OpenStack之BGP动态路由

BGP动态路由可将self-service(私有)网络的前缀信息通告给支持BGP的物理网络设备,如routers,可消除到传统的静态路由的依赖。此特性依赖于OpenStack官方项目文档 address scopes中的地址信息,并需要正确部署的相关知识。

BGP动态路由有一个服务插件和一个代理组成。服务插件实现Networking服务扩展,代理管理BGP对端会话。云管理员使用CLI或者API创建并配置一个BGP speaker,并受到调度它到一个或多个运行代理的主机上。代理可驻留在具有/无其他Networking服务代理的主机上。前者通告依赖于BGP speaker的外部网络,外部网络地址范围和内部IP地址区间或子网的组合。

BGP dynamic routing overview

:

虽然self-service网络通常为IPv4子网使用私有IP地址区间(RFC1918)。BGP动态路由协议可通过任何IPv4地址区间。

示例配置

示例配置包括以下的组件:

  • One BGP agent.

  • 一个地址范畴,包括provider网络的IP地址段 203.0.113.0/24,以及self-service网络地址段: 192.0.2.0/25 和 192.0.2.128/25。

  • 一个使用IP地址段 203.0.113.0/24的provider网络。

  • 三个 self-service 网络.

    • Self-service 网络 1 和 2 使用以上地址范畴内的IP地址段。

    • Self-service 网络 3 使用一个唯一的IP地址段 198.51.100.0/24,用于验证BGP speaker没有通告地址范畴之外的前缀。

  • 三个 routers。每个 router 连接一个 self-service 网络到 provider network。

    • Router 1 包含 IP 地址 203.0.113.11 和 192.0.2.1

    • Router 2 包含 IP 地址 203.0.113.12 和 192.0.2.129

    • Router 3 包含 IP 地址 203.0.113.13 和 198.51.100.1

:

示例配置假设足够了解以下部分:Networking服务,routing和BGP。Networking服务的基础配置,可参见OpenStack项目官方文档deploy. 更多关于BGP的信息,可参考 RFC 4271.

控制节点 Controller node

  • 在文件 “neutron.conf” 中, 使能传统的 layer-3 和 BGP 动态路由服务插件:

    [DEFAULT]
    service_plugins = neutron_dynamic_routing.services.bgp.bgp_plugin.BgpPlugin,neutron.services.l3_router.l3_router_plugin.L3RouterPlugin

Agent nodes

  • 在文件 “bgp_dragent.ini” 中:

    • 配置驱动程序.

      [BGP]
      bgp_speaker_driver = neutron_dynamic_routing.services.bgp.agent.driver.ryu.driver.RyuBgpDriver

:

  此代理目前仅支持Ryu BGP驱动.
  • 配置 router ID.

    [BGP]
    bgp_router_id = ROUTER_ID

    替换“ROUTER_ID”为一个合适的32-bit值,典型的是运行代理的主机IPv4地址。例如, 192.0.2.2。

验证服务操作

#. Source the administrative project credentials.
#. 验证每个BGP动态路由代理是否存在及工作情况.

  $ neutron agent-list --agent-type="BGP dynamic routing agent"
  +--------------------------------------+---------------------------+------------+-------------------+-------+----------------+---------------------------+
  | id                                   | agent_type                | host       | availability_zone | alive | admin_state_up | binary                    |
  +--------------------------------------+---------------------------+------------+-------------------+-------+----------------+---------------------------+
  | 37729181-2224-48d8-89ef-16eca8e2f77e | BGP dynamic routing agent | controller |                   | :-)   | True           | neutron-bgp-dragent       |
  +--------------------------------------+---------------------------+------------+-------------------+-------+----------------+---------------------------+

创建地址范畴和子网池

  1. 创建地址scope范畴. provider (外部) 和 self-service 网络必须属于相同的地址范畴,以便代理通告self-service网络前缀。

    $ openstack address scope create --share --ip-version 4 bgp

    ±-----------±-------------------------------------+
    | Field | Value |
    ±-----------±-------------------------------------+
    | headers | |
    | id | f71c958f-dbe8-49a2-8fb9-19c5f52a37f1 |
    | ip_version | 4 |
    | name | bgp |
    | project_id | 86acdbd1d72745fd8e8320edd7543400 |
    | shared | True |
    ±-----------±-------------------------------------+

  2. 创建子网池. provider 和 self-service 网络使用不同的池.

    • 创建 provider 网络池.
        $ openstack subnet pool create --pool-prefix 203.0.113.0/24 \
          --address-scope bgp provider

        +-------------------+--------------------------------------+
        | Field             | Value                                |
        +-------------------+--------------------------------------+
        | address_scope_id  | f71c958f-dbe8-49a2-8fb9-19c5f52a37f1 |
        | created_at        | 2017-01-12T14:58:57Z                 |
        | default_prefixlen | 8                                    |
        | default_quota     | None                                 |
        | description       |                                      |
        | headers           |                                      |
        | id                | 63532225-b9a0-445a-9935-20a15f9f68d1 |
        | ip_version        | 4                                    |
        | is_default        | False                                |
        | max_prefixlen     | 32                                   |
        | min_prefixlen     | 8                                    |
        | name              | provider                             |
        | prefixes          | 203.0.113.0/24                       |
        | project_id        | 86acdbd1d72745fd8e8320edd7543400     |
        | revision_number   | 1                                    |
        | shared            | False                                |
        | tags              | []                                   |
        | updated_at        | 2017-01-12T14:58:57Z                 |
        +-------------------+--------------------------------------+
  • 创建 self-service 网络池.

    $ openstack subnet pool create --pool-prefix 192.0.2.0/25
    –pool-prefix 192.0.2.128/25 --address-scope bgp
    –share selfservice

    ±------------------±-------------------------------------+
    | Field | Value |
    ±------------------±-------------------------------------+
    | address_scope_id | f71c958f-dbe8-49a2-8fb9-19c5f52a37f1 |
    | created_at | 2017-01-12T15:02:31Z |
    | default_prefixlen | 8 |
    | default_quota | None |
    | description | |
    | headers | |
    | id | 8d8270b1-b194-4b7e-914c-9c741dcbd49b |
    | ip_version | 4 |
    | is_default | False |
    | max_prefixlen | 32 |
    | min_prefixlen | 8 |
    | name | selfservice |
    | prefixes | 192.0.2.0/25, 192.0.2.128/25 |
    | project_id | 86acdbd1d72745fd8e8320edd7543400 |
    | revision_number | 1 |
    | shared | True |
    | tags | [] |
    | updated_at | 2017-01-12T15:02:31Z |
    ±------------------±-------------------------------------+

创建 provider 和 self-service 网络

  1. 创建 provider 网络.
      $ openstack network create provider --external --provider-physical-network \
        provider --provider-network-type flat
      Created a new network:
      +---------------------------+--------------------------------------+
      | Field                     | Value                                |
      +---------------------------+--------------------------------------+
      | admin_state_up            | UP                                   |
      | availability_zone_hints   |                                      |
      | availability_zones        |                                      |
      | created_at                | 2016-12-21T08:47:41Z                 |
      | description               |                                      |
      | headers                   |                                      |
      | id                        | 190ca651-2ee3-4a4b-891f-dedda47974fe |
      | ipv4_address_scope        | None                                 |
      | ipv6_address_scope        | None                                 |
      | is_default                | False                                |
      | mtu                       | 1450                                 |
      | name                      | provider                             |
      | port_security_enabled     | True                                 |
      | project_id                | c961a8f6d3654657885226378ade8220     |
      | provider:network_type     | flat                                 |
      | provider:physical_network | provider                             |
      | provider:segmentation_id  | 66                                   |
      | revision_number           | 3                                    |
      | router:external           | External                             |
      | shared                    | False                                |
      | status                    | ACTIVE                               |
      | subnets                   |                                      |
      | tags                      | []                                   |
      | updated_at                | 2016-12-21T08:47:41Z                 |
      +---------------------------+--------------------------------------+
  1. 在provider网络上创建一个子网,其使用来自provider子网池的IP地址段.
      $ openstack subnet create --subnet-pool provider \
        --prefix-length 24 --gateway 203.0.113.1 --network provider \
        --allocation-pool start=203.0.113.11,end=203.0.113.254 provider
      +-------------------+--------------------------------------+
      | Field             | Value                                |
      +-------------------+--------------------------------------+
      | allocation_pools  | 203.0.113.11-203.0.113.254           |
      | cidr              | 203.0.113.0/24                       |
      | created_at        | 2016-03-17T23:17:16                  |
      | description       |                                      |
      | dns_nameservers   |                                      |
      | enable_dhcp       | True                                 |
      | gateway_ip        | 203.0.113.1                          |
      | host_routes       |                                      |
      | id                | 8ed65d41-2b2a-4f3a-9f92-45adb266e01a |
      | ip_version        | 4                                    |
      | ipv6_address_mode | None                                 |
      | ipv6_ra_mode      | None                                 |
      | name              | provider                             |
      | network_id        | 68ec148c-181f-4656-8334-8f4eb148689d |
      | project_id        | b3ac05ef10bf441fbf4aa17f16ae1e6d     |
      | segment_id        | None                                 |
      | service_types     |                                      |
      | subnetpool_id     | 3771c0e7-7096-46d3-a3bd-699c58e70259 |
      | tags              |                                      |
      | updated_at        | 2016-03-17T23:17:16                  |
      +-------------------+--------------------------------------+

:

 IP地址分配池由“.11”开始提高了图标的清晰度。你可安全的忽略它。
  1. 创建 self-service 网络.
      $ openstack network create selfservice1
      Created a new network:
      +---------------------------+--------------------------------------+
      | Field                     | Value                                |
      +---------------------------+--------------------------------------+
      | admin_state_up            | UP                                   |
      | availability_zone_hints   |                                      |
      | availability_zones        |                                      |
      | created_at                | 2016-12-21T08:49:38Z                 |
      | description               |                                      |
      | headers                   |                                      |
      | id                        | 9d842606-ef3d-4160-9ed9-e03fa63aed96 |
      | ipv4_address_scope        | None                                 |
      | ipv6_address_scope        | None                                 |
      | mtu                       | 1450                                 |
      | name                      | selfservice1                         |
      | port_security_enabled     | True                                 |
      | project_id                | c961a8f6d3654657885226378ade8220     |
      | provider:network_type     | vxlan                                |
      | provider:physical_network | None                                 |
      | provider:segmentation_id  | 106                                  |
      | revision_number           | 3                                    |
      | router:external           | Internal                             |
      | shared                    | False                                |
      | status                    | ACTIVE                               |
      | subnets                   |                                      |
      | tags                      | []                                   |
      | updated_at                | 2016-12-21T08:49:38Z                 |
      +---------------------------+--------------------------------------+
      $ openstack network create selfservice2
      Created a new network:
      +---------------------------+--------------------------------------+
      | Field                     | Value                                |
      +---------------------------+--------------------------------------+
      | admin_state_up            | UP                                   |
      | availability_zone_hints   |                                      |
      | availability_zones        |                                      |
      | created_at                | 2016-12-21T08:50:05Z                 |
      | description               |                                      |
      | headers                   |                                      |
      | id                        | f85639e1-d23f-438e-b2b1-f40570d86b1c |
      | ipv4_address_scope        | None                                 |
      | ipv6_address_scope        | None                                 |
      | mtu                       | 1450                                 |
      | name                      | selfservice2                         |
      | port_security_enabled     | True                                 |
      | project_id                | c961a8f6d3654657885226378ade8220     |
      | provider:network_type     | vxlan                                |
      | provider:physical_network | None                                 |
      | provider:segmentation_id  | 21                                   |
      | revision_number           | 3                                    |
      | router:external           | Internal                             |
      | shared                    | False                                |
      | status                    | ACTIVE                               |
      | subnets                   |                                      |
      | tags                      | []                                   |
      | updated_at                | 2016-12-21T08:50:05Z                 |
      +---------------------------+--------------------------------------+
      $ openstack network create selfservice3
      Created a new network:
      +---------------------------+--------------------------------------+
      | Field                     | Value                                |
      +---------------------------+--------------------------------------+
      | admin_state_up            | UP                                   |
      | availability_zone_hints   |                                      |
      | availability_zones        |                                      |
      | created_at                | 2016-12-21T08:50:35Z                 |
      | description               |                                      |
      | headers                   |                                      |
      | id                        | eeccdb82-5cf4-4999-8ab3-e7dc99e7d43b |
      | ipv4_address_scope        | None                                 |
      | ipv6_address_scope        | None                                 |
      | mtu                       | 1450                                 |
      | name                      | selfservice3                         |
      | port_security_enabled     | True                                 |
      | project_id                | c961a8f6d3654657885226378ade8220     |
      | provider:network_type     | vxlan                                |
      | provider:physical_network | None                                 |
      | provider:segmentation_id  | 86                                   |
      | revision_number           | 3                                    |
      | router:external           | Internal                             |
      | shared                    | False                                |
      | status                    | ACTIVE                               |
      | subnets                   |                                      |
      | tags                      | []                                   |
      | updated_at                | 2016-12-21T08:50:35Z                 |
      +---------------------------+--------------------------------------+
  1. 在前两个self-service网络上创建子网,使用来自self-service子网池的IP地址段.
      $ openstack subnet create --network selfservice1 --subnet-pool selfservice \
        --prefix-length 25 selfservice1
      +-------------------+----------------------------------------------------+
      | Field             | Value                                              |
      +-------------------+----------------------------------------------------+
      | allocation_pools  | 192.0.2.2-192.0.2.127                              |
      | cidr              | 192.0.2.0/25                                       |
      | created_at        | 2016-03-17T23:20:20                                |
      | description       |                                                    |
      | dns_nameservers   |                                                    |
      | enable_dhcp       | True                                               |
      | gateway_ip        | 198.51.100.1                                       |
      | host_routes       |                                                    |
      | id                | 8edd3dc2-df40-4d71-816e-a4586d61c809               |
      | ip_version        | 4                                                  |
      | ipv6_address_mode |                                                    |
      | ipv6_ra_mode      |                                                    |
      | name              | selfservice1                                       |
      | network_id        | be79de1e-5f56-11e6-9dfb-233e41cec48c               |
      | project_id        | b3ac05ef10bf441fbf4aa17f16ae1e6d                   |
      | revision_number   | 1                                                  |
      | subnetpool_id     | c7e9737a-cfd3-45b5-a861-d1cee1135a92               |
      | tags              | []                                                 |
      | tenant_id         | b3ac05ef10bf441fbf4aa17f16ae1e6d                   |
      | updated_at        | 2016-03-17T23:20:20                                |
      +-------------------+----------------------------------------------------+
      $ openstack subnet create --network selfservice2 --subnet-pool selfservice \
        --prefix-length 25 selfservice2
      +-------------------+------------------------------------------------+
      | Field             | Value                                          |
      +-------------------+------------------------------------------------+
      | allocation_pools  | 192.0.2.130-192.0.2.254                        |
      | cidr              | 192.0.2.128/25                                 |
      | created_at        | 2016-03-17T23:20:20                            |
      | description       |                                                |
      | dns_nameservers   |                                                |
      | enable_dhcp       | True                                           |
      | gateway_ip        | 192.0.2.129                                    |
      | host_routes       |                                                |
      | id                | 8edd3dc2-df40-4d71-816e-a4586d61c809           |
      | ip_version        | 4                                              |
      | ipv6_address_mode |                                                |
      | ipv6_ra_mode      |                                                |
      | name              | selfservice2                                   |
      | network_id        | c1fd9846-5f56-11e6-a8ac-0f998d9cc0a2           |
      | project_id        | b3ac05ef10bf441fbf4aa17f16ae1e6d               |
      | revision_number   | 1                                              |
      | subnetpool_id     | c7e9737a-cfd3-45b5-a861-d1cee1135a92           |
      | tags              | []                                             |
      | tenant_id         | b3ac05ef10bf441fbf4aa17f16ae1e6d               |
      | updated_at        | 2016-03-17T23:20:20                            |
      +-------------------+------------------------------------------------+
  1. 在最后一个self-service网络上创建子网,使用来自地址scope范畴之外的IP地址段.
      $ openstack subnet create --network selfservice3 --prefix 198.51.100.0/24 subnet3
      +-------------------+----------------------------------------------------+
      | Field             | Value                                              |
      +-------------------+----------------------------------------------------+
      | allocation_pools  | 198.51.100.2-198.51.100.254                        |
      | cidr              | 198.51.100.0/24                                    |
      | created_at        | 2016-03-17T23:20:20                                |
      | description       |                                                    |
      | dns_nameservers   |                                                    |
      | enable_dhcp       | True                                               |
      | gateway_ip        | 198.51.100.1                                       |
      | host_routes       |                                                    |
      | id                | cd9f9156-5f59-11e6-aeec-172ec7ee939a               |
      | ip_version        | 4                                                  |
      | ipv6_address_mode |                                                    |
      | ipv6_ra_mode      |                                                    |
      | name              | selfservice3                                       |
      | network_id        | c283dc1c-5f56-11e6-bfb6-efc30e1eb73b               |
      | project_id        | b3ac05ef10bf441fbf4aa17f16ae1e6d                   |
      | revision_number   | 1                                                  |
      | subnetpool_id     |                                                    |
      | tags              | []                                                 |
      | tenant_id         | b3ac05ef10bf441fbf4aa17f16ae1e6d                   |
      | updated_at        | 2016-03-17T23:20:20                                |
      +-------------------+----------------------------------------------------+

创建并配置 routers

  1. 创建 routers.
      $ openstack router create router1
      +-------------------------+--------------------------------------+
      | Field                   | Value                                |
      +-------------------------+--------------------------------------+
      | admin_state_up          | UP                                   |
      | availability_zone_hints |                                      |
      | availability_zones      |                                      |
      | created_at              | 2017-01-10T13:15:19Z                 |
      | description             |                                      |
      | distributed             | False                                |
      | external_gateway_info   | null                                 |
      | flavor_id               | None                                 |
      | ha                      | False                                |
      | headers                 |                                      |
      | id                      | 3f6f4ef8-63be-11e6-bbb3-2fbcef363ab8 |
      | name                    | router1                              |
      | project_id              | b3ac05ef10bf441fbf4aa17f16ae1e6d     |
      | revision_number         | 1                                    |
      | routes                  |                                      |
      | status                  | ACTIVE                               |
      | tags                    | []                                   |
      | updated_at              | 2017-01-10T13:15:19Z                 |
      +-------------------------+--------------------------------------+
      $ openstack router create router2
      +-------------------------+--------------------------------------+
      | Field                   | Value                                |
      +-------------------------+--------------------------------------+
      | admin_state_up          | UP                                   |
      | availability_zone_hints |                                      |
      | availability_zones      |                                      |
      | created_at              | 2017-01-10T13:15:19Z                 |
      | description             |                                      |
      | distributed             | False                                |
      | external_gateway_info   | null                                 |
      | flavor_id               | None                                 |
      | ha                      | False                                |
      | headers                 |                                      |
      | id                      | 3fd21a60-63be-11e6-9c95-5714c208c499 |
      | name                    | router2                              |
      | project_id              | b3ac05ef10bf441fbf4aa17f16ae1e6d     |
      | revision_number         | 1                                    |
      | routes                  |                                      |
      | status                  | ACTIVE                               |
      | tags                    | []                                   |
      | updated_at              | 2017-01-10T13:15:19Z                 |
      +-------------------------+--------------------------------------+
      $ openstack router create router3
      +-------------------------+--------------------------------------+
      | Field                   | Value                                |
      +-------------------------+--------------------------------------+
      | admin_state_up          | UP                                   |
      | availability_zone_hints |                                      |
      | availability_zones      |                                      |
      | created_at              | 2017-01-10T13:15:19Z                 |
      | description             |                                      |
      | distributed             | False                                |
      | external_gateway_info   | null                                 |
      | flavor_id               | None                                 |
      | ha                      | False                                |
      | headers                 |                                      |
      | id                      | 40069a4c-63be-11e6-9ecc-e37c1eaa7e84 |
      | name                    | router3                              |
      | project_id              | b3ac05ef10bf441fbf4aa17f16ae1e6d     |
      | revision_number         | 1                                    |
      | routes                  |                                      |
      | status                  | ACTIVE                               |
      | tags                    | []                                   |
      | updated_at              | 2017-01-10T13:15:19Z                 |
      +-------------------------+--------------------------------------+
  1. 为每个 router, 添加一个self-service子网作为router的一个接口.
      $ openstack router add subnet router1 selfservice1

      $ openstack router add subnet router2 selfservice2

      $ openstack router add subnet router3 selfservice3
  1. 添加 provider 网络作为每个router的网关.
      $ openstack router set --external-gateway provider router1

      $ openstack router set --external-gateway provider router2

      $ openstack router set --external-gateway provider router3

创建并配置BGP speaker

BGP speaker为合适的self-service网络通告下一跳IP地址,为使用这些网络的实例通告浮动IP地址。

  1. 创建 BGP speaker.
      $ neutron bgp-speaker-create --ip-version 4 \
        --local-as LOCAL_AS bgpspeaker
      Created a new bgp_speaker:
      +-----------------------------------+--------------------------------------+
      | Field                             | Value                                |
      +-----------------------------------+--------------------------------------+
      | advertise_floating_ip_host_routes | True                                 |
      | advertise_tenant_networks         | True                                 |
      | id                                | 5f227f14-4f46-4eca-9524-fc5a1eabc358 |
      | ip_version                        | 4                                    |
      | local_as                          | 1234                                 |
      | name                              | bgpspeaker                           |
      | networks                          |                                      |
      | peers                             |                                      |
      | tenant_id                         | b3ac05ef10bf441fbf4aa17f16ae1e6d     |
      +-----------------------------------+--------------------------------------+

替换“LOCAL_AS”为适合的本地自治系统号。本示例配置使用 AS 1234.

  1. BGP speaker要求关联与provider网络以决定合适的前缀信息。此关联构建了一个所有网关在provider和self-service网络上的虚拟routers列表,这些网络位于相同的地址scope范畴,所以BGP speaker可通告self-service网络前缀,并且相应的router作为下一跳IP地址。关联BGP speaker到provider网络:
      $ neutron bgp-speaker-network-add bgpspeaker provider
      Added network provider to BGP speaker bgpspeaker.
  1. 验证provider网络与BGP speaker的关联.
      $ neutron bgp-speaker-show bgpspeaker
      +-----------------------------------+--------------------------------------+
      | Field                             | Value                                |
      +-----------------------------------+--------------------------------------+
      | advertise_floating_ip_host_routes | True                                 |
      | advertise_tenant_networks         | True                                 |
      | id                                | 5f227f14-4f46-4eca-9524-fc5a1eabc358 |
      | ip_version                        | 4                                    |
      | local_as                          | 1234                                 |
      | name                              | bgpspeaker                           |
      | networks                          | 68ec148c-181f-4656-8334-8f4eb148689d |
      | peers                             |                                      |
      | tenant_id                         | b3ac05ef10bf441fbf4aa17f16ae1e6d     |
      +-----------------------------------+--------------------------------------+
  1. 验证BGP speaker通告的前缀和下一跳IP地址。
      $ neutron bgp-speaker-advertiseroute-list bgpspeaker
      +-----------------+--------------+
      | destination     | next_hop     |
      +-----------------+--------------+
      | 192.0.2.0/25    | 203.0.113.11 |
      | 192.0.2.128/25  | 203.0.113.12 |
      +-----------------+--------------+
  1. 创建BGP peer.
      $ neutron bgp-peer-create --peer-ip 192.0.2.1 \
        --remote-as REMOTE_AS bgppeer
      Created a new bgp_peer:
      +-----------+--------------------------------------+
      | Field     | Value                                |
      +-----------+--------------------------------------+
      | auth_type | none                                 |
      | id        | 35c89ca0-ac5a-4298-a815-0b073c2362e9 |
      | name      | bgppeer                              |
      | peer_ip   | 192.0.2.1                            |
      | remote_as | 4321                                 |
      | tenant_id | b3ac05ef10bf441fbf4aa17f16ae1e6d     |
      +-----------+--------------------------------------+

替换“REMOTE_AS”为合适的远端自治系统号。此配置示例使用AS 4321,其触发EBGP peering。

:

 包含BGP代理的主机必须由到provider router的 layer-3 连通性。
  1. 为BGP speaker添加一个BGP peer.
      $ neutron bgp-speaker-peer-add bgpspeaker bgppeer
      Added BGP peer bgppeer to BGP speaker bgpspeaker.
  1. 验证BGP speaker的BGP peer的添加.
      $ neutron bgp-speaker-show bgpspeaker
      +-----------------------------------+--------------------------------------+
      | Field                             | Value                                |
      +-----------------------------------+--------------------------------------+
      | advertise_floating_ip_host_routes | True                                 |
      | advertise_tenant_networks         | True                                 |
      | id                                | 5f227f14-4f46-4eca-9524-fc5a1eabc358 |
      | ip_version                        | 4                                    |
      | local_as                          | 1234                                 |
      | name                              | bgpspeaker                           |
      | networks                          | 68ec148c-181f-4656-8334-8f4eb148689d |
      | peers                             | 35c89ca0-ac5a-4298-a815-0b073c2362e9 |
      | tenant_id                         | b3ac05ef10bf441fbf4aa17f16ae1e6d     |
      +-----------------------------------+--------------------------------------+

:

 在创建了一个peer会话之后,你不能修改本地或远端的自治系统号。

调度BGP speaker到代理

  1. 不像大多数的代理, BGP speakers 要求手动调度到一个代理。BGP speaker仅在调度到代理之后开启peer会话和前缀通告。调度BGP speaker到代理“37729181-2224-48d8-89ef-16eca8e2f77e”.
    $ neutron bgp-dragent-speaker-add 37729181-2224-48d8-89ef-16eca8e2f77e bgpspeaker
    Associated BGP speaker bgpspeaker to the Dynamic Routing agent.
  1. 验证BGP speaker是否调度到代理.
      $ neutron bgp-dragent-list-hosting-speaker bgpspeaker
      +--------------------------------------+------------+----------------+-------+
      | id                                   | host       | admin_state_up | alive |
      +--------------------------------------+------------+----------------+-------+
      | 37729181-2224-48d8-89ef-16eca8e2f77e | controller | True           | :-)   |
      +--------------------------------------+------------+----------------+-------+

      $ neutron bgp-speaker-list-on-dragent 37729181-2224-48d8-89ef-16eca8e2f77e
      +--------------------------------------+------------+----------+------------+
      | id                                   | name       | local_as | ip_version |
      +--------------------------------------+------------+----------+------------+
      | 5f227f14-4f46-4eca-9524-fc5a1eabc358 | bgpspeaker |     1234 |          4 |
      +--------------------------------------+------------+----------+------------+

前缀通告

BGP动态路由协议为self-service网络通告前缀,为浮动IP地址通告主机路由。

self-service网络的通告要求满足以下的条件:

  • 外部网络 和 self-service 网络驻留在相同的地址scope中.

  • router包含self-service网络上的接口,以及外部网络上的网关.

  • BGP speaker 关联与为router提供网关的外部网络.

  • BGP speaker 的 “advertise_tenant_networks” 属性设置为 “True”.

Example of prefix advertisements with self-service networks

浮动IP地址的通告需要满足以下的条件:

  • 具有浮动IP地址绑定的router包含位于外部网络的网关,并且BGP speaker关联与此外部网络.

  • BGP speaker 的 “advertise_floating_ip_host_routes” 属性设置为 “True”.

Example of prefix advertisements with floating IP addresses

Operation with Distributed Virtual Routers (DVR)

在使用DVR的部署中,BGP speaker通告浮动IP地址和self-service网络的有所不同。对于浮动IP地址,BGP speaker通告相应计算节点上的浮动IP代理网关地址作为下一跳IP地址。对于使用SNAT的self-service网络,BGP speaker通告DVR SNAT节点作为下一跳IP地址。

例如,考虑以下的组件:

  1. 使用IP地址段 203.0.113.0/24 的provider 网络, 并支持浮动IP地址:203.0.113.101, 203.0.113.102, 和 203.0.113.103.

  2. 使用IP地址段 198.51.100.0/24 的 self-service 网络.

  3. 驻留在203.0.113.11上的SNAT网关.

  4. 浮动IP代理网关 (每个计算节点一个) 驻留在: 203.0.113.12, 203.0.113.13, 和 203.0.113.14 上.

  5. 三个实例,每个计算节点上一个,每个有一个浮动IP地址.

    $ neutron bgp-speaker-advertiseroute-list bgpspeaker
    +------------------+--------------+
    | destination      | next_hop     |
    +------------------+--------------+
    | 198.51.100.0/24  | 203.0.113.11 |
    | 203.0.113.101/32 | 203.0.113.12 |
    | 203.0.113.102/32 | 203.0.113.13 |
    | 203.0.113.103/32 | 203.0.113.14 |
    +------------------+--------------+

:

DVR缺少对通过浮动IP代理网关端口路由到固定IP地址的支持,所以阻止BGP speaker通告固定IP地址。

你可以标识你的环境中的浮动IP代理网关,以帮助验证BGP speaker的行为.

   $ openstack port list --device-owner network:floatingip_agent_gateway
   +--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------------------------+
   | ID                                   | Name | MAC Address       | Fixed IP Addresses                                                                                     |
   +--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------------------------+
   | 87cf2970-4970-462e-939e-00e808295dfa |      | fa:16:3e:7c:68:e3 | ip_address='203.0.113.12', subnet_id='8ed65d41-2b2a-4f3a-9f92-45adb266e01a'                            |
   | 8d218440-0d2e-49d0-8a7b-3266a6146dc1 |      | fa:16:3e:9d:78:cf | ip_address='203.0.113.13', subnet_id='8ed65d41-2b2a-4f3a-9f92-45adb266e01a'                            |
   | 87cf2970-4970-462e-939e-00e802281dfa |      | fa:16:3e:6b:18:e0 | ip_address='203.0.113.14', subnet_id='8ed65d41-2b2a-4f3a-9f92-45adb266e01a'                            |
   +--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------------------------+

IPv6

BGP动态路由协议支持建立IPv6 peer即通过IPv6前缀。

  • 为启用IPv6 peering, 创建BGP peer,并且在“peer_ip”字段使用IPv6地址。.

  • 为开启IPv6前缀通告,创建地址scope,其“ip_version=6” 并且 BGP speaker 设置 “ip_version=6”.

:

DVR的IPv6功能与DVR的IPv4功能类似.

高可靠性 High availability

BGP动态路由协议支持调度BGP speaker到多个代理上,这将使多个前缀通过给相同的peer。如果一个代理失败,peer可继续接受其它运行的代理的通告。

#. 显示可用的动态路由代理.

  $ neutron agent-list --agent-type="BGP dynamic routing agent"
  +--------------------------------------+---------------------------+----------+-------------------+-------+----------------+---------------------------+
  | id                                   | agent_type                | host     | availability_zone | alive | admin_state_up | binary                    |
  +--------------------------------------+---------------------------+----------+-------------------+-------+----------------+---------------------------+
  | 37729181-2224-48d8-89ef-16eca8e2f77e | BGP dynamic routing agent | bgp-ha1  |                   | :-)   | True           | neutron-bgp-dragent       |
  | 1a2d33bb-9321-30a2-76ab-22eff3d2f56a | BGP dynamic routing agent | bgp-ha2  |                   | :-)   | True           | neutron-bgp-dragent       |
  +--------------------------------------+---------------------------+----------+-------------------+-------+----------------+---------------------------+

#. 调度 BGP speaker 到多个代理.

  $ neutron bgp-dragent-speaker-add 37729181-2224-48d8-89ef-16eca8e2f77e bgpspeaker
  Associated BGP speaker bgpspeaker to the Dynamic Routing agent.

  $ neutron bgp-dragent-speaker-add 1a2d33bb-9321-30a2-76ab-22eff3d2f56a bgpspeaker
  Associated BGP speaker bgpspeaker to the Dynamic Routing agent.

  $ neutron bgp-dragent-list-hosting-speaker bgpspeaker
  +--------------------------------------+---------+----------------+-------+
  | id                                   | host    | admin_state_up | alive |
  +--------------------------------------+---------+----------------+-------+
  | 37729181-2224-48d8-89ef-16eca8e2f77e | bgp-ha1 | True           | :-)   |
  | 1a2d33bb-9321-30a2-76ab-22eff3d2f56a | bgp-ha2 | True           | :-)   |
  +--------------------------------------+---------+----------------+-------+

  $ neutron bgp-speaker-list-on-dragent 37729181-2224-48d8-89ef-16eca8e2f77e
  +--------------------------------------+------------+----------+------------+
  | id                                   | name       | local_as | ip_version |
  +--------------------------------------+------------+----------+------------+
  | 5f227f14-4f46-4eca-9524-fc5a1eabc358 | bgpspeaker |     1234 |          4 |
  +--------------------------------------+------------+----------+------------+

  $ neutron bgp-speaker-list-on-dragent 1a2d33bb-9321-30a2-76ab-22eff3d2f56a
  +--------------------------------------+------------+----------+------------+
  | id                                   | name       | local_as | ip_version |
  +--------------------------------------+------------+----------+------------+
  | 5f227f14-4f46-4eca-9524-fc5a1eabc358 | bgpspeaker |     1234 |          4 |
  +--------------------------------------+------------+----------+------------+
已标记关键词 清除标记
©️2020 CSDN 皮肤主题: 编程工作室 设计师:CSDN官方博客 返回首页