Phn ny kho st hai vn : nhu cu cho cc kt ni d phng (cn gi l multihoming) v nhu cu ra quyt nh s c bao nhiu thng tin nhn t Internet.
Kt ni d phng ra Internet - Multihoming
Mt lng ln cc traffic trn Internet l tm kim ti nguyn. Traffic ny khng ch bao gm email v cc phng tin khc ca giao tip m cn truy cp thng tin t Internet. Ngi qun tr mng phi phi thng xuyn kt ni ti Internet. Nu c nhiu kt ni n Internet, ngi ta gi y l multi-homing. Nguyn nhn c nhiu kt ni n internet th kh r rng. Nu dng nhiu kt ni d phng, ta cn c th trin khai vic chia ti ci tin performance ca h thng mng. C ch multihoming c th bao gm vi kt ni n cng mt nh cung cp dch v hoc bao gm nhiu mc d phng bng cch kt ni n mt nh cung cp dch v ISP khc. C cc mi quan tm sau y khi kt ni n nhiu hn mt ISP:
- Mi nh cung cp dch v c th khng truyn cng cc routes n t Internet. Nu cc nh cung cp dch v gi cng mt subnets ca cc routes c yu cu, s c vn ln pht sinh khi kt ni t mt trong nhng nh cung cp dch v b rt.
- Nu bn kt ni n hai nh cung cp dch v khc nhau, vng AS ca bn c th tr thnh transit AS gia cc ISP. iu ny c th xy ra nu mt router trong AS ca mt nh cung cp dch v tm thy ng i n ch thng qua AS ca mt nh ISP khc. V nu AS ca bn cung cp ng i tt nht n AS ca nh ISP kia.
Cu hnh mc ISP l gii php cho nhng mi quan tm ny v n lin quan n vic thit lp dch v. V vy, bn nn a ra yu cu v multihome khi tho thun vi cc nh cung cp dch v sao cho cc ISP nhn bit v nhu cu cu hnh thm cho bn.
Nhn thng tin nh tuyn t Internet
Khi kt ni ra mt h thng mng ln nh Internet, vi k hoch phi c chun b k. c bit, ngi qun tr cn phi quyt nh nhng updates no l cn gi ra th gii bn ngoi v cc router bn trong mt AS cn phi bit v th gii bn ngoi nh th no.
C 3 gii php chn la route t Internet:
- Chp nhn ch default-route t tt c cc nh cung cp dch v
- Chp nhn mt phn routes bn cnh cc default-routes t cc nh cung cp dch v
- Chp nhn ton b bng nh tuyn t tt c cc nh cung cp dch v
Qu trnh quyt nh th kh r rng: n phi cn bng gia cc ti nguyn mng v thng tin. Tng s thng tin cng nhiu, cng nhiu routes c th c chp nhn t cc nh cung cp dch v.
Routes chp nhn t InternetB nhCPUIGP chn ng i tt nht n default-routeBGP chn la ng i n mng bn ngoing i ra bn ngoi c th hiu chnh thng qua cc thuc tnh BGPAS c gi tt c cc route n ISP?ISP chn ng i v AS?
Cc default routes ch t cc ISPThpThpYesi n gateway gn nht ang qung b ng iNoYesYes
Chn la route v default route t ISPTrung bnh Trung bnhYesYes: thng thng AS path l thuc tnh chn la ng i ra InternetYesYesYes
Nhn y bng nh tuyn t ISPCaoCaoYesYes: thng thng thuc tnh AS_PATH gip chn la ng i ra InternetYesYesYes
Dng thuc tnh Local Preference v trng s weight
Thuc tnh trng s weight s chn la ng i ra khi router khi c nhiu ng i n cng mt a ch ch. Trng s cng cao, ng i cng tt. Lnh ny c tm vc cc b v thuc tnh ny s khng truyn n cc router khc. Thuc tnh ny cng l ca ring Cisco. cu hnh trng s weight, dng lnh sau:
Router(config-router)#neighbor { ip-address | peer-group-name} weight weightRedistribution gia IGP v BGP
Trong trng hp mng khng phi l mt ISP, s c tnh hung l mng ang chy mt IGP trong mt AS. Cc ng i c th c a vo bng nh tuyn t IGP vo BGP hoc t BGP vo IGP.
Qung b route t IGP vo BGP
u tin, hy xem xt qu trnh qung b route vo BGP. C ba cch qung b bng BGP vi cc IGP routes:
- Dng lnh network: lnh ny dng qung b nhng routes c trong bng nh tuyn.
- Redistributing static: mc d bt c tuyn ng tnh no c th c redistribute vo BGP, cc nh tuyn tnh thng c dng to ra cc supernet. nh tuyn tnh l tm tt cc a ch, v d cc a ch lp C vi gi tr prefix-mask bng 16 bit. Summary-route s ch v next-hop l null0. Khi ny s c kh nng to ra cc l en (black-hole) c th lm mt route. Cisco khuyn co rng ta nn dng lnh aggregate-address thay cho cch dng nh tuyn tnh vi null0.
- Redistribute cc route t IGP: cch ny khng c khuyn co v s ph thuc nhiu vo bng BGP. Cc route iBGP s b loi b, nu khng routing loop s xy ra khi cc BGP routes c a vo IGP.
Qung b route t BGP vo IGP
Phn phi cc routes t Internet vo mt h thng mng nh l khng hiu qu. iu ny l do Internet qu rng ln v v do kch thc khng l ca bng nh tuyn ca cc router trn Internet. Khi c khi dng rt nhiu php summary v lc, vn c rt nhiu thng tin phi truyn ti. Bi v ISP thng chy eBGP v iBGP rt nhiu, cc ISP thng chy BGP cho cc routes bn ngoi v dng IGP cho cc routes bn trong. Khng c yu cu phi dng redistribution. Chc nng synchronization th khng cn thit trong kiu mng ny v IGP vn chy theo kiu full-mesh. Nu dng full-mesh hoc RR, lut synchronization c th c tt i. IGP cn phi mang nhng routes i qua cc AS n cc BGP khc. Ngoi ra, bt c thit b no mun kt ni n Internet cn phi c mt default-route hoc cc route ring l n chuyn traffic. Lc ny nn cu hnh cc c ch route-filering, nu khng bng nh tuyn s b qu ti.