通常,ダイナミックルーティングを利用して経路の切り替わりを制御する場合,タイマーの値を調整して行いますが,せいぜい秒単位での切り替わりが限界です.
BFD(Bidirectional Forwarding Detection)(双方向転送検出)を使うとmsec単位での高速な経路切り替えが可能になるということで,検証.
https://tools.ietf.org/html/rfc5880
BDFには2つのモードがある.
ひとつはAsynchronous mode.
定期的にBFDコントロールパケットを送出し,対向側で受信されなくなったら,セッションダウンとなる.(対向側でダウンと検知する)
二つ目はDemand mode.
このモードは一度BFDセッションが確立されると,対向へのBFDコントロールパケットの送出を止める.
検証で使ったIOSではDemandモードの設定はなさそうだった.なので,Asynchorous Modeで動く.
設定は動かすだけなら凄く簡単.
1.インタフェースにBFDの定義を入れる
2.BFDを適用させるルーティングプロトコルへ設定する
以上の2ステップ.
簡単な構成を組んで動かす.
まずは普通にBGPでルーティングの設定.
テスト環境ではkeepalive 5, holddown 15とした.
R1抜粋
router bgp 64512
bgp log-neighbor-changes
network 10.10.10.0 mask 255.255.255.0
network 192.168.1.0
timers bgp 5 15
neighbor 10.10.10.2 remote-as 64513
neighbor 192.168.1.3 remote-as 64512
neighbor 192.168.1.3 next-hop-self
!
R2抜粋
router bgp 64512
bgp log-neighbor-changes
network 10.10.20.0 mask 255.255.255.0
network 192.168.1.0 route-map ATTACH_MED
timers bgp 5 15
neighbor 10.10.20.2 remote-as 64513
neighbor 192.168.1.2 remote-as 64512
neighbor 192.168.1.2 next-hop-self
!
!
ip access-list standard BGP_MED
permit 192.168.1.0 0.0.0.255
!
!
route-map ATTACH_MED permit 10
match ip address BGP_MED
set metric 10
!
R3抜粋
router bgp 64513
bgp log-neighbor-changes
network 10.10.10.0 mask 255.255.255.0
network 192.168.2.0
timers bgp 5 15
neighbor 10.10.10.1 remote-as 64512
neighbor 192.168.2.3 remote-as 64513
neighbor 192.168.2.3 next-hop-self
!
R4抜粋
router bgp 64513
bgp log-neighbor-changes
network 10.10.20.0 mask 255.255.255.0
network 192.168.2.0 route-map ATTACH_MED
timers bgp 5 15
neighbor 10.10.20.1 remote-as 64512
neighbor 192.168.2.2 remote-as 64513
neighbor 192.168.2.2 next-hop-self
!
!
!
ip access-list standard BGP_MED
permit 192.168.2.0 0.0.0.255
!
!
route-map ATTACH_MED permit 10
match ip address BGP_MED
set metric 10
!
それぞれのルーティングテーブルの状態.
R1#show ip route bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B 10.10.20.0/24 [200/0] via 192.168.1.3, 22:04:03
B 192.168.2.0/24 [20/0] via 10.10.10.2, 22:04:03
R2#show ip route bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B 10.10.10.0/24 [200/0] via 192.168.1.2, 22:04:10
B 192.168.2.0/24 [200/0] via 192.168.1.2, 22:04:01
R3#show ip route bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B 10.10.20.0/24 [200/0] via 192.168.2.3, 22:04:28
B 192.168.1.0/24 [20/0] via 10.10.10.1, 22:04:29
R4#show ip route bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B 10.10.10.0/24 [200/0] via 192.168.2.2, 22:05:38
B 192.168.1.0/24 [200/0] via 192.168.2.2, 22:05:35
PC1~PC2間でPingを打ち続け,R1とR3のリンクをダウンさせる.
R1#show ip bgp neighbors 10.10.10.2 | inc hold time
Last read 00:00:02, last write 00:00:02, hold time is 15, keepalive interval is 5 seconds
Configured hold time is 15, keepalive interval is 5 seconds
なお,BGPの状態は設定通りに15秒keepaliveが無かったらネイバーをダウンとする設定となっている.
結果を見ると
PC1> ping 192.168.2.10 -t -w 10 -i 1000
84 bytes from 192.168.2.10 icmp_seq=1 ttl=62 time=1.646 ms
84 bytes from 192.168.2.10 icmp_seq=2 ttl=62 time=0.435 ms
84 bytes from 192.168.2.10 icmp_seq=3 ttl=62 time=0.541 ms
192.168.2.10 icmp_seq=4 timeout
192.168.2.10 icmp_seq=5 timeout
192.168.2.10 icmp_seq=6 timeout
192.168.2.10 icmp_seq=7 timeout
192.168.2.10 icmp_seq=8 timeout
192.168.2.10 icmp_seq=9 timeout
192.168.2.10 icmp_seq=10 timeout
192.168.2.10 icmp_seq=11 timeout
192.168.2.10 icmp_seq=12 timeout
192.168.2.10 icmp_seq=13 timeout
192.168.2.10 icmp_seq=14 timeout
192.168.2.10 icmp_seq=15 timeout
84 bytes from 192.168.2.10 icmp_seq=16 ttl=61 time=0.447 ms
84 bytes from 192.168.2.10 icmp_seq=17 ttl=61 time=0.490 ms
84 bytes from 192.168.2.10 icmp_seq=18 ttl=61 time=0.510 ms
84 bytes from 192.168.2.10 icmp_seq=19 ttl=61 time=0.460 ms
^C
およそ15秒程度で疎通が回復している.R1でDebugを有効にして状態を確認すると,
R1#show ip bgp neighbors 10.10.10.2 | inc hold time
Last read 00:00:14, last write 00:00:03, hold time is 15, keepalive interval is 5 seconds
Configured hold time is 15, keepalive interval is 5 seconds
R1#show ip bgp neighbors 10.10.10.2 | inc hold time
Configured hold time is 15, keepalive interval is 5 seconds
R1#show ip bgp neighbors 10.10.10.2 | inc hold time
*Mar 29 07:18:51.950: %BGP-3-NOTIFICATION: sent to neighbor 10.10.10.2 4/0 (hold time expired) 0 bytes
*Mar 29 07:18:51.950: %BGP-5-NBR_RESET: Neighbor 10.10.10.2 reset (BGP Notification sent)
*Mar 29 07:18:51.950: BGP(0): no valid path for 192.168.2.0/24
*Mar 29 07:18:51.950: %BGP-5-ADJCHANGE: neighbor 10.10.10.2 Down BGP Notification sent
*Mar 29 07:18:51.950: %BGP_SESSION-5-ADJCHANGE: neighbor 10.10.10.2 IPv4 Unicast topology base removed from session BGP Notification sent
R1#show ip bgp neighbors 10.10.10.2 | inc hold time
Configured hold time is 15, keepalive interval is 5 seconds
R1#
とちゃんと15秒で切り替わる動きをしている.
ここでBFDの定義を入れる.
Cisco IOSではインタフェース単位やテンプレートを作成してそれを元に画一的な定義を管理することができる.今回はシンプルにインタフェース事に設定する.
BFDの動作に関する主な設定パラメータは以下の通り.
interval min-tx milliseconds min-rx milliseconds multiplier multiplier-value
「min-tx」で送信間隔,「min-rx」で受信間隔,「multiplier」でダウン検知とするkeepaliveパケットの数を指定する.
R1抜粋
interface Ethernet0/0
ip address 10.10.10.1 255.255.255.0
bfd interval 100 min_rx 100 multiplier 3 #追加
!
interface Ethernet0/1
ip address 192.168.1.2 255.255.255.0
standby 1 ip 192.168.1.1
standby 1 preempt delay minimum 5
bfd interval 100 min_rx 100 multiplier 3 #追加
!
!
!
router bgp 64512
bgp log-neighbor-changes
network 10.10.10.0 mask 255.255.255.0
network 192.168.1.0
timers bgp 5 15
neighbor 10.10.10.2 remote-as 64513
neighbor 10.10.10.2 fall-over bfd #追加
neighbor 192.168.1.3 remote-as 64512
neighbor 192.168.1.3 fall-over bfd #追加
neighbor 192.168.1.3 next-hop-self
!
R2抜粋
interface Ethernet0/0
ip address 10.10.20.1 255.255.255.0
bfd interval 100 min_rx 100 multiplier 3 #追加
!
interface Ethernet0/1
ip address 192.168.1.3 255.255.255.0
standby 1 ip 192.168.1.1
standby 1 priority 10
standby 1 preempt delay minimum 5
bfd interval 100 min_rx 100 multiplier 3 #追加
!
!
!
router bgp 64512
bgp log-neighbor-changes
network 10.10.20.0 mask 255.255.255.0
network 192.168.1.0
timers bgp 5 15
neighbor 10.10.20.2 remote-as 64513
neighbor 10.10.20.2 fall-over bfd #追加
neighbor 10.10.20.2 route-map ATTACH_MED out
neighbor 192.168.1.2 remote-as 64512
neighbor 192.168.1.2 fall-over bfd #追加
!
R3抜粋
interface Ethernet0/0
ip address 10.10.10.2 255.255.255.0
bfd interval 100 min_rx 100 multiplier 3 #追加
!
interface Ethernet0/1
ip address 192.168.2.2 255.255.255.0
standby 1 ip 192.168.2.1
standby 1 preempt delay minimum 3
bfd interval 100 min_rx 100 multiplier 3 #追加
!
!
!
router bgp 64513
bgp log-neighbor-changes
network 10.10.10.0 mask 255.255.255.0
network 192.168.2.0
timers bgp 5 15
neighbor 10.10.10.1 remote-as 64512
neighbor 10.10.10.1 fall-over bfd #追加
neighbor 192.168.2.3 remote-as 64513
neighbor 192.168.2.3 fall-over bfd #追加
neighbor 192.168.2.3 next-hop-self
R4抜粋
interface Ethernet0/0
ip address 10.10.20.2 255.255.255.0
bfd interval 100 min_rx 100 multiplier 3 #追加
!
interface Ethernet0/1
ip address 192.168.2.3 255.255.255.0
standby 1 ip 192.168.2.1
standby 1 priority 10
standby 1 preempt delay minimum 30
bfd interval 100 min_rx 100 multiplier 3 #追加
!
!
!
router bgp 64513
bgp log-neighbor-changes
network 10.10.20.0 mask 255.255.255.0
timers bgp 5 15
neighbor 10.10.20.1 remote-as 64512
neighbor 10.10.20.1 fall-over bfd #追加
neighbor 10.10.20.1 route-map ATTACH_MED out
neighbor 192.168.2.2 remote-as 64513
neighbor 192.168.2.2 fall-over bfd #追加
neighbor 192.168.2.2 next-hop-self
ステータス確認.(R1~R3間)
R1#show bfd neighbors details
IPv4 Sessions
NeighAddr LD/RD RH/RS State Int
10.10.10.2 4/4 Up Up Et0/0
Session state is UP and using echo function with 100 ms interval.
Session Host: Software
OurAddr: 10.10.10.1
Handle: 2
Local Diag: 0, Demand mode: 0, Poll bit: 0
MinTxInt: 1000000, MinRxInt: 1000000, Multiplier: 3
Received MinRxInt: 1000000, Received Multiplier: 3
Holddown (hits): 0(0), Hello (hits): 1000(612)
Rx Count: 617, Rx Interval (ms) min/max/avg: 1/1008/879 last: 681 ms ago
Tx Count: 613, Tx Interval (ms) min/max/avg: 755/1005/884 last: 681 ms ago
Elapsed time watermarks: 0 0 (last: 0)
Registered protocols: BGP
Uptime: 00:09:02
Last packet: Version: 1 - Diagnostic: 0
State bit: Up - Demand bit: 0
Poll bit: 0 - Final bit: 0
C bit: 0
Multiplier: 3 - Length: 24
My Discr.: 4 - Your Discr.: 4
Min tx interval: 1000000 - Min rx interval: 1000000
Min Echo interval: 100000
先ほどと同様にR1~R3間のインタフェースをダウンさせる.
PC1> ping 192.168.2.10 -t -w 10 -i 1000
84 bytes from 192.168.2.10 icmp_seq=1 ttl=62 time=0.480 ms
84 bytes from 192.168.2.10 icmp_seq=2 ttl=62 time=0.391 ms
84 bytes from 192.168.2.10 icmp_seq=3 ttl=62 time=0.478 ms
84 bytes from 192.168.2.10 icmp_seq=4 ttl=62 time=0.501 ms
84 bytes from 192.168.2.10 icmp_seq=5 ttl=62 time=0.414 ms
84 bytes from 192.168.2.10 icmp_seq=6 ttl=62 time=0.366 ms
84 bytes from 192.168.2.10 icmp_seq=7 ttl=62 time=0.412 ms
84 bytes from 192.168.2.10 icmp_seq=8 ttl=62 time=0.527 ms
84 bytes from 192.168.2.10 icmp_seq=9 ttl=62 time=0.439 ms
84 bytes from 192.168.2.10 icmp_seq=10 ttl=62 time=0.380 ms
84 bytes from 192.168.2.10 icmp_seq=11 ttl=62 time=0.499 ms
84 bytes from 192.168.2.10 icmp_seq=12 ttl=62 time=0.442 ms
84 bytes from 192.168.2.10 icmp_seq=13 ttl=62 time=0.420 ms
84 bytes from 192.168.2.10 icmp_seq=14 ttl=62 time=0.506 ms
84 bytes from 192.168.2.10 icmp_seq=15 ttl=62 time=0.495 ms
84 bytes from 192.168.2.10 icmp_seq=16 ttl=62 time=0.424 ms
84 bytes from 192.168.2.10 icmp_seq=17 ttl=62 time=0.445 ms
84 bytes from 192.168.2.10 icmp_seq=18 ttl=61 time=0.423 ms
84 bytes from 192.168.2.10 icmp_seq=19 ttl=61 time=0.653 ms
84 bytes from 192.168.2.10 icmp_seq=20 ttl=61 time=0.518 ms
84 bytes from 192.168.2.10 icmp_seq=21 ttl=61 time=0.677 ms
84 bytes from 192.168.2.10 icmp_seq=22 ttl=61 time=0.714 ms
84 bytes from 192.168.2.10 icmp_seq=23 ttl=61 time=0.690 ms
84 bytes from 192.168.2.10 icmp_seq=24 ttl=61 time=0.832 ms
84 bytes from 192.168.2.10 icmp_seq=25 ttl=61 time=0.741 ms
84 bytes from 192.168.2.10 icmp_seq=26 ttl=61 time=0.743 ms
84 bytes from 192.168.2.10 icmp_seq=27 ttl=61 time=0.693 ms
84 bytes from 192.168.2.10 icmp_seq=28 ttl=61 time=0.673 ms
84 bytes from 192.168.2.10 icmp_seq=29 ttl=61 time=0.630 ms
^C
R1のデバッグログ
R1#
*Mar 29 07:36:15.391: %BGP-5-NBR_RESET: Neighbor 10.10.10.2 reset (BFD adjacency down)
*Mar 29 07:36:15.395: BGP(0): no valid path for 192.168.2.0/24
*Mar 29 07:36:15.395: %BGP-5-ADJCHANGE: neighbor 10.10.10.2 Down BFD adjacency down
*Mar 29 07:36:15.395: %BGP_SESSION-5-ADJCHANGE: neighbor 10.10.10.2 IPv4 Unicast topology base removed from session BFD adjacency down
R1#
*Mar 29 07:36:15.400: BGP: topo global:IPv4 Unicast:base Remove_fwdroute for 192.168.2.0/24
*Mar 29 07:36:15.400: BGP(0): (base) 192.168.1.3 send unreachable (format) 192.168.2.0/24
*Mar 29 07:36:15.400: BGP(0): 192.168.1.3 rcvd UPDATE w/ attr: nexthop 192.168.1.3, origin i, localpref 100, metric 10, merged path 64513, AS_PATH
*Mar 29 07:36:15.400: BGP(0): 192.168.1.3 rcvd 192.168.2.0/24
*Mar 29 07:36:15.400: BGP(0): Revise route installing 1 of 1 routes for 192.168.2.0/24 -> 192.168.1.3(global) to main IP table
msecで切り替わるので,ログからは分からないが,インタフェースが落ちた瞬間にこのログが流れ見た目上もPingのパケロスは発生しなかった.ちなみにインタフェースの切り戻りにおいてはBFDは効果がなく,BGPのタイマーに従って経路が戻る.これはBFDはルーティングプロトコルありきで動作する補助プロトコルであるためだと思われる.BGPのネイバーが張られるまではBFDもアップにならない.
R1#show bfd summary
Session Up Down
Total 1 1 0
R1#
*Mar 29 08:08:01.616: %BGP-5-ADJCHANGE: neighbor 10.10.10.2 Up
*Mar 29 08:08:01.617: BGP(0): (base) 10.10.10.2 send UPDATE (format) 192.168.2.0/24, next 10.10.10.1, metric 10, path 64513
*Mar 29 08:08:01.617: BGP(0): (base) 10.10.10.2 send UPDATE (format) 10.10.20.0/24, next 10.10.10.1, metric 0, path Local
*Mar 29 08:08:01.617: BGP(0): (base) 10.10.10.2 send UPDATE (format) 192.168.1.0/24, next 10.10.10.1, metric 0, path Local
*Mar 29 08:08:01.618: BGP(0): 10.10.10.2 rcv UPDATE w/ attr: nexthop 10.10.10.2, origin i, originator 0.0.0.0, merged path 64513 64512, AS_PATH , community , extended community , SSA attribute
*Mar 29 08:08:01.618: BGPSSA ssacount is 0
*Mar 29 08:08:01.618: BGP(0): 10.10.10.2 rcv UPDATE about 192.168.1.0/24 -- DENIED due to: AS-PATH contains our own AS;
*Mar 29 08:08:01.618: BGP(0): 10.10.10.2 rcvd UPDATE w/ attr: nexthop 10.10.10.2, origin i, merged path 64513, AS_PATH
*Mar 29 08:08:01.618: BGP(0): 10.10.10.2 rcvd 10.10.20.0/24
*Mar 29 08:08:01.618: BGP(0): 10.10.10.2 rcvd UPDATE w/ attr: nexthop 10.10.10.2, origin i, metric 0, merged path 64513, AS_PATH
*Mar 29 08:08:01.618: BGP(0): 10.10.10.2 rcvd 10.10.10.0/24
*Mar 29 08:08:01.618: BGP(0): 10.10.10.2 rcvd 192.168.2.0/24
*Mar 29 08:08:01.618: BGP(0): Revise route installing 1 of 1 routes for 192.168.2.0/24 -> 10.10.10.2(global) to main IP table
R1#
*Mar 29 08:08:01.618: BGP(0): 192.168.1.3 NEXT_HOP is set to self for net 192.168.2.0/24,
*Mar 29 08:08:01.618: BGP(0): (base) 192.168.1.3 send UPDATE (format) 192.168.2.0/24, next 192.168.1.2, metric 0, path 64513
*Mar 29 08:08:01.623: BGP(0): 192.168.1.3 rcv UPDATE about 192.168.2.0/24 -- withdrawn
R1#
R1#show bfd summary
Session Up Down
Total 2 2 0
R1#