BGP后门


如图,R1在AS1中,R2,R3,R4在一个大AS100中(R2,R3在AS23中,R4在AS4中),5在AS5中。BGP后门
R4,R5之间的环回用EIGRP建立邻居关系,R4,R5建立EBGP关系,邻居关系有的时候DOWN,有的时候UP
解决方法–BGP后门
R4#
Apr 12 20:47:46.939: %BGP-5-ADJCHANGE: neighbor 5.5.5.5 Down Peer closed the session
R4#
Apr 12 20:47:49.707: %BGP-5-ADJCHANGE: neighbor 5.5.5.5 Up
R4#
Apr 12 20:47:46.263: %BGP-5-ADJCHANGE: neighbor 4.4.4.4 Down BGP Notification sent
R5#
Apr 12 20:47:46.263: %BGP-3-NOTIFICATION: sent to neighbor 4.4.4.4 4/0 (hold time expired) 0 bytes
R5#
*Apr 12 20:47:49.283: %BGP-5-ADJCHANGE: neighbor 4.4.4.4 Up
R5#
R4#show run | s bgp
router bgp 23
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
network 4.4.4.4 mask 255.255.255.255
neighbor 2.2.2.2 remote-as 23
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 3.3.3.3 remote-as 23
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self
neighbor 5.5.5.5 remote-as 5
neighbor 5.5.5.5 ebgp-multihop 255
neighbor 5.5.5.5 update-source Loopback0
no auto-summary
R4#show run | s eigrp
router eigrp 23
network 4.4.4.4 0.0.0.0
network 24.1.1.4 0.0.0.0
network 34.1.1.4 0.0.0.0
network 45.1.1.4 0.0.0.0
network 45.0.0.0
no auto-summary
R5#show run | s bgp
router bgp 5
no synchronization
bgp log-neighbor-changes
network 5.5.5.5 mask 255.255.255.255
neighbor 4.4.4.4 remote-as 23
neighbor 4.4.4.4 ebgp-multihop 255
neighbor 4.4.4.4 update-source Loopback0
no auto-summary
R5#show run | s ei
R5#show run | s eigr
R5#show run | s eigrp
router eigrp 23
network 5.5.5.5 0.0.0.0
network 45.1.1.5 0.0.0.0
no auto-summary
R5#

solution
R4#show run | s bgp
router bgp 23
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
network 5.5.5.5 mask 255.255.255.255 backdoor
neighbor 2.2.2.2 remote-as 23
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 3.3.3.3 remote-as 23
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self
neighbor 5.5.5.5 remote-as 5
neighbor 5.5.5.5 ebgp-multihop 255
neighbor 5.5.5.5 update-source Loopback0
no auto-summary
R4#show run | s bgp
router bgp 23
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
network 5.5.5.5 mask 255.255.255.255 backdoor
neighbor 2.2.2.2 remote-as 23
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 3.3.3.3 remote-as 23
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self
neighbor 5.5.5.5 remote-as 5
neighbor 5.5.5.5 ebgp-multihop 255
neighbor 5.5.5.5 update-source Loopback0
no auto-summary