Enterprise core network design analysis-Internal/External Architecture

650) this. width = 650; "src =" http://img1.51cto.com/attachment/201309/113109283.png "title =" Unnamed image .png "/>

1. Network Environment Description

1.1 Region

① The accessibility of routes in the region is provided by its IGP

② The Regional Border Router simultaneously runs the IGP and BGP processes in the region

③ When there are multiple regional border routers in the region, if there is a direct connection link between these routers, a fully interconnected iBGP session is established based on the loopback port.

1.2 core layer

① The core layer device provides accessibility through the core layer IGP

② Establish a fully interconnected iBGP session between devices at the core layer based on the loopback Port

③ Each core layer device runs the IGP process and BGP process on the core layer to establish iBGP and eBGP sessions.

1.3 between region and core layer

① DMZ between the core layer and the region does not participate in any IGP

② Devices in the region arrive at the Internet and use the IGP to deliver the default route.

③ Regional border devices advertise routes in the region to their eBGP peer through announcement or redistribution

1.4 route

1) Number of prefixes

① As the core layer provides intercommunication between regions, all the core layer routers must have a full network

② The Regional Border Router determines whether to accept the full network route according to the policy requirements.

Another more economical approach is that the core layer router issues BGP default routes to the border routers in various regions.

2) necessity of next-hop-self

When creating an iBGP session, you must specify next-hop-self

3) MED

When a region route is directly advertised to the core layer router by the Region Border Router, it carries the MED attribute and affects the entire AS routing of the core layer.

4) AS_PATH

When all routes originating from the region are transmitted to other regions through the core layer, the length of AS_PATH is 2.

5) minor sub-optimal path Problems

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131227/051031M22-1.png "title =" Unnamed image .png "/>

As shown in the figure below, R8 and R9 both pass routes from other regions to R10 through eBGP. By default, the main factor affecting R10 routing is the RID. In this topology, r10 always selects R8 as the next hop to the external Region

Now consider the route from AS 65101, from the topology we can find that the path from R9 to AS 65101 is R9-R3, and the path from R8 to AS 65101 is R8-R6-R4-R3

The solution here is that when R8 and R9 notify AS 65103 of the update, the internal network of AS 65100 should be reflected, you can inherit the metric of the next hop of the route to be advertised as MED.

Configuration example:

R8, R9

Route-map SET_MED permit 1

Set metric-type internal // set the MED value of the BGP Route to the IGP metric of the next hop of the route

!

Router bgp 65100

Neighbor 31.31.1.10 route-map SET_MED out // The MED attribute is carried when an update is sent to R10.

6) bestpath compare-routerid

2. Network Analysis

2.1 Path selection & Routingpolicy

1) default route selection

① The routing of the core layer in the region depends mainly on MED, and MED compares

② In the core layer, when multiple core layer devices advertise the same prefix, it mainly compares the metric of the next hop IGP.

③ When the Regional Border Router selects routes from the core layer, it mainly compares

We recommend that you configure set metric-type internal to reflect the network conditions of the core layer.

2) Route policy deployment

① The routing of the core layer is the same as that of the iBGP core architecture and requires consistency.

② The design of MED can affect the selection of the region border router to the direct connection core layer router and the core layer router to the direct connection area border router.

③ The design of the IGP metric value of the core layer can affect the routing of the core layer router to other core layer routers.

3) mutual access control

In this network environment, the core layer and each region are completely separated. Therefore, routing filtering can be used when the core layer router sends a route update to the border router in the direct connection area to restrict mutual access between regions. This is a better strategy implementation than iBGP core architecture and eBGP core architecture.

2.2 Failure and recovery

1) regional faults

At this time, faults and recovery are mainly affected by IGP convergence speed.

2) faults between the region and the core layer

In this case, the fault will directly lead to an eBGP session interruption, so the link and device redundancy need to be deployed.

In this case, the network convergence speed is affected by the BGP Convergence Speed.

3) core layer faults

A link failure at the core layer may not directly cause iBGP session interruption at the core layer.

Core layer device failure will affect core layer iBGP sessions and eBGP sessions in their direct connection Areas

The convergence speed of the core layer is affected by the IGP and BGP Convergence Speed of the core layer.

2.3 Administrative control

This network architecture completely divides management domains. Different management teams can be responsible for core network management, Region management, and remote site management, which are independent of each other.

Scalability 2.4

1) No additional core devices

In this case, a new eBGP session must be established between the newly connected device and the core-layer device.

Does not increase the number of Route Protocol processes at the core layer.

The increase in the number of BGP sessions is also limited to the core layer devices responsible for accessing the new region.

2) Add new core devices

At this time, the number of iBGP sessions of each core layer device increases, and the size of the core layer increases with complexity.

3. Conclusion

1. BGP is introduced to reduce the number of router prefixes in the region.

② Route selection is mainly affected by the overhead of MED, Next Hop IGP, and RID.

③ The convergence speed of the network varies with different factors.

④ The main advantage of this network architecture is

A. The management domain is clearly divided. The core layer is responsible for Route transmission, and each region is the origin and destination of the route)

B. Easy troubleshooting and policy formulation

C. Compared with the first two architectures, a modular design has excellent scalability.

This article is from the "Thely" blog, please be sure to keep this source http://thely.blog.51cto.com/2695427/1289173