らくがきちょう

なんとなく

4 バイト AS な BGP パケットをキャプチャしてみる

4 バイト AS 設定されたルータ間で BGP のパケットをキャプチャしてみました。

構成

以下の構成で検証しました。いずれも Cisco IOS 15.4(1)T を使っています。

f:id:sig9:20150821080258p:plain

全ルータで 4 バイト AS を設定します。R5 で Loopback0 に割り当てた「10.0.99.5/32」を BGP で広報します。それを R1 でパケットをキャプチャし「どのように見えるか?」を確認します。

コンフィグ

4 バイト AS の表記を「ドット区切り」にする為、bgp asnotation dot を設定しています。

R1 のコンフィグ

hostname R1
!
interface Loopback99
 ip address 10.0.99.1 255.255.255.255
!
interface Ethernet0/0
 ip address 10.0.12.1 255.255.255.0
 no shutdown
!
router bgp 100.1
 bgp router-id 10.0.99.1
 bgp asnotation dot
 bgp log-neighbor-changes
 neighbor 10.0.12.2 remote-as 100.2
!
end

R2 のコンフィグ

hostname R2
!
interface Loopback99
 ip address 10.0.99.2 255.255.255.255
!
interface Ethernet0/0
 ip address 10.0.12.2 255.255.255.0
 no shutdown
!
interface Ethernet0/1
 ip address 10.0.23.2 255.255.255.0
 no shutdown
!
router bgp 100.2
 bgp router-id 10.0.99.2
 bgp asnotation dot
 bgp log-neighbor-changes
 neighbor 10.0.12.1 remote-as 100.1
 neighbor 10.0.23.3 remote-as 100.3
!
end

R3 のコンフィグ

hostname R3
!
interface Loopback99
 ip address 10.0.99.3 255.255.255.255
!
interface Ethernet0/1
 ip address 10.0.23.3 255.255.255.0
 no shutdown
!
interface Ethernet0/2
 ip address 10.0.34.3 255.255.255.0
 no shutdown
!
router bgp 100.3
 bgp router-id 10.0.99.3
 bgp asnotation dot
 bgp log-neighbor-changes
 neighbor 10.0.23.2 remote-as 100.2
 neighbor 10.0.34.4 remote-as 100.4
!
end

R4 のコンフィグ

hostname R4
!
interface Loopback99
 ip address 10.0.99.4 255.255.255.255
!
interface Ethernet0/2
 ip address 10.0.34.4 255.255.255.0
 no shutdown
!
interface Ethernet0/3
 ip address 10.0.45.4 255.255.255.0
 no shutdown
!
router bgp 100.4
 bgp router-id 10.0.99.4
 bgp asnotation dot
 bgp log-neighbor-changes
 neighbor 10.0.34.3 remote-as 100.3
 neighbor 10.0.45.5 remote-as 100.5
!
end

R5 のコンフィグ

hostname R5
!
interface Loopback99
 ip address 10.0.99.5 255.255.255.255
!
interface Ethernet0/3
 ip address 10.0.45.5 255.255.255.0
 no shutdown
!
router bgp 100.5
 bgp router-id 10.0.99.5
 bgp asnotation dot
 bgp log-neighbor-changes
 network 10.0.99.5 mask 255.255.255.255
 neighbor 10.0.45.4 remote-as 100.4
!
end

R1 での状態確認

show ip bgp summary の実行結果は以下の通りです。自 AS は「100.1(6,553,601)」、10.0.12.2 側の AS は「100.2(6,553,602)」と設定されていることが分かります。

R1# show ip bgp summary
BGP router identifier 10.0.99.1, local AS number 100.1
BGP table version is 4, main routing table version 4
1 network entries using 140 bytes of memory
1 path entries using 80 bytes of memory
1/1 BGP path/bestpath attribute entries using 144 bytes of memory
1 BGP AS-PATH entries using 40 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 404 total bytes of memory
BGP activity 2/1 prefixes, 2/1 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.0.12.2       4        100.2      12      10        4    0    0 00:06:19        1

show ip bgp neighbors の実行結果は以下の通りです。「Neighbor capabilities:」欄に「Four-octets ASN Capability: advertised and received」とあるので、OPEN Message のやりとりでお互いの Capability を確認し合った結果、「両ルータともに 4 バイト AS 対応している」と認識されていることが分かります。

R1# show ip bgp neighbors
BGP neighbor is 10.0.12.2,  remote AS 100.2, external link
  BGP version 4, remote router ID 10.0.99.2
  BGP state = Established, up for 00:06:39
  Last read 00:00:15, last write 00:00:09, hold time is 180, keepalive interval is 60 seconds
  Neighbor sessions:
    1 active, is not multisession capable (disabled)
  Neighbor capabilities:
    Route refresh: advertised and received(new)
    Four-octets ASN Capability: advertised and received
    Address family IPv4 Unicast: advertised and received
    Enhanced Refresh Capability: advertised and received
    Multisession Capability:
    Stateful switchover support enabled: NO for session 1
  Message statistics:
    InQ depth is 0
    OutQ depth is 0

                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                1          2
    Keepalives:             9          8
    Route Refresh:          0          0
    Total:                 11         13
  Default minimum time between advertisement runs is 30 seconds

 For address family: IPv4 Unicast
  Session: 10.0.12.2
  BGP table version 4, neighbor version 4/0
  Output queue size : 0
  Index 2, Advertise bit 0
  2 update-group member
  Slow-peer detection is disabled
  Slow-peer split-update-group dynamic is disabled
                                 Sent       Rcvd
  Prefix activity:               ----       ----
    Prefixes Current:               0          1 (Consumes 80 bytes)
    Prefixes Total:                 0          1
    Implicit Withdraw:              0          0
    Explicit Withdraw:              0          0
    Used as bestpath:             n/a          1
    Used as multipath:            n/a          0

                                   Outbound    Inbound
  Local Policy Denied Prefixes:    --------    -------
    Bestpath from this peer:              1        n/a
    Total:                                1          0
  Number of NLRIs in the update sent: max 0, min 0
  Last detected as dynamic slow peer: never
  Dynamic slow peer recovered: never
  Refresh Epoch: 2
  Last Sent Refresh Start-of-rib: never
  Last Sent Refresh End-of-rib: never
  Last Received Refresh Start-of-rib: 00:06:39
  Last Received Refresh End-of-rib: 00:06:39
  Refresh-In took 0 seconds
				       Sent	  Rcvd
	Refresh activity:	       ----	  ----
	  Refresh Start-of-RIB          0          1
	  Refresh End-of-RIB            0          1

  Address tracking is enabled, the RIB does have a route to 10.0.12.2
  Connections established 2; dropped 1
  Last reset 00:07:37, due to BGP Notification received, CEASE: unknown subcode
  Transport(tcp) path-mtu-discovery is enabled
  Graceful-Restart is disabled
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
Local host: 10.0.12.1, Local port: 32329
Foreign host: 10.0.12.2, Foreign port: 179
Connection tableid (VRF): 0
Maximum output segment queue size: 50

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0xD5A72):
Timer          Starts    Wakeups            Next
Retrans            11          0             0x0
TimeWait            0          0             0x0
AckHold            10          7             0x0
SendWnd             0          0             0x0
KeepAlive           0          0             0x0
GiveUp              0          0             0x0
PmtuAger            1          0        0x106A4B
DeadWait            0          0             0x0
Linger              0          0             0x0
ProcessQ            0          0             0x0

iss:  476279476  snduna:  476279728  sndnxt:  476279728
irs: 3926202530  rcvnxt: 3926202869

sndwnd:  16133  scale:      0  maxrcvwnd:  16384
rcvwnd:  16046  scale:      0  delrcvwnd:    338

SRTT: 770 ms, RTTO: 2360 ms, RTV: 1590 ms, KRTT: 0 ms
minRTT: 1 ms, maxRTT: 1000 ms, ACK hold: 200 ms
Status Flags: active open
Option Flags: nagle, path mtu capable
IP Precedence value : 6

Datagrams (max data segment is 1460 bytes):
Rcvd: 21 (out of order: 0), with data: 11, total data bytes: 338
Sent: 22 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 11, total data bytes: 251

 Packets received in fast path: 0, fast processed: 0, slow path: 0
 fast lock acquisition failures: 0, slow path: 0
TCP Semaphore      0xF342950C  FREE

show ip bgp の実行結果は以下の通りです。R5 が広報している「10.0.99.5/32」が確認出来ます。

R1# show ip bgp
BGP table version is 4, local router ID is 10.0.99.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>  10.0.99.5/32     10.0.12.2                              0 100.2 100.3 100.4 100.5 i

パケットキャプチャ

R1 でパケットキャプチャした結果は以下の通りです。

OPEN Message

R1 → R2 向きに送信した OPEN Message をキャプチャした結果は以下の通りです。「4 バイト AS」は「4 バイト AS 非対応のルータとも相互運用出来ること」を目指して設計されている為、従来の「My AS」フィールドは(実際の設定に関わらず)常に『23,456』です。Open Message で Optional Parameter(Capability)を交換する際に Type 65 として定義されている「Support for 4-octet AS number capability」を両方のルータで認識出来た場合、4 バイト AS が利用されます。その場合、利用する 4 バイト長の AS 番号は Type 65 の Optional Parameter の中で定義されています。

f:id:sig9:20150821082751p:plain

UPDATE Message

R2 → R1 向きに送信した UPDATE Message をキャプチャした結果は以下の通りです。UPDATE Message 中に含まれる AS Path Attribute も 4 バイト AS で表現されているのが分かります。

f:id:sig9:20150821082758p:plain