BGP 구현 및 실습
1. 네트워크 구성 개요
- AS 10 : R4, R6, R7 (녹색 영역)
- AS 20 : R3, R5 (청록색 영역)
- AS 30 : R1, R2 (자주색 영역)
2. 각 라우터 구성 코드
R1 구성 (AS 30)
Router1>enable Router1#configure terminal Router1(config)# hostname R1 R1(config)# interface Loopback0 R1(config-if)# ip address 201.12.1.1 255.255.255.0 R1(config-if)# ip ospf 1 area 1 R1(config-if)# exit R1(config)# interface Ethernet0/1 R1(config-if)# ip address 192.168.1.2 255.255.255.0 R1(config-if)# ip ospf 1 area 1 R1(config-if)# no shutdown R1(config-if)# exit R1(config)# router ospf 1 R1(config-router)# network 192.168.1.0 0.0.0.255 area 1 R1(config-router)# network 201.12.1.0 0.0.0.255 area 1 R1(config-router)# exit R1(config)# router bgp 30 R1(config-router)# no synchronization R1(config-router)# bgp log-neighbor-changes R1(config-router)# network 201.12.1.0 R1(config-router)# neighbor 192.168.1.1 remote-as 30 R1(config-router)# neighbor 192.168.1.1 next-hop-self R1(config-router)# no auto-summary R1(config-router)# exit R1(config)# exit R1# write memory
R2 구성 (AS 30)
Router2>enable Router2#configure terminal Router2(config)# hostname R2 R2(config)# interface Loopback0 R2(config-if)# ip address 201.12.2.1 255.255.255.0 R2(config-if)# ip ospf 1 area 1 R2(config-if)# exit R2(config)# interface Ethernet0/0 R2(config-if)# ip address 123.234.23.1 255.255.255.0 R2(config-if)# no shutdown R2(config-if)# exit R2(config)# interface Ethernet0/1 R2(config-if)# ip address 192.168.1.1 255.255.255.0 R2(config-if)# ip ospf 1 area 1 R2(config-if)# no shutdown R2(config-if)# exit R2(config)# interface Ethernet0/2 R2(config-if)# ip address 123.234.24.1 255.255.255.0 R2(config-if)# no shutdown R2(config-if)# exit R2(config)# router ospf 1 R2(config-router)# network 192.168.1.0 0.0.0.255 area 1 R2(config-router)# network 201.12.2.0 0.0.0.255 area 1 R2(config-router)# exit R2(config)# router bgp 30 R2(config-router)# no synchronization R2(config-router)# bgp log-neighbor-changes R2(config-router)# network 123.234.23.0 R2(config-router)# network 123.234.24.0 R2(config-router)# network 201.12.2.0 R2(config-router)# neighbor 123.234.23.2 remote-as 20 R2(config-router)# neighbor 123.234.24.2 remote-as 10 R2(config-router)# neighbor 192.168.1.2 remote-as 30 R2(config-router)# neighbor 192.168.1.2 next-hop-self R2(config-router)# neighbor 123.234.23.2 dont-capability-negotiate R2(config-router)# neighbor 123.234.24.2 dont-capability-negotiate R2(config-router)# no auto-summary R2(config-router)# exit R2(config)# exit R2# write memory
R3 구성 (AS 20)
Router3>enable Router3#configure terminal Router3(config)# hostname R3 R3(config)# interface Loopback0 R3(config-if)# ip address 201.35.3.1 255.255.255.0 R3(config-if)# ip ospf 1 area 1 R3(config-if)# exit R3(config)# interface Ethernet0/0 R3(config-if)# ip address 123.234.23.2 255.255.255.0 R3(config-if)# no shutdown R3(config-if)# exit R3(config)# interface Ethernet0/1 R3(config-if)# ip address 123.234.34.1 255.255.255.0 R3(config-if)# no shutdown R3(config-if)# exit R3(config)# interface Ethernet0/2 R3(config-if)# ip address 192.168.1.1 255.255.255.0 R3(config-if)# ip ospf 1 area 1 R3(config-if)# no shutdown R3(config-if)# exit R3(config)# router ospf 1 R3(config-router)# network 192.168.1.0 0.0.0.255 area 1 R3(config-router)# network 201.35.3.0 0.0.0.255 area 1 R3(config-router)# exit R3(config)# router bgp 20 R3(config-router)# no synchronization R3(config-router)# bgp log-neighbor-changes R3(config-router)# network 123.234.23.0 R3(config-router)# network 123.234.34.0 R3(config-router)# network 201.35.3.0 R3(config-router)# neighbor 123.234.23.1 remote-as 30 R3(config-router)# neighbor 123.234.34.2 remote-as 10 R3(config-router)# neighbor 192.168.1.2 remote-as 20 R3(config-router)# neighbor 192.168.1.2 next-hop-self R3(config-router)# neighbor 123.234.23.1 dont-capability-negotiate R3(config-router)# neighbor 123.234.34.2 dont-capability-negotiate R3(config-router)# no auto-summary R3(config-router)# exit R3(config)# exit R3# write memory
R4 구성 (AS 10)
Router4>enable Router4#configure terminal Router4(config)# hostname R4 R4(config)# interface Loopback0 R4(config-if)# ip address 201.46.4.1 255.255.255.0 R4(config-if)# ip ospf 1 area 1 R4(config-if)# exit R4(config)# interface Ethernet0/0 R4(config-if)# ip address 192.168.1.1 255.255.255.0 R4(config-if)# ip ospf 1 area 1 R4(config-if)# no shutdown R4(config-if)# exit R4(config)# interface Ethernet0/1 R4(config-if)# ip address 123.234.34.2 255.255.255.0 R4(config-if)# no shutdown R4(config-if)# exit R4(config)# interface Ethernet0/2 R4(config-if)# ip address 123.234.24.2 255.255.255.0 R4(config-if)# no shutdown R4(config-if)# exit R4(config)# router ospf 1 R4(config-router)# network 192.168.1.0 0.0.0.255 area 1 R4(config-router)# network 201.46.4.0 0.0.0.255 area 1 R4(config-router)# exit R4(config)# router bgp 10 R4(config-router)# no synchronization R4(config-router)# bgp log-neighbor-changes R4(config-router)# network 123.234.24.0 R4(config-router)# network 123.234.34.0 R4(config-router)# network 201.46.4.0 R4(config-router)# neighbor 123.234.24.1 remote-as 30 R4(config-router)# neighbor 123.234.34.1 remote-as 20 R4(config-router)# neighbor 192.168.1.2 remote-as 10 R4(config-router)# neighbor 192.168.2.2 remote-as 10 R4(config-router)# neighbor 192.168.1.2 next-hop-self R4(config-router)# neighbor 192.168.2.2 next-hop-self R4(config-router)# neighbor 123.234.24.1 dont-capability-negotiate R4(config-router)# neighbor 123.234.34.1 dont-capability-negotiate R4(config-router)# neighbor 192.168.1.2 dont-capability-negotiate R4(config-router)# neighbor 192.168.2.2 dont-capability-negotiate R4(config-router)# no auto-summary R4(config-router)# exit R4(config)# exit R4# write memory
R5 구성 (AS 20)
Router5>enable Router5#configure terminal Router5(config)# hostname R5 R5(config)# interface Loopback0 R5(config-if)# ip address 201.35.5.1 255.255.255.0 R5(config-if)# ip ospf 1 area 1 R5(config-if)# exit R5(config)# interface Ethernet0/2 R5(config-if)# ip address 192.168.1.2 255.255.255.0 R5(config-if)# ip ospf 1 area 1 R5(config-if)# no shutdown R5(config-if)# exit R5(config)# router ospf 1 R5(config-router)# network 192.168.1.0 0.0.0.255 area 1 R5(config-router)# network 201.35.5.0 0.0.0.255 area 1 R5(config-router)# exit R5(config)# router bgp 20 R5(config-router)# no synchronization R5(config-router)# bgp log-neighbor-changes R5(config-router)# network 201.35.5.0 R5(config-router)# neighbor 192.168.1.1 remote-as 20 R5(config-router)# neighbor 192.168.1.1 next-hop-self R5(config-router)# neighbor 192.168.1.1 dont-capability-negotiate R5(config-router)# no auto-summary R5(config-router)# exit R5(config)# exit R5# write memory
R6 구성 (AS 10)
Router6>enable Router6#configure terminal Router6(config)# hostname R6 R6(config)# interface Loopback0 R6(config-if)# ip address 201.46.6.1 255.255.255.0 R6(config-if)# ip ospf 1 area 1 R6(config-if)# exit R6(config)# interface Loopback1 R6(config-if)# ip address 201.67.6.1 255.255.255.0 R6(config-if)# ip ospf 1 area 1 R6(config-if)# exit R6(config)# interface Ethernet0/0 R6(config-if)# ip address 192.168.1.2 255.255.255.0 R6(config-if)# ip ospf 1 area 1 R6(config-if)# no shutdown R6(config-if)# exit R6(config)# interface Ethernet0/1 R6(config-if)# ip address 192.168.2.1 255.255.255.0 R6(config-if)# ip ospf 1 area 1 R6(config-if)# no shutdown R6(config-if)# exit R6(config)# router ospf 1 R6(config-router)# network 192.168.1.0 0.0.0.255 area 1 R6(config-router)# network 192.168.2.0 0.0.0.255 area 1 R6(config-router)# network 201.46.6.0 0.0.0.255 area 1 R6(config-router)# network 201.67.6.0 0.0.0.255 area 1 R6(config-router)# exit R6(config)# router bgp 10 R6(config-router)# no synchronization R6(config-router)# bgp log-neighbor-changes R6(config-router)# network 201.46.6.0 R6(config-router)# network 201.67.6.0 R6(config-router)# neighbor 192.168.1.1 remote-as 10 R6(config-router)# neighbor 192.168.2.2 remote-as 10 R6(config-router)# neighbor 192.168.1.1 next-hop-self R6(config-router)# neighbor 192.168.2.2 next-hop-self R6(config-router)# neighbor 192.168.1.1 dont-capability-negotiate R6(config-router)# neighbor 192.168.2.2 dont-capability-negotiate R6(config-router)# no auto-summary R6(config-router)# exit R6(config)# exit R6# write memory
R7 구성 (AS 10)
Router7>enable Router7#configure terminal Router7(config)# hostname R7 R7(config)# interface Loopback0 R7(config-if)# ip address 201.67.7.1 255.255.255.0 R7(config-if)# ip ospf 1 area 1 R7(config-if)# exit R7(config)# interface Ethernet0/1 R7(config-if)# ip address 192.168.2.2 255.255.255.0 R7(config-if)# ip ospf 1 area 1 R7(config-if)# no shutdown R7(config-if)# exit R7(config)# router ospf 1 R7(config-router)# network 192.168.2.0 0.0.0.255 area 1 R7(config-router)# network 201.67.7.0 0.0.0.255 area 1 R7(config-router)# exit R7(config)# router bgp 10 R7(config-router)# no synchronization R7(config-router)# bgp log-neighbor-changes R7(config-router)# network 201.67.7.0 R7(config-router)# neighbor 192.168.1.1 remote-as 10 R7(config-router)# neighbor 192.168.2.1 remote-as 10 R7(config-router)# neighbor 192.168.1.1 dont-capability-negotiate R7(config-router)# neighbor 192.168.2.1 dont-capability-negotiate R7(config-router)# no auto-summary R7(config-router)# exit R7(config)# exit R7# write memory
3. 문제 해결 요소
- BGP 세션 안정화: 모든 피어 관계에 `dont-capability-negotiate` 옵션 추가
- next-hop-self 설정: iBGP 피어가 외부 네트워크에 직접 접근할 수 없을 때 next-hop 사용
4. 검증 방법
- BGP 연결 상태 확인
R1# show ip bgp Network Next Hop Metric LocPrf Weight Path *> 201.12.1.0 0.0.0.0 0 32768 i *>i 201.12.2.0 192.168.1.1 0 100 0 i *>i 201.35.3.0 123.234.23.2 0 100 0 20 i *>i 201.35.5.0 123.234.23.2 0 100 0 20 i *>i 201.46.4.0 123.234.24.2 0 100 0 10 i *>i 201.46.6.0 123.234.24.2 0 100 0 10 i *>i 201.67.6.0 123.234.24.2 0 100 0 10 i *>i 201.67.7.0 123.234.24.2 0 100 0 10 i - ping test
ping 201.67.7.1 source 201.12.1.1 (R1에서 R7으로 ping) R1# ping 201.67.7.1 source 201.12.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 201.67.7.1, timeout is 2 seconds: Packet sent with a source address of 201.12.1.1 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms