technical report for ipv6 routing w/ bgp4+
DESCRIPTION
“BGP4+”を用いた IPv6ルーティング のお勉強メモTRANSCRIPT
“BGP4+”を用いた IPv6ルーティング のお勉強メモ
1
2014.9.14
@ttsubo
疑問点
2
インターネットルーティング入門[第3版] - 5.6項 BGPのIPv6対応 - 5.6.1 BGP4+ Network Address of Next Hopフィールド !
「このフィールドにはNext HopのIPアドレスが入ります。IPv6のインタフェースにはグローバルアドレスとリンクローカルアドレスが付与されますが、そのうちグローバルアドレスだけ、もしくはグローバルアドレスとリンクローカルアドレスの両方をこのフィールドに含めます。」
なぜ、BGP4+のNextHopに、 リンクローカルアドレスが含まれるのか?
3
まずは、Cisco実機でBGP4+の動作を確認してみた。
2001:1:3:3::/64
AS65003側のIPv6プレフィックス情報が、AS65001に経路広告される様子と、各エッジルータで保持している経路情報(採用されたNextHopアドレス)を確認してみた。
”BGP4+”を用いたIPv6プレフィックス経路広告 の振る舞い調査
BGP4+
Native IPv6 (OSPF v3)
Native IPv6 (OSPF v3)
4
mp-eBGP通信(CE3 -> PE7)
2001:1:3:3::/64
調査1
router bgp 65000 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 2001:1:1:3::2 remote-as 65003 neighbor 2001:2:2::FFFF:5 remote-as 65000 neighbor 2001:2:2::FFFF:5 update-source Loopback1 ! address-family ipv4 exit-address-family ! address-family ipv6 neighbor 2001:1:1:3::2 activate neighbor 2001:2:2::FFFF:5 activate neighbor 2001:2:2::FFFF:5 next-hop-self exit-address-family 5
PE7側で取得したmp-eBGP(UPDATE)通信キャプチャ
eBGP区間では、IPv6ユニキャストアドレスに加えて、 LinkLocalアドレスも、NextHopに設定される
CE3#show ipv6 interface brief FastEthernet0/0 [administratively down/down] unassigned FastEthernet1/0 [up/up] FE80::C80D:BFF:FE63:1C 2001:1:1:3::2 FastEthernet1/1 [administratively down/down] unassigned FastEthernet2/0 [up/up] FE80::C80D:BFF:FE63:38 2001:1:3:3::1 FastEthernet2/1 [administratively down/down] unassigned Loopback0 [up/up] unassigned
6
PE7#show bgp ipv6 unicast BGP table version is 15, local router ID is 10.0.1.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found ! Network Next Hop Metric LocPrf Weight Path *>i 2001:1:1:1::/64 2001:2:2::FFFF:1 0 100 0 9598 65001 ? *>i 2001:1:1:2::/64 2001:2:2::FFFF:1 0 100 0 9598 65002 ? r> 2001:1:1:3::/64 2001:1:1:3::2 0 0 65003 ? *>i 2001:1:3:1::/64 2001:2:2::FFFF:1 0 100 0 9598 65001 ? *>i 2001:1:3:2::/64 2001:2:2::FFFF:1 0 100 0 9598 65002 ? *> 2001:1:3:3::/64 2001:1:1:3::2 0 0 65003 ?
PE7でのBGPテーブル上では、NextHopとして、IPv6ユニキャスト アドレスのみ設定されて、LinkLocalアドレスは設定されない。
PE7側でのBGPテーブル確認
7
PE7#show ipv6 route IPv6 Routing Table - default - 20 entries Codes: C - Connected, L - Local, S - Static, U - Per-user Static route B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea IS - ISIS summary, D - EIGRP, EX - EIGRP external, ND - ND Default NDp - ND Prefix, DCE - Destination, NDr - Redirect, l - LISP O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 B 2001:1:1:1::/64 [200/0] via 2001:2:2::FFFF:1 B 2001:1:1:2::/64 [200/0] via 2001:2:2::FFFF:1 C 2001:1:1:3::/64 [0/0] via FastEthernet2/0, directly connected L 2001:1:1:3::1/128 [0/0] via FastEthernet2/0, receive B 2001:1:3:1::/64 [200/0] via 2001:2:2::FFFF:1 B 2001:1:3:2::/64 [200/0] via 2001:2:2::FFFF:1 B 2001:1:3:3::/64 [20/0] via FE80::C80D:BFF:FE63:1C, FastEthernet2/0 !… snip NextHopとして、LinkLocalアドレスが
指定されている!!
PE7側でのIPv6ルーティング確認
8
mp-iBGP通信(PE7 -> ASBR5)
2001:1:3:3::/64
調査2
router bgp 65000 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 2001:1:1:4::1 remote-as 9598 neighbor 2001:2:2::FFFF:5 remote-as 65000 neighbor 2001:2:2::FFFF:5 update-source Loopback1 ! address-family ipv4 exit-address-family ! address-family ipv6 neighbor 2001:1:1:4::1 activate neighbor 2001:2:2::FFFF:5 activate neighbor 2001:2:2::FFFF:5 next-hop-self exit-address-family
RouteReflector経由
9
ASBR5側で取得したmp-iBGP(UPDATE)通信キャプチャ
iBGP区間では、IPv6ユニキャストアドレス(Loopback1)が、 NextHopに設定される
PE7#show ipv6 interface brief FastEthernet0/0 [administratively down/down] unassigned FastEthernet1/0 [up/up] FE80::2 2001:2:2:1::2 FastEthernet1/1 [up/up] FE80::1 2001:2:2:4::1 FastEthernet2/0 [up/up] FE80::C80B:BFF:FE54:38 2001:1:1:3::1 FastEthernet2/1 [administratively down/down] unassigned Loopback0 [up/up] unassigned Loopback1 [up/up] FE80::C80B:BFF:FE54:0 2001:2:2::FFFF:2
10
ASBR5#show bgp ipv6 unicast BGP table version is 15, local router ID is 10.0.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found ! Network Next Hop Metric LocPrf Weight Path *> 2001:1:1:1::/64 2001:1:1:4::1 0 9598 65001 ? *> 2001:1:1:2::/64 2001:1:1:4::1 0 9598 65002 ? *>i 2001:1:1:3::/64 2001:2:2::FFFF:2 0 100 0 65003 ? *> 2001:1:3:1::/64 2001:1:1:4::1 0 9598 65001 ? *> 2001:1:3:2::/64 2001:1:1:4::1 0 9598 65002 ? *>i 2001:1:3:3::/64 2001:2:2::FFFF:2 0 100 0 65003 ?
ASBR5でのBGPテーブル上では、NextHopとして、IPv6ユニキャスト アドレスのみ設定されて、LinkLocalアドレスは設定されない。
ASBR5側でのBGPテーブル確認
11
ASBR5#show ipv6 route IPv6 Routing Table - default - 22 entries Codes: C - Connected, L - Local, S - Static, U - Per-user Static route B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea IS - ISIS summary, D - EIGRP, EX - EIGRP external, ND - ND Default NDp - ND Prefix, DCE - Destination, NDr - Redirect, l - LISP O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 B 2001:1:1:1::/64 [20/0] via FE80::C807:BFF:FE27:38, FastEthernet1/0 B 2001:1:1:2::/64 [20/0] via FE80::C807:BFF:FE27:38, FastEthernet1/0 B 2001:1:1:3::/64 [200/0] via 2001:2:2::FFFF:2 C 2001:1:1:4::/64 [0/0] via FastEthernet1/0, directly connected L 2001:1:1:4::2/128 [0/0] via FastEthernet1/0, receive B 2001:1:3:1::/64 [20/0] via FE80::C807:BFF:FE27:38, FastEthernet1/0 B 2001:1:3:2::/64 [20/0] via FE80::C807:BFF:FE27:38, FastEthernet1/0 B 2001:1:3:3::/64 [200/0] via 2001:2:2::FFFF:2 … snip
NextHopとして、IPv6ユニキャスト アドレスが指定されている!!
ASBR5側でのIPv6ルーティング確認
12
mp-eBGP通信(ASBR5 -> ASBR3)
2001:1:3:3::/64
調査3
router bgp 9598 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 2001:1:1:4::2 remote-as 65000 neighbor 2001:1:2::FFFF:7 remote-as 9598 neighbor 2001:1:2::FFFF:7 update-source Loopback1 ! address-family ipv4 exit-address-family ! address-family ipv6 neighbor 2001:1:1:4::2 activate neighbor 2001:1:2::FFFF:7 activate neighbor 2001:1:2::FFFF:7 next-hop-self exit-address-family 13
ASBR3側で取得したmp-eBGP(UPDATE)通信キャプチャ
ASBR5#show ipv6 interface brief FastEthernet0/0 [administratively down/down] unassigned FastEthernet1/0 [up/up] FE80::C80C:BFF:FE54:1C 2001:1:1:4::2 FastEthernet1/1 [up/up] FE80::1 2001:2:2:1::1 FastEthernet2/0 [up/up] FE80::2 2001:2:2:5::2 FastEthernet2/1 [up/up] FE80::1 2001:2:2:3::1 Loopback0 [up/up] unassigned Loopback1 [up/up] FE80::C80C:BFF:FE54:0 2001:2:2::FFFF:1
14
eBGP区間では、IPv6ユニキャストアドレスに加えて、 LinkLocalアドレスも、NextHopに設定される
ASBR3#show bgp ipv6 unicast BGP table version is 19, local router ID is 10.0.0.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found ! Network Next Hop Metric LocPrf Weight Path *>i 2001:1:1:1::/64 2001:1:2::FFFF:1 0 100 0 65001 ? *>i 2001:1:1:2::/64 2001:1:2::FFFF:4 0 100 0 65002 ? *> 2001:1:1:3::/64 2001:1:1:4::2 0 65000 65003 ? *>i 2001:1:3:1::/64 2001:1:2::FFFF:1 0 100 0 65001 ? *>i 2001:1:3:2::/64 2001:1:2::FFFF:4 0 100 0 65002 ? *> 2001:1:3:3::/64 2001:1:1:4::2 0 65000 65003 ? ASBR3#
ASBR3でのBGPテーブル上では、NextHopとして、IPv6ユニキャスト アドレスのみ設定されて、LinkLocalアドレスは設定されない。
ASBR3側でのBGPテーブル確認
15
ASBR3#show ipv6 route IPv6 Routing Table - default - 26 entries Codes: C - Connected, L - Local, S - Static, U - Per-user Static route B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea IS - ISIS summary, D - EIGRP, EX - EIGRP external, ND - ND Default NDp - ND Prefix, DCE - Destination, NDr - Redirect, l - LISP O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 B 2001:1:1:1::/64 [200/0] via 2001:1:2::FFFF:1 B 2001:1:1:2::/64 [200/0] via 2001:1:2::FFFF:4 B 2001:1:1:3::/64 [20/0] via FE80::C80C:BFF:FE54:1C, FastEthernet2/0 C 2001:1:1:4::/64 [0/0] via FastEthernet2/0, directly connected !… snip !B 2001:1:3:2::/64 [200/0] via 2001:1:2::FFFF:4 B 2001:1:3:3::/64 [20/0] via FE80::C80C:BFF:FE54:1C, FastEthernet2/0 L FF00::/8 [0/0] via Null0, receive
ASBR3側でのIPv6ルーティング確認
16
NextHopとして、LinkLocalアドレスが 指定されている!!
mp-iBGP通信(ASBR3 -> PE1)
2001:1:3:3::/64
調査4
router bgp 9598 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 2001:1:1:1::1 remote-as 65001 neighbor 2001:1:2::FFFF:7 remote-as 9598 neighbor 2001:1:2::FFFF:7 update-source Loopback1 ! address-family ipv4 exit-address-family ! address-family ipv6 neighbor 2001:1:1:1::1 activate neighbor 2001:1:2::FFFF:7 activate neighbor 2001:1:2::FFFF:7 next-hop-self exit-address-family 17
RouteReflector経由
PE1側で取得したmp-iBGP(UPDATE)通信キャプチャ
ASBR3#show ipv6 interface brief FastEthernet0/0 [administratively down/down] unassigned FastEthernet1/0 [up/up] FE80::2 2001:1:2:2::2 FastEthernet1/1 [up/up] FE80::1 2001:1:2:7::1 FastEthernet2/0 [up/up] FE80::C807:BFF:FE27:38 2001:1:1:4::1 FastEthernet2/1 [administratively down/down] unassigned Loopback0 [up/up] unassigned Loopback1 [up/up] FE80::C807:BFF:FE27:0 2001:1:2::FFFF:3
18
iBGP区間では、IPv6ユニキャストアドレス(Loopback1)が、 NextHopに設定される
PE1#show bgp ipv6 unicast BGP table version is 17, local router ID is 10.0.0.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found ! Network Next Hop Metric LocPrf Weight Path r> 2001:1:1:1::/64 2001:1:1:1::1 0 0 65001 ? *>i 2001:1:1:2::/64 2001:1:2::FFFF:4 0 100 0 65002 ? *>i 2001:1:1:3::/64 2001:1:2::FFFF:3 0 100 0 65000 65003 ? *> 2001:1:3:1::/64 2001:1:1:1::1 0 0 65001 ? *>i 2001:1:3:2::/64 2001:1:2::FFFF:4 0 100 0 65002 ? *>i 2001:1:3:3::/64 2001:1:2::FFFF:3 0 100 0 65000 65003 ?
PE1でのBGPテーブル上では、NextHopとして、IPv6ユニキャスト アドレスのみ設定されて、LinkLocalアドレスは設定されない。
PE1側でのBGPテーブル確認
19
PE1#show ipv6 route IPv6 Routing Table - default - 25 entries Codes: C - Connected, L - Local, S - Static, U - Per-user Static route B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea IS - ISIS summary, D - EIGRP, EX - EIGRP external, ND - ND Default NDp - ND Prefix, DCE - Destination, NDr - Redirect, l - LISP O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 C 2001:1:1:1::/64 [0/0] via FastEthernet1/0, directly connected L 2001:1:1:1::2/128 [0/0] via FastEthernet1/0, receive B 2001:1:1:2::/64 [200/0] via 2001:1:2::FFFF:4 B 2001:1:1:3::/64 [200/0] via 2001:1:2::FFFF:3 !… snip !B 2001:1:3:2::/64 [200/0] via 2001:1:2::FFFF:4 B 2001:1:3:3::/64 [200/0] via 2001:1:2::FFFF:3 L FF00::/8 [0/0] via Null0, receive
PE1側でのIPv6ルーティング確認
20
NextHopとして、IPv6ユニキャスト アドレスが指定されている!!
mp-eBGP通信(PE1 -> CE1)
2001:1:3:3::/64
調査5
router bgp 65001 bgp log-neighbor-changes neighbor 2001:1:1:1::2 remote-as 9598 ! address-family ipv4 no neighbor 2001:1:1:1::2 activate exit-address-family ! address-family ipv6 redistribute connected neighbor 2001:1:1:1::2 activate exit-address-family
21
CE1側で取得したmp-eBGP(UPDATE)通信キャプチャ
PE1#show ipv6 interface brief FastEthernet0/0 [administratively down/down] unassigned FastEthernet1/0 [up/up] FE80::C804:BFF:FE18:1C 2001:1:1:1::2 FastEthernet1/1 [up/up] FE80::1 2001:1:2:1::1 FastEthernet2/0 [up/up] FE80::1 2001:1:2:5::1 FastEthernet2/1 [administratively down/down] unassigned Loopback0 [up/up] unassigned Loopback1 [up/up] FE80::C804:BFF:FE18:0 2001:1:2::FFFF:1
22
eBGP区間では、IPv6ユニキャストアドレスに加えて、 LinkLocalアドレスも、NextHopに設定される
CE1#show bgp ipv6 unicast BGP table version is 13, local router ID is 10.10.10.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found ! Network Next Hop Metric LocPrf Weight Path *> 2001:1:1:1::/64 :: 0 32768 ? *> 2001:1:1:2::/64 2001:1:1:1::2 0 9598 65002 ? *> 2001:1:1:3::/64 2001:1:1:1::2 0 9598 65000 65003 ? *> 2001:1:3:1::/64 :: 0 32768 ? *> 2001:1:3:2::/64 2001:1:1:1::2 0 9598 65002 ? *> 2001:1:3:3::/64 2001:1:1:1::2 0 9598 65000 65003 ?
CE1でのBGPテーブル上では、NextHopとして、IPv6ユニキャスト アドレスのみ設定されて、LinkLocalアドレスは設定されない。
CE1側でのBGPテーブル確認
23
CE1#show ipv6 route IPv6 Routing Table - default - 9 entries Codes: C - Connected, L - Local, S - Static, U - Per-user Static route B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea IS - ISIS summary, D - EIGRP, EX - EIGRP external, ND - ND Default NDp - ND Prefix, DCE - Destination, NDr - Redirect, l - LISP O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 C 2001:1:1:1::/64 [0/0] via FastEthernet1/0, directly connected L 2001:1:1:1::1/128 [0/0] via FastEthernet1/0, receive B 2001:1:1:2::/64 [20/0] via FE80::C804:BFF:FE18:1C, FastEthernet1/0 B 2001:1:1:3::/64 [20/0] via FE80::C804:BFF:FE18:1C, FastEthernet1/0 C 2001:1:3:1::/64 [0/0] via FastEthernet1/1, directly connected L 2001:1:3:1::1/128 [0/0] via FastEthernet1/1, receive B 2001:1:3:2::/64 [20/0] via FE80::C804:BFF:FE18:1C, FastEthernet1/0 B 2001:1:3:3::/64 [20/0] via FE80::C804:BFF:FE18:1C, FastEthernet1/0 L FF00::/8 [0/0] via Null0, receive
CE1側でのIPv6ルーティング確認
24
NextHopとして、LinkLocalアドレスが 指定されている!!
25
どうやら、eBGP通信区間でのIPv6ルーティングにおいて、NextHopとして、リンクローカルが使用されるためらしい。
結論
マスタリングTCP/IP[IPv6編] - 5.2項 IPv6のルーティングプロトコル - 5.2.5 BGP4+ ネクストホップに関する情報 !
「BGP4+では、経路のネクストホップの解決にグローバルアドレスとリンクローカルアドレスの双方を利用できます。他のASとのピアを確立する際には、ルータに対向してピア接続を確立することが多いため、リンクローカルアドレスでネクストホップの解決が行われる場合がほとんどです。」