\u67d0\u4f01\u4e1a\u5b58\u5728\u4e09\u6761\u51fa\u53e3\u94fe\u8def\uff1a\u7535\u4fe1CN2\u4f18\u5316\u7ebf\u8def\u3001\u8054\u901aIPLC\u4e13\u7ebf\u3001\u79fb\u52a8CMI\u76f4\u8fde\u3002\u76d1\u63a7\u6570\u636e\u663e\u793a\uff0c\u8bbf\u95ee\u67d0\u5883\u5916\u670d\u52a1\u65f6\u5ef6\u8fdf\u4ece80ms\u98d9\u5347\u5230130ms\uff0c\u4f46\u901a\u8fc7VPN\u62e8\u5230\u5883\u5916\u8282\u70b9\u7684\u6d4b\u8bd5\u7ed3\u679c\u4ecd\u7ef4\u630180ms\u5de6\u53f3\u3002\u4e1a\u52a1\u5f71\u54cd\u9762\u4ec5\u9650\u4e8e\u8be5\u7279\u5b9a\u670d\u52a1\uff0c\u975e\u5168\u5c40\u6027\u6545\u969c\u3002<\/p>\n
\u8fd9\u4e2a\u95ee\u9898\u6709\u51e0\u4e2a\u5fc5\u987b\u660e\u786e\u7684\u7ea6\u675f\u6761\u4ef6\uff1a<\/p>\n
\u8fd9\u4e0d\u662f\u4e00\u4e2a”traceroute\u663e\u793a\u54ea\u4e2a\u8282\u70b9\u6162”\u7684\u95ee\u9898\uff0c\u800c\u662f\u4e00\u4e2a”BGP\u8def\u7531\u51b3\u7b56\u4e3a\u4ec0\u4e48\u9009\u4e86\u8fd9\u6761\u8def\u5f84”\u7684\u95ee\u9898\u3002<\/p>\n
\u5178\u578b\u573a\u666f\u662f\u89c1\u523078ms\u5ef6\u8fdf\u5c31\u6000\u7591\u67d0\u4e2a\u4e2d\u95f4\u8282\u70b9\u7684traceroute\u8f93\u51fa\uff1a<\/p>\n
traceroute to 203.0.113.10, 30 hops max, 60 byte packets\n 1 10.0.0.1 0.5ms 0.3ms 0.4ms\n 2 202.97.x.x 2.1ms 1.9ms 2.0ms\n 3 202.97.y.y 8.3ms 8.1ms 8.2ms\n 4 * * * *\n 5 72.14.x.x 45ms 44ms 44ms\n 6 108.170.x.x 52ms 51ms 53ms\n 7 203.0.113.10 78ms 77ms 79ms<\/code><\/pre>\n\u8fd9\u6837\u505a\u662f\u9519\u7684<\/strong>\u3002IP\u5e8f\u5217\u53ea\u544a\u8bc9\u4f60\u8f6c\u53d1\u8def\u5f84\u4e0a\u7684\u8bbe\u5907IP\uff0c\u65e0\u6cd5\u5224\u65ad\u8fd9\u4e9bIP\u5c5e\u4e8e\u54ea\u4e2aAS\u3001\u7531\u8c01\u63a7\u5236\u3001\u662f\u5426\u7ecf\u8fc7\u4e86\u4e0d\u5fc5\u8981\u7684\u7ed5\u8def\u3002\u770b\u5230\u5ef6\u8fdf\u9ad8\u5c31\u6000\u7591\u67d0\u4e2a\u4e2d\u95f4\u8282\u70b9\uff0c\u903b\u8f91\u4e0a\u7b49\u540c\u4e8e\u770b\u5230\u5835\u8f66\u5c31\u6000\u7591\u67d0\u8f86\u5177\u4f53\u7684\u8f66\u6709\u95ee\u9898\u2014\u2014\u4f60\u9700\u8981\u77e5\u9053\u7684\u662f\u8fd9\u6761\u8def\u662f\u8c01\u4fee\u7684\u3001\u4e3a\u4ec0\u4e48\u8bbe\u8ba1\u6210\u8fd9\u6837\u3002<\/p>\n\u9519\u8bef\u4e8c\uff1a\u5047\u8bbetraceroute\u4ee3\u8868\u771f\u5b9e\u4e1a\u52a1\u8def\u5f84<\/h3>\n
traceroute\u57fa\u4e8eICMP\/UDP\u63a2\u9488\uff0c\u8fd0\u8425\u5546\u5bf9ICMP\u7684\u8f6c\u53d1\u4f18\u5148\u7ea7\u901a\u5e38\u4f4e\u4e8eTCP\u4e1a\u52a1\u6d41\u91cf\u3002\u9a8c\u8bc1\u65b9\u6cd5\uff1a<\/p>\n
# TCP SYN\u63a2\u9488\ntraceroute -T -p 443 203.0.113.10\n\n# \u5bf9\u6bd4ICMP\u7ed3\u679c\ntraceroute -I 203.0.113.10<\/code><\/pre>\n\u5982\u679c\u4e24\u8005\u8def\u5f84\u548c\u65f6\u95f4\u5dee\u5f02\u5de8\u5927\uff0c\u8bf4\u660e\u51fa\u53e3\u5b58\u5728ECMP\u8d1f\u8f7d\uff0c\u4e14ICMP\u63a2\u9488\u4e0eTCP\u6d41\u91cf\u8d70\u4e86\u4e0d\u540c\u7684\u7269\u7406\u94fe\u8def\u3002\u8fd9\u4e2a\u5dee\u5f02\u672c\u8eab\u5c31\u662f\u91cd\u8981\u8bc1\u636e\u2014\u2014\u5b83\u8bf4\u660e\u4f60\u5f53\u524d\u7684\u8def\u7531\u7b56\u7565\u53ef\u80fd\u6ca1\u6709\u5bf9\u6d41\u91cf\u7c7b\u578b\u505a\u533a\u5206\u3002<\/p>\n
\u9519\u8bef\u4e09\uff1a\u56de\u7a0b\u8def\u5f84\u88ab\u5b8c\u5168\u5ffd\u7565<\/h3>\n
traceroute\u663e\u793a\u7684\u662f\u53bb\u7a0b\u8def\u5f84\uff0c\u4f46\u5ef6\u8fdf\u662f\u5f80\u8fd4\u65f6\u95f4\uff08RTT\uff09\u3002\u53bb\u7a0b\u8d70CN2\u3001\u56de\u7a0b\u8d70\u666e\u901a163\u7f51\u7edc\u7684\u60c5\u51b5\u4e0b\uff0c\u5b9e\u9645\u4f53\u9a8c\u5ef6\u8fdf\u662f\u4e24\u6761\u8def\u5f84\u7684\u53e0\u52a0\u3002\u9a8c\u8bc1\u56de\u7a0b\u8def\u5f84\u9700\u8981\u4ece\u5883\u5916\u8282\u70b9traceroute\u56de\u6765\uff0c\u6216\u8005\u7528Paris Traceroute\u7684\u53cc\u5411\u63a2\u6d4b\u3002<\/p>\n
\u5173\u952e\u8bc1\u636e\uff1a\u4e09\u5c42\u8bc1\u636e\u94fe\u7684\u5b8c\u6574\u8fd8\u539f<\/h2>\n
\u5b9a\u4f4d\u8de8\u56fd\u51fa\u53e3\u6d41\u91cf\u7684\u6838\u5fc3\u662f\u628atraceroute\u7ed3\u679c\u5f53\u4f5cBGP\u8def\u7531\u8868\u7684\u67e5\u8be2\u5165\u53e3\uff0c\u800c\u4e0d\u662f\u7ec8\u70b9\u3002\u4ee5\u4e0b\u662f\u5b8c\u6574\u7684\u8bc1\u636e\u94fe\u8fd8\u539f\u3002<\/p>\n
\u8bc1\u636e\u4e00\uff1a\u51fa\u53e3IP\u7684AS\u5f52\u5c5e\u786e\u8ba4<\/h3>\n
\u64cd\u4f5c\u547d\u4ee4<\/strong>\uff1a<\/p>\n# \u67e5\u8be2IP\u6240\u5c5eAS\u4fe1\u606f\nwhois -h whois.ripe.net 202.97.x.x | grep -E "origin|OrgId|AS"\n\n# \u4f7f\u7528BGPKIT API\u83b7\u53d6\u7ed3\u6784\u5316\u6570\u636e\ncurl -s "https:\/\/api.bgpkit.com\/v4\/lookup?ip=202.97.x.x"<\/code><\/pre>\nBGPKIT API\u8fd4\u56de\u793a\u4f8b<\/strong>\uff1a<\/p>\n{\n "ip": "202.97.x.x",\n "asn": 4837,\n "prefix": "202.97.0.0\/17",\n "holder": "CHINANET-CN China Telecom"\n}<\/code><\/pre>\n\u5173\u952e\u7ed3\u8bba<\/strong>\uff1a\u7b2c\u4e8c\u8df3IP\uff08\u51fa\u53e3\u8def\u7531\u5668\u516c\u7f51IP\uff09\u5c5e\u4e8eAS4837\uff08\u4e2d\u56fd\u7535\u4fe1\u9aa8\u5e72\u7f51\uff09\uff0c\u800c\u975eAS9929\uff08\u8054\u901a\uff09\u6216AS9808\uff08\u79fb\u52a8\uff09\u3002\u8fd9\u8bf4\u660e\u6d41\u91cf\u786e\u5b9e\u8d70\u4e86\u7535\u4fe1\u51fa\u53e3\uff0c\u4f46\u8d70\u7684\u53ef\u80fd\u662f\u666e\u901a163\u7f51\u7edc\u800c\u975eCN2\u4f18\u5316\u7ebf\u8def\u3002<\/p>\n\u8bc1\u636e\u4e8c\uff1aBGP\u8def\u7531\u8868\u4e2d\u76ee\u6807\u7f51\u6bb5\u7684\u5b8c\u6574\u8def\u5f84\u5c5e\u6027<\/h3>\n
\u64cd\u4f5c\u547d\u4ee4<\/strong>\uff08\u8fb9\u754c\u8def\u7531\u5668\uff09\uff1a<\/p>\nshow ip bgp 203.0.113.10 detail<\/code><\/pre>\n\u547d\u4ee4\u8f93\u51fa<\/strong>\uff1a<\/p>\nBGP routing table entry for 203.0.113.10\/32, version 1023\nPaths: (3 available, best #2, table default)\n\n Path #1:\n 4837 1299 15169\n 218.102.x.x from 218.102.x.x (218.102.x.x)\n Origin IGP, localpref 200, valid, external\n Path info: popularity 23, MED 100, weight 0\n\n Path #2:\n 9929 1299 15169\n 202.65.x.x from 202.65.x.x (202.65.x.x)\n Origin IGP, localpref 180, valid, external, best\n Path info: popularity 18, MED 150, weight 0\n\n Path #3:\n 9808 1299 15169\n 221.183.x.x from 221.183.x.x (221.183.x.x)\n Origin IGP, localpref 150, valid, external\n Path info: popularity 15, MED 200, weight 0<\/code><\/pre>\n\u8bc1\u636e\u89e3\u8bfb<\/strong>\uff1a<\/p>\n\n\n\n\u8def\u5f84<\/th>\n \u4e0b\u4e00\u8df3<\/th>\n AS_PATH<\/th>\n localpref<\/th>\n MED<\/th>\n \u72b6\u6001<\/th>\n<\/tr>\n<\/thead>\n \n\n\u7535\u4fe1<\/td>\n 218.102.x.x<\/td>\n 4837\u21921299\u219215169<\/td>\n 200<\/td>\n 100<\/td>\n \u672a\u9009\u4e2d<\/td>\n<\/tr>\n \n\u8054\u901a<\/td>\n 202.65.x.x<\/td>\n 9929\u21921299\u219215169<\/td>\n 180<\/td>\n 150<\/td>\n \u6700\u4f73\u8def\u5f84<\/strong><\/td>\n<\/tr>\n\n\u79fb\u52a8<\/td>\n 221.183.x.x<\/td>\n 9808\u21921299\u219215169<\/td>\n 150<\/td>\n 200<\/td>\n \u672a\u9009\u4e2d<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\u4e3a\u4ec0\u4e48\u7535\u4fe1\u8def\u5f84\uff08localpref=200\uff09\u6ca1\u6709\u88ab\u9009\u4e2d<\/strong>\uff1f\u8fd9\u8fdd\u53cd\u4e86\u76f4\u89c9\uff0c\u4f46\u7b26\u5408BGP\u51b3\u7b56\u8fc7\u7a0b\uff1a<\/p>\nBGP\u9009\u62e9\u6700\u4f73\u8def\u5f84\u7684\u987a\u5e8f\u662f\uff1a<\/p>\n
\n- \u6700\u9ad8weight\uff08\u672c\u8bbe\u5907\u6709\u6548\uff09<\/li>\n
- \u6700\u9ad8local-preference\uff08\u540c\u4e00AS\u5185<\/strong>\u6bd4\u8f83\uff09<\/li>\n
- \u672c\u5730\u751f\u6210\u7684\u8def\u7531 > \u4ece\u90bb\u5c45\u5b66\u4e60\u7684<\/li>\n
- \u6700\u77edAS_PATH<\/li>\n
- \u6700\u4f4eorigin\u7c7b\u578b\uff08IGP > EGP > Incomplete\uff09<\/li>\n
- \u6700\u4f4eMED<\/strong><\/li>\n
- eBGP > iBGP<\/li>\n
- \u6700\u4f4eIGP metric\u5230next-hop<\/li>\n
- \u6700\u65e9\u6536\u5230\u7684\u8def\u7531<\/li>\n<\/ol>\n
\u5728\u672c\u4f8b\u4e2d\uff0c\u4e09\u6761\u8def\u5f84\u7684AS_PATH\u957f\u5ea6\u90fd\u662f3\uff0corigin\u90fd\u662fIGP\u3002\u51b3\u5b9a\u7ed3\u679c\u7684\u662fMED\u503c<\/strong>\u2014\u2014\u8054\u901a\u8def\u5f84\u7684MED=150\u9ad8\u4e8e<\/strong>\u7535\u4fe1\u7684MED=100\u3002\u8fd9\u610f\u5473\u7740\u8fd0\u8425\u5546\u5bf9\u7b49\u70b9\u6839\u636e\u5176\u5185\u90e8\u7b56\u7565\uff0c\u5728\u8def\u7531\u5ba3\u544a\u65f6\u5c31\u9644\u52a0\u4e86MED\u5c5e\u6027\u3002\u7535\u4fe1\u8def\u5f84\u867d\u7136localpref\u66f4\u9ad8\uff0c\u4f46MED\u4e5f\u66f4\u4f4e\uff08\u8bf4\u660e\u7535\u4fe1\u8ba4\u4e3a\u8fd9\u6761\u8def\u5f84\u6210\u672c\u66f4\u9ad8\uff09\uff0c\u6700\u7ec8BGP\u9009\u62e9\u4e86\u7efc\u5408\u8003\u91cf\u540e\u7684\u8054\u901a\u8def\u5f84\u3002<\/p>\n\u8bc1\u636e\u4e09\uff1a\u5b9e\u9645\u8f6c\u53d1\u8def\u5f84\u7684RIB\u4e0eFIB\u9a8c\u8bc1<\/h3>\n
\u64cd\u4f5c\u547d\u4ee4<\/strong>\uff1a<\/p>\nshow ip route 203.0.113.10\nshow ip cef 203.0.113.10 detail<\/code><\/pre>\nRIB\u8f93\u51fa<\/strong>\uff1a<\/p>\nRouting entry for 203.0.113.10\/32\n Known via "bgp 65000", distance 20, metric 0\n Last update from 202.65.x.x 00:02:03 ago\n Routing Descriptor Blocks:\n * 202.65.x.x, from 202.65.x.x\n Route metric is 0, traffic share is 1\n AS-Path: 9929 1299 15169<\/code><\/pre>\nFIB\u8f93\u51fa<\/strong>\uff1a<\/p>\n203.0.113.10\/32, version 512345, attached, adjacency table\n via 202.65.x.x, Ethernet0\/0, dependencies\n IP RIB-next-hop: 202.65.x.x\n Adjacency: Ethernet0\/0, address 10.0.0.254<\/code><\/pre>\n\u5173\u952e\u7ed3\u8bba<\/strong>\uff1a\u5b9e\u9645\u8f6c\u53d1\u786e\u5b9e\u8d70\u4e86AS9929\uff08\u8054\u901a\uff09\uff0c\u4e0b\u4e00\u8df3\u662f202.65.x.x\uff0c\u800c\u975eAS4837\uff08\u7535\u4fe1\uff09\u7684218.102.x.x\u3002\u8fd9\u4e0eBGP\u6700\u4f73\u8def\u5f84\u9009\u62e9\u4e00\u81f4\u3002<\/p>\n\u6280\u672f\u5224\u65ad\uff1a\u4e3a\u4ec0\u4e48\u51fa\u53e3\u9009\u62e9\u4e0e\u9884\u671f\u4e0d\u7b26<\/h2>\n
\u7efc\u5408\u4e09\u5c42\u8bc1\u636e\u94fe\uff0c\u6839\u56e0\u5224\u65ad\u5982\u4e0b\uff1a<\/p>\n
\u5f53\u524d\u6d41\u91cf\u8d70\u8054\u901a\u51fa\u53e3\u7684\u539f\u56e0<\/strong>\uff1a\u8be5\u76ee\u6807\u7f51\u6bb5\u4ece\u8054\u901a\u6536\u5230\u7684BGP\u8def\u7531\u867d\u7136local-preference\u8f83\u4f4e\uff08180 < 200\uff09\uff0c\u4f46\u88ab\u9009\u4e3a\u6700\u4f73\u8def\u5f84\u662f\u56e0\u4e3a\u4e09\u6761\u8def\u5f84\u7684AS_PATH\u957f\u5ea6\u76f8\u540c\u3001origin\u7c7b\u578b\u76f8\u540c\uff0cMED\u503c\uff08150\uff09\u5728\u6b64\u51b3\u7b56\u70b9\u8d77\u4e86\u4e3b\u5bfc\u4f5c\u7528\u3002<\/p>\n\u4e3a\u4ec0\u4e48\u6ca1\u6709\u8d70\u7535\u4fe1CN2<\/strong>\uff1a<\/p>\n\n- \n
\u7535\u4fe1\u8def\u5f84\u7684local-preference\u867d\u7136\u66f4\u9ad8\uff08200 > 180\uff09\uff0c\u4f46BGP\u7684local-preference\u6bd4\u8f83\u53ea\u5728\u540c\u4e00AS\u5185\u6709\u6548\u2014\u2014\u8fd9\u6761\u89c4\u5219\u7684\u610f\u601d\u662f\uff0c\u4f60\u7684\u8def\u7531\u5668\u4f1a\u4f18\u5148\u9009\u62e9localpref\u66f4\u9ad8\u7684\u8def\u5f84\uff0c\u4f46\u524d\u63d0\u662f\u5b83\u4eec\u6765\u81ea\u540c\u4e00\u4e2a\u4e0b\u4e00\u8df3AS<\/strong>\u3002\u4e09\u6761\u8def\u5f84\u6765\u81ea\u4e0d\u540c\u7684\u8fd0\u8425\u5546AS\uff0clocalpref\u7684\u6bd4\u8f83\u4f1a\u53d7\u5230\u540e\u7eed\u5c5e\u6027\u7684\u5f71\u54cd\u3002<\/p>\n<\/li>\n- \n
\u4e09\u6761\u8def\u5f84\u7684AS_PATH\u957f\u5ea6\u90fd\u662f3\uff084837\u21921299\u219215169\u30019929\u21921299\u219215169\u30019808\u21921299\u219215169\uff09\uff0c\u65e0\u6cd5\u901a\u8fc7AS_PATH\u957f\u5ea6\u533a\u5206\u4f18\u5148\u7ea7\u3002<\/p>\n<\/li>\n
- \n
\u8fd0\u8425\u5546\u5bf9\u7b49\u70b9\u53ef\u80fd\u5728\u5ba3\u544a\u8def\u7531\u65f6\u9644\u52a0\u4e86MED\u3001communities\u6216cost-community\u5c5e\u6027\uff0c\u8fd9\u4e9b\u5c5e\u6027\u5728BGP\u51b3\u7b56\u8fc7\u7a0b\u4e2d\u5f71\u54cd\u4e86\u6700\u7ec8\u9009\u62e9\u3002\u7535\u4fe1\u8def\u5f84\u7684MED=100\u4f4e\u4e8e\u8054\u901a\u7684MED=150\uff0c\u4f46BGP\u7684MED\u6bd4\u8f83\u89c4\u5219\u662f\uff1aMED\u53ea\u5728\u6765\u81ea\u540c\u4e00\u76f8\u90bbAS\u7684\u8def\u7531\u4e4b\u95f4\u6bd4\u8f83\u624d\u6709\u610f\u4e49\u30021299\u662f\u8fd9\u4e2a\u76ee\u6807\u7f51\u6bb5\u7684\u4e0a\u6e38\u8fd0\u8425\u5546\uff0c\u5b83\u540c\u65f6\u5411\u7535\u4fe1\u548c\u8054\u901a\u5ba3\u544a\u8def\u7531\uff0c\u6240\u4ee5MED\u6bd4\u8f83\u662f\u6709\u6548\u7684\u2014\u2014\u8054\u901a\u7684MED=150\u610f\u5473\u77401299\u8ba4\u4e3a\u901a\u8fc7\u8054\u901a\u5230\u8fbe15169\u7684\u8def\u5f84\u6210\u672c\u66f4\u4f4e\u3002<\/p>\n<\/li>\n
- \n
\u4f01\u4e1a\u4fa7\u914d\u7f6e\u7684\u8def\u7531\u7b56\u7565\uff08route-map set local-preference\uff09\u53ef\u80fd\u5bf9\u8fd9\u6761\u76ee\u6807\u8def\u7531\u6ca1\u6709\u751f\u6548\uff0c\u9700\u8981\u68c0\u67e5prefix-list\u662f\u5426\u5339\u914d\u5230\u4e86203.0.113.10\/32\u3002<\/p>\n<\/li>\n<\/ol>\n
\u4e3a\u4ec0\u4e48VPN\u8def\u5f84\u5ef6\u8fdf\u66f4\u4f4e<\/strong>\uff1aVPN\u901a\u5e38\u4f7f\u7528\u4e0e\u8fd0\u8425\u5546\u5bf9\u7b49\u7684\u4f18\u5316\u8def\u7531\uff08\u53ef\u80fd\u662fCN2\u6216\u76f4\u63a5\u5bf9\u7b49\u94fe\u8def\uff09\uff0c\u7ed5\u8fc7\u4e86\u8fd0\u8425\u5546\u9aa8\u5e72\u7f51\u7684\u5e38\u89c4\u8def\u7531\u7b56\u7565\u3002\u6b64\u5916\uff0cVPN\u96a7\u9053\u5728\u5883\u5916\u843d\u5730\u540e\uff0c\u89e3\u5c01\u88c5\u540e\u7684\u56de\u7a0b\u53ef\u80fd\u8d70\u4e86\u4e0d\u540c\u4e8e\u666e\u901aBGP\u8def\u7531\u7684\u8def\u5f84\u3002<\/p>\n\u65b9\u6848\u53d6\u820d\uff1a\u4e09\u79cd\u5b9a\u4f4d\u65b9\u6cd5\u7684\u5bf9\u6bd4<\/h2>\n
\n\n\n\u65b9\u6cd5<\/th>\n \u80fd\u529b<\/th>\n \u5c40\u9650<\/th>\n<\/tr>\n<\/thead>\n \n\n\u7eaftraceroute<\/td>\n \u770b\u5230IP\u8def\u5f84<\/td>\n \u4e0d\u77e5\u9053AS\u5f52\u5c5e\uff0cICMP\u4e0d\u53ef\u9760\uff0c\u56de\u7a0b\u4e0d\u53ef\u89c1<\/td>\n<\/tr>\n \ntraceroute + whois\u67e5\u8be2<\/td>\n \u77e5\u9053\u6bcf\u8df3AS<\/td>\n \u624b\u5de5\u64cd\u4f5c\uff0c\u65e0\u6cd5\u6279\u91cf\uff0c\u9700\u67e5\u8be2\u5916\u90e8\u6570\u636e\u5e93<\/td>\n<\/tr>\n \ntraceroute + BGP\u8def\u7531\u8868\u5206\u6790<\/td>\n \u5b8c\u6574\u8fd8\u539f\u8def\u7531\u51b3\u7b56\u94fe<\/td>\n \u9700\u8981\u8fb9\u754c\u8bbe\u5907\u6743\u9650\uff0c\u7406\u89e3\u6210\u672c\u9ad8<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\u6211\u66f4\u63a8\u8350\u7b2c\u4e09\u79cd<\/strong>\u3002\u4f46\u5982\u679c\u53ea\u6709\u5883\u5916\u8282\u70b9\u63a7\u5236\u53f0\u6743\u9650\uff0c\u81f3\u5c11\u8981\u505a\u5230\u7b2c\u4e00\u79cd+whois\u67e5\u8be2\u7684\u7ec4\u5408\u3002\u7eaftraceroute\u5728\u8de8\u56fd\u573a\u666f\u4e0b\u53ea\u80fd\u63d0\u4f9b\u7ebf\u7d22\uff0c\u4e0d\u80fd\u63d0\u4f9b\u7ed3\u8bba\u3002<\/p>\n\u8fb9\u754c\u6761\u4ef6\uff1a\u4ec0\u4e48\u60c5\u51b5\u4e0b\u5f53\u524d\u65b9\u6848\u4f1a\u5931\u6548<\/h2>\n\u8fb9\u754c\u6761\u4ef6\u4e00\uff1a\u8fd0\u8425\u5546BGP\u7b56\u7565\u5f3a\u5236\u6307\u5b9a\u4e0b\u4e00\u8df3<\/h3>\n
\u5373\u4f7f\u628alocal-preference\u8c03\u5230\u6700\u9ad8\uff0c\u8fd0\u8425\u5546\u4fa7\u53ef\u80fd\u6839\u636e\u5bf9\u7aefAS_PATH\u6216communities\u5c5e\u6027\u5f3a\u5236\u8def\u7531\u8d70\u5411\u3002\u9a8c\u8bc1\u65b9\u6cd5\u662f\u5728\u5883\u5916\u76ee\u6807\u8282\u70b9traceroute\u56de\u6765\uff0c\u770b\u56de\u7a0b\u8def\u5f84\u662f\u5426\u53d7\u63a7\u3002\u4f01\u4e1a\u80fd\u63a7\u5236\u5883\u5185\u8def\u7531\uff0c\u4f46\u51fa\u8fd0\u8425\u5546\u7f51\u7edc\u540e\u5c31\u4e0d\u5f52\u4f60\u7ba1\u4e86\u3002<\/p>\n
\u8fb9\u754c\u6761\u4ef6\u4e8c\uff1aECMP\u5bfc\u81f4\u8def\u5f84\u4e0d\u7a33\u5b9a<\/h3>\n
\u5982\u679c\u51fa\u53e3\u8def\u7531\u5668\u914d\u7f6e\u4e86\u591a\u6761\u7b49\u4ef7\u8def\u5f84\u8d1f\u8f7d\u5747\u8861\uff0ctraceroute\u6bcf\u6b21\u63a2\u6d4b\u53ef\u80fd\u8d70\u4e0d\u540c\u8def\u5f84\u3002\u9a8c\u8bc1\u65b9\u6cd5\uff1a<\/p>\n
# \u8fde\u7eed5\u6b21traceroute\uff0c\u89c2\u5bdf\u7b2c\u4e8c\u8df3\u662f\u5426\u4e00\u81f4\nfor i in {1..5}; do traceroute -q 1 203.0.113.10 | sed -n '2p'; sleep 1; done<\/code><\/pre>\n\u5982\u679c\u6bcf\u6b21\u7b2c\u4e8c\u8df3IP\u4e0d\u540c\uff0c\u8bf4\u660e\u786e\u5b9e\u5728\u8d70\u4e0d\u540c\u7684\u7269\u7406\u94fe\u8def\uff0c\u6b64\u65f6traceroute\u7684\u7edf\u8ba1\u610f\u4e49\u6709\u9650\uff0c\u9700\u8981\u7528\u6301\u7eedping\u7684mtr\u5de5\u5177\u53d6\u5e73\u5747\u503c\u3002<\/p>\n
\u8fb9\u754c\u6761\u4ef6\u4e09\uff1aICMP\u88ab\u6df1\u5ea6\u8fc7\u6ee4<\/h3>\n
\u67d0\u4e9b\u8fd0\u8425\u5546\u5bf9\u8de8\u5883ICMP\u505a\u4e25\u683c\u9650\u901f\u6216\u76f4\u63a5\u4e22\u5305\uff0c\u5bfc\u81f4traceroute\u770b\u5230\u5927\u91cf***<\/code>\u3002\u6b64\u65f6\u5fc5\u987b\u6362\u7528TCP\u63a2\u9488\uff08traceroute -T<\/code>\uff09\u6216\u5176\u4ed6\u57fa\u4e8eUDP\/TCP\u7684\u63a2\u6d4b\u5de5\u5177\u5982Scapy\u3002<\/p>\n\u8fb9\u754c\u6761\u4ef6\u56db\uff1a\u8def\u7531\u9707\u8361\u4e0e\u6536\u655b\u5ef6\u8fdf<\/h3>\n
BGP\u8def\u7531\u6536\u655b\u9700\u8981\u65f6\u95f4\u3002\u8c03\u6574\u8def\u7531\u7b56\u7565\u540e\uff0c\u5982\u679c\u8fd0\u8425\u5546\u4fa7\u8def\u7531\u6ca1\u6709\u540c\u65f6\u66f4\u65b0\uff0c\u53ef\u80fd\u51fa\u73b0\u77ed\u6682\u7684\u8def\u7531\u9ed1\u6d1e\u6216\u6b21\u4f18\u8def\u5f84\u3002\u6e05\u9664BGP\u4f1a\u8bdd\u540e\u9700\u8981\u7b49\u5f85\u5b8c\u6574\u7684\u8def\u7531\u6536\u655b\u5468\u671f\uff08\u901a\u5e3830\u79d2\u5230\u51e0\u5206\u949f\uff09\uff0c\u671f\u95f4\u7684\u6027\u80fd\u6570\u636e\u4e0d\u5b9c\u4f5c\u4e3a\u7ed3\u8bba\u4f9d\u636e\u3002<\/p>\n
\u9a8c\u8bc1\u7ed3\u8bba\uff1a\u8def\u5f84\u9009\u62e9\u4f18\u5316\u7684\u6548\u679c\u8bc1\u660e<\/h2>\n\u6b65\u9aa4\u4e00\uff1a\u8bca\u65adprefix-list\u914d\u7f6e<\/h3>\nshow ip prefix-list detail PL_TELECOM_CN2\nshow ip prefix-list detail PL_TARGETS<\/code><\/pre>\n\u786e\u8ba4\u76ee\u6807\u7f51\u6bb5\u662f\u5426\u88ab\u6b63\u786e\u5339\u914d\u3002\u5982\u679cprefix-list\u6ca1\u6709\u5305\u542b203.0.113.10\/32\uff0c\u8def\u7531\u7b56\u7565\u5bf9\u8be5\u6d41\u91cf\u5c31\u4e0d\u4f1a\u751f\u6548\u3002<\/p>\n
\u6b65\u9aa4\u4e8c\uff1a\u8c03\u6574\u8def\u7531\u7b56\u7565<\/h3>\n
\u5982\u679c\u786e\u8ba4\u662fprefix-list\u6f0f\u914d\u6216local-preference\u4e0d\u591f\uff0c\u8c03\u6574\u914d\u7f6e\uff1a<\/p>\n
! \u914d\u7f6e\u524d\u7f00\u5217\u8868\nip prefix-list PL_TARGETS permit 203.0.113.10\/32\n\n! \u914d\u7f6e\u8def\u7531\u6620\u5c04\nroute-map BGP_EXPORT permit 10\n match ip address prefix-list PL_TARGETS\n set local-preference 250\n\n! \u5e94\u7528\u5230BGP\u90bb\u5c45\nrouter bgp 65000\n neighbor 218.102.x.x route-map BGP_EXPORT in\n\n! \u8f6f\u6e05\u9664BGP\u4f1a\u8bdd\u89e6\u53d1\u91cd\u65b0\u9009\u62e9\nclear ip bgp * soft<\/code><\/pre>\n\u6b65\u9aa4\u4e09\uff1a\u9a8c\u8bc1\u4f18\u5316\u6548\u679c<\/h3>\n# \u8c03\u6574\u524d mtr \u62a5\u544a\n$ mtr -c 20 203.0.113.10 --report\nHOST Loss% Snt Avg Best Wrst StDev\n 1. 10.0.0.1 0.0% 20 0.5 0.4 0.6 0.1\n 2. 202.97.x.x 0.0% 20 2.3 2.1 2.5 0.2\n 3. 202.97.y.y 0.0% 20 8.5 8.3 9.1 0.4\n 4. ??? -- -- -- -- -- --\n 5. 72.14.x.x 0.0% 20 48.3 45.2 52.1 3.1\n 6. 108.170.x.x 0.0% 20 55.6 52.3 58.9 2.8\n 7. 203.0.113.10 0.0% 20 78.4 77.1 82.3 2.5\n\n# \u8c03\u6574\u540e mtr \u62a5\u544a\uff08\u9884\u671f\uff09\n$ mtr -c 20 203.0.113.10 --report\n 7. 203.0.113.10 0.0% 20 32.1 31.5 33.8 1.2<\/code><\/pre>\n\u5ef6\u8fdf\u4ece78ms\u964d\u523032ms\uff0c\u964d\u5e45\u7ea646ms\u3002\u914d\u5408BGP\u8def\u7531\u8868\u786e\u8ba4\u65b0\u7684AS_PATH\u5e94\u8be5\u4ee54837\uff08\u7535\u4fe1\uff09\u5f00\u5934\uff0c\u4e14202.65.x.x\u4e0d\u518d\u662f\u4e0b\u4e00\u8df3\u3002<\/p>\n
\u6b65\u9aa4\u56db\uff1a\u4e1a\u52a1\u6301\u7eed\u6027\u76d1\u63a7<\/h3>\n
\u8c03\u6574\u5b8c\u6210\u540e\uff0c\u5efa\u8bae\u6301\u7eed\u76d1\u63a772\u5c0f\u65f6\uff0c\u6392\u9664\u8def\u7531\u9707\u8361\u5bfc\u81f4\u7684\u4e34\u65f6\u6539\u5584\uff1a<\/p>\n
# \u6301\u7eed\u76d1\u63a7\u811a\u672c\nwhile true; do\n mtr -c 10 -r 203.0.113.10 | awk '\/^HOST\/{next} {print strftime("%Y-%m-%d %H:%M:%S"), $1, $4}' \n sleep 60\ndone >> latency_log.txt<\/code><\/pre>\n\u7ed3\u8bba<\/h2>\n
traceroute\u662fBGP\u8def\u7531\u5206\u6790\u7684\u5165\u53e3\uff0c\u4e0d\u662f\u7ec8\u70b9\u3002\u5f53\u53d1\u73b0\u8de8\u56fd\u5ef6\u8fdf\u5f02\u5e38\u65f6\uff0c\u6b63\u786e\u7684\u95ee\u9898\u5206\u89e3\u662f\uff1a<\/p>\n
\n- \u786e\u8ba4\u51fa\u53e3IP\u7684AS\u5f52\u5c5e<\/strong>\uff1a\u6bcf\u4e00\u8df3IP\u80cc\u540e\u90fd\u5bf9\u5e94AS\u8fb9\u754c\uff0cwhois\u67e5\u8be2\u662f\u7b2c\u4e00\u6b65<\/li>\n
- \u5bf9\u6bd4BGP\u8def\u7531\u8868\u4e2d\u8be5\u76ee\u6807\u7684\u6240\u6709\u53ef\u7528\u8def\u5f84\u53ca\u5176\u5c5e\u6027<\/strong>\uff1alocalpref\u3001MED\u3001AS_PATH\u957f\u5ea6\u3001origin\u7c7b\u578b<\/li>\n
- \u7406\u89e3BGP\u51b3\u7b56\u8fc7\u7a0b\u4e3a\u4f55\u9009\u62e9\u4e86\u5f53\u524d\u8def\u5f84<\/strong>\uff1a\u6309\u7167BGP\u9009\u8def\u539f\u5219\u9010\u6761\u5206\u6790\uff0c\u800c\u975e\u51ed\u76f4\u89c9<\/li>\n
- \u786e\u8ba4\u8def\u7531\u7b56\u7565\u914d\u7f6e\u662f\u5426\u6309\u9884\u671f\u751f\u6548<\/strong>\uff1aprefix-list\u662f\u5426\u5339\u914d\u3001route-map\u662f\u5426\u5e94\u7528<\/li>\n
- \u8c03\u6574\u7b56\u7565\u540e\u9a8c\u8bc1\u8def\u5f84\u53d8\u5316\u4e0e\u5ef6\u8fdf\u6539\u5584\u7684\u5173\u8054\u6027<\/strong>\uff1amtr\u524d\u540e\u5bf9\u6bd4+BGP\u8def\u7531\u8868\u786e\u8ba4<\/li>\n<\/ol>\n
\u8de8\u56fd\u7f51\u7edc\u7684\u51fa\u53e3\u9009\u8def\u4e0d\u662f\u7eaf\u7cb9\u7684\u6280\u672f\u95ee\u9898\uff0c\u5b83\u53d7\u5236\u4e8e\u8fd0\u8425\u5546\u4e4b\u95f4\u7684\u5bf9\u7b49\u7b56\u7565\u3001BGP communities\u5c5e\u6027\u3001\u4ee5\u53ca\u7269\u7406\u94fe\u8def\u7684\u5b9e\u9645\u8d28\u91cf\u3002\u4f46\u8fd9\u4e9b\u7ea6\u675f\u5e76\u4e0d\u610f\u5473\u7740\u675f\u624b\u65e0\u7b56\u2014\u2014\u901a\u8fc7\u7cfb\u7edf\u7684trace+\u67e5\u8be2+BGP\u5206\u6790\u7ec4\u5408\uff0c\u81f3\u5c11\u53ef\u4ee5\u660e\u786e\u95ee\u9898\u7684\u8fb9\u754c\uff0c\u533a\u5206”\u4e0d\u53ef\u63a7\u7684\u8fd0\u8425\u5546\u7b56\u7565”\u548c”\u53ef\u4ee5\u4f18\u5316\u7684\u672c\u5730\u914d\u7f6e”\u3002<\/p>","protected":false},"excerpt":{"rendered":"
\u8de8\u56fd\u51fa\u53e3\u6d41\u91cf\u5b9a\u4f4d\uff1a\u5982\u4f55\u4ecetraceroute\u7684IP\u5e8f\u5217\u8ffd\u6eaf\u5230BGP\u8def\u7531\u51b3\u7b56\uff0c\u5f53traceroute\u663e\u793a\u8de8\u56fd\u5ef6\u8fdf\u9ad8\u65f6\uff0c\u5927\u90e8\u5206\u4eba\u76ef\u7740TTL\u9012\u589e\u7684IP\u5730\u5740\u53d1\u5446\u3002\u771f\u6b63\u6709\u6548\u7684\u5b9a\u4f4d\u65b9\u6cd5\u662f\u628atraceroute\u5f53\u4f5cBGP\u8def\u7531\u8868\u7684\u67e5\u8be2\u5165\u53e3\u2014\u2014\u6bcf\u4e00\u8df3IP\u80cc\u540e\u90fd\u5bf9\u5e94AS\u8fb9\u754c\u548cBGP\u51b3\u7b56\u70b9\uff0c\u7406\u89e3\u8fd9\u4e9b\u624d\u80fd\u5224\u65ad\u6d41\u91cf\u4e3a\u4ec0\u4e48\u8d70\u4e86\u5f53\u524d\u8fd9\u6761\u8def\u5f84\uff0c\u800c\u4e0d\u662f\u4f60\u4ee5\u4e3a\u7684\u90a3\u6761\u3002<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[439,8,468],"tags":[158,926,928,196,927,929],"class_list":["post-889","post","type-post","status-publish","format-standard","hentry","category-439","category-8","category-468","tag-bgp","tag-traceroute","tag-928","tag-196","tag-927","tag-929"],"views":7,"_links":{"self":[{"href":"https:\/\/www.liaoxinghui.com\/index.php?rest_route=\/wp\/v2\/posts\/889","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.liaoxinghui.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.liaoxinghui.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.liaoxinghui.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.liaoxinghui.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=889"}],"version-history":[{"count":1,"href":"https:\/\/www.liaoxinghui.com\/index.php?rest_route=\/wp\/v2\/posts\/889\/revisions"}],"predecessor-version":[{"id":899,"href":"https:\/\/www.liaoxinghui.com\/index.php?rest_route=\/wp\/v2\/posts\/889\/revisions\/899"}],"wp:attachment":[{"href":"https:\/\/www.liaoxinghui.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=889"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.liaoxinghui.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=889"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.liaoxinghui.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=889"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}