MPLS ×××案例
本文共 14081 字,大约阅读时间需要 46 分钟。
MPLS ×××
一、基本概念(1)VRF(Virtual Routing and Forwarding) 每个VRF可以理解为一台虚拟逻辑路由器,每台路由器可以创建多个VRF,默认情况下,VRF之间、VRF与路由器之间是隔离的,一台PE路由器分配多个VRF来连接不同的客户设备,实现同一PE下的不同客户网络信息的隔离需求。 VRF内的路由被称为×××V4路由,×××V4路由=IPV4路由+RD值+RT值,必须使用MP-BGP路由协议来传递。(2)RD(route distinguisher)路由标识 RD值只是一个参数,由64位的16进制组成---X:X,是×××V4路由的前缀,用来区分不同CE端相同的路由条目。(3)RT:Route Target RT值是BGP的一种扩展community属性,用来区分不同目标接收者(将PE上接收到的×××v4前缀通告给正确的CE设备),格式---X:X。(4)MPLS ×××的数据转发原理PE1再将数据传递给PE2时,会封装两层标签,外层标签用于穿越P路由器,内层标签用于通告PE2所查询的VRF。二、MPLS ×××配置基本步骤
(1)在MPLS域使用IGP路由协议,使公网能够互通;(2)CE设备正常配置,PE设备上开启MPLS,修改MTU,建立VRF,定义RD和RT值,同时关联与CE设备相连接的端口;(3)在PE设备的家族模式下,建立MP-BGP邻居关系,同时开启社团属性;(4)在PE设备上使用双向重发布或静态,使CE设备能够将私网路由传递给PE设备;(5)MPLS ×××建立。三、MPLS ×××案例
要求:
1、CE1与CE2、CE3与CE4可以互访2、CE1与CE4、CE3与CE2之间不能够互访3、MPLS域使用EIGRP协议4、CE1与PE1之间、CE2与PE2之间使用RIP协议5、CE3与PE1之间、CE4与PE2之间使用OSPF协议1、进行IP配置
CE1路由器:CE1(config-if)#int lo 0CE1(config-if)#ip address 192.168.1.100 255.255.255.0CE1(config)#int s0/0CE1(config-if)#ip address 192.168.2.1 255.255.255.0CE1(config-if)#no shutdownPE1路由器:
PE1(config-if)#int lo 0PE1(config-if)#ip address 2.2.2.2 255.255.255.0PE1(config)#int s0/0PE1(config-if)#ip address 23.1.1.2 255.255.255.0PE1(config-if)#no shutdownP路由器:
P(config-if)#int lo 0P(config-if)#ip address 3.3.3.3 255.255.255.0P(config)#int s0/1P(config-if)#ip address 23.1.1.3 255.255.255.0P(config-if)#no shutdown P(config)#int s0/0P(config-if)#ip address 34.1.1.3 255.255.255.0P(config-if)#no shutdownPE2路由器:
PE2(config-if)#int lo 0PE2(config-if)#ip address 4.4.4.4 255.255.255.0PE2(config)#int s0/0PE2(config-if)#ip address 34.1.1.4 255.255.255.0PE2(config-if)#no shutdownCE2路由器:
CE2(config-if)#int lo 0CE2(config-if)#ip address 192.168.4.100 255.255.255.0CE2(config-if)#int lo 1CE2(config-if)#ip address 55.1.1.100 255.255.255.0CE2(config)#int s0/0CE2(config-if)#ip address 192.168.3.5 255.255.255.0CE2(config-if)#no shutdown2、MPLS域配置EIGRP协议,使公网能够通信
PE1路由器:PE1(config)#router eigrp 100PE1(config-router)#no auto-summary PE1(config-router)#network 2.0.0.0PE1(config-router)#network 23.0.0.0P路由器:
P(config)#router eigrp 100P(config-router)#no auto-summary P(config-router)#network 3.0.0.0P(config-router)#network 23.0.0.0P(config-router)#network 34.0.0.0PE2路由器:
PE1(config)#router eigrp 100PE1(config-router)#no auto-summary PE1(config-router)#network 4.0.0.0PE1(config-router)#network 34.0.0.0此时,MPLS域已经可以互通,检验如下:
PE2#ping 2.2.2.2Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 19/21/25 msPE1#ping 4.4.4.4Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 17/19/20 ms3、在CE1与PE1之间、CE2与PE2之间配置RIP协议
CE1路由器:CE1(config)#router ripCE1(config-router)#version 2CE1(config-router)#no auto-summary CE1(config-router)#network 192.168.1.0 CE1(config-router)#network 192.168.2.0PE1路由器:
先配置VRFPE1(config)# ip cef //开启cef,一般默认开启PE1(config)#int s0/0PE1(config-if)#mtu 1508 //可选,建议修改PE1(config-if)#mpls ip //在标签号经过的端口开启MPLS协议PE1(config)#ip vrf A->B //创建名为A->B的VRF空间PE1(config-vrf)#RD 1:1 PE1(config-vrf)#route-target 1:1PE1(config-vrf)#exiPE1(config)#int s0/1 //进入关联端口PE1(config-if)#ip vrf forwarding A->B //关联VRF空间PE1(config-if)#ip address 192.168.1.2 255.255.255.0 //重新定义地址PE1(config-if)#no shutdown再配置RIP协议PE1(config-router)#router ripPE1(config-router)#version 2PE1(config-router)#no auto-summary PE1(config-router)#address-family ipv4 vrf A->B //PE设备必须在VRF下宣告PE1(config-router-af)#network 192.168.2.0PE1(config-router-af)#exiCE2路由器:
CE2(config)#router ripCE2(config-router)#version 2CE2(config-router)#no auto-summary CE2(config-router)#network 192.168.4.0 CE2(config-router)#network 192.168.3.0 CE2(config-router)#network 55.1.1.0 CE2(config-router)#endPE2路由器:
先配置VRFPE2(config)#int s0/1PE2(config-if)#mpls ipPE2(config-if)#mtu 1508PE2(config-if)#exiPE2(config)#ip vrf B->APE2(config-vrf)#rd 1:1PE2(config-vrf)#route-target 1:1PE2(config-vrf)#exiPE2(config)#int s0/0PE2(config-if)#ip vrf forwarding B->APE2(config-if)#ip address 192.168.3.4 255.255.255.0PE2(config-if)#no shutdown 在配置RIP协议PE2(config-router)#router rip PE2(config-router)#version 2 PE2(config-router)#no auto-summary PE2(config-router)#address-family ipv4 vrf B->APE2(config-router-af)#NETwork 192.168.3.0PE2(config-router-af)#exi4、在PE1 与PE2之间建立MP-BGP邻居,P路由器不配置BGP协议
PE1路由器:PE1(config)#router bgp 1PE1(config-router)#bgp router-id 2.2.2.2PE1(config-router)#neighbor 4.4.4.4 remote-as 1 PE1(config-router)#neighbor 4.4.4.4 update-source lo 0 //先建立IPV4邻居关系PE1(config-router)#address-family ***v4 //进入MP-BGP家族模式PE1(config-router-af)#neighbor 4.4.4.4 activate //建立MP-BGP邻居关系PE1(config-router-af)#neighbor 4.4.4.4 send-community //必须开启社团属性PE2路由器:
PE2(config)#router bgp 1 PE2(config-router)#b router-id 4.4.4.4PE2(config-router)#neighbor 2.2.2.2 remote-as 1PE2(config-router)#neighbor 2.2.2.2 update-source lo 0PE2(config-router)#address-family ***v4PE2(config-router-af)#neighbor 2.2.2.2 activate PE2(config-router-af)#neighbor 2.2.2.2 send-community5、在PE1和PE2上做双向重发布
PE1路由器:将bgp重发布到ripPE1(config)#router ripPE1(config-router-af)#REdistribute bgp 1 metric 1将rip重发布到bgp
PE1(config)#router bgp 1PE1(config-router)#address-family ipv4 vrf A->B //PE端路由要在VRF下重发布到CE端PE1(config-router-af)#REdistribute ripPE1(config-router-af)#endPE2路由器:
将bgp重发布到ripPE1(config)#router ripPE1(config-router-af)#REdistribute bgp 1 metric 1 //要带种子度量将rip重发布到bgp
PE1(config)#router bgp 1PE1(config-router)#address-family ipv4 vrf B->APE1(config-router-af)#REdistribute ripPE1(config-router-af)#end此时,CE1和CE2已经能过互通,检验如下:
CE1#ping 55.1.1.100 Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 55.1.1.100, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 39/41/44 msCE2#ping 192.168.1.100 source 55.1.1.100
Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 192.168.1.100, timeout is 2 seconds:Packet sent with a source address of 55.1.1.100 !!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 38/39/40 ms6、部分路由表和VRF表
PE1路由器路由表:PE1#sho ip route Gateway of last resort is not set2.0.0.0/8 is variably subnetted, 2 subnets, 2 masksC 2.2.2.0/24 is directly connected, Loopback0L 2.2.2.2/32 is directly connected, Loopback03.0.0.0/24 is subnetted, 1 subnetsD 3.3.3.0 [90/2297856] via 23.1.1.3, 06:02:00, Serial0/04.0.0.0/24 is subnetted, 1 subnetsD 4.4.4.0 [90/2809856] via 23.1.1.3, 06:01:12, Serial0/023.0.0.0/8 is variably subnetted, 2 subnets, 2 masksC 23.1.1.0/24 is directly connected, Serial0/0L 23.1.1.2/32 is directly connected, Serial0/034.0.0.0/24 is subnetted, 1 subnetsD 34.1.1.0 [90/2681856] via 23.1.1.3, 06:01:21, Serial0/0Vrf表:A->B
PE1#sho ip route vrf A->BRouting Table: A->BGateway of last resort is not set55.0.0.0/24 is subnetted, 1 subnetsB 55.1.1.0 [200/1] via 4.4.4.4, 04:58:18R 192.168.1.0/24 [120/1] via 192.168.2.1, 00:00:22, Serial0/1192.168.2.0/24 is variably subnetted, 2 subnets, 2 masksC 192.168.2.0/24 is directly connected, Serial0/1L 192.168.2.2/32 is directly connected, Serial0/1B 192.168.3.0/24 [200/0] via 4.4.4.4, 05:02:03B 192.168.4.0/24 [200/1] via 4.4.4.4, 05:02:03PE2路由器
路由表:PE2#sho ip route Gateway of last resort is not set2.0.0.0/24 is subnetted, 1 subnetsD 2.2.2.0 [90/2809856] via 34.1.1.3, 06:03:43, Serial0/13.0.0.0/24 is subnetted, 1 subnetsD 3.3.3.0 [90/2297856] via 34.1.1.3, 06:03:43, Serial0/14.0.0.0/8 is variably subnetted, 2 subnets, 2 masksC 4.4.4.0/24 is directly connected, Loopback0L 4.4.4.4/32 is directly connected, Loopback023.0.0.0/24 is subnetted, 1 subnetsD 23.1.1.0 [90/2681856] via 34.1.1.3, 06:03:43, Serial0/134.0.0.0/8 is variably subnetted, 2 subnets, 2 masksC 34.1.1.0/24 is directly connected, Serial0/1L 34.1.1.4/32 is directly connected, Serial0/1Vrf表: B->A
PE2#sho ip route vrf B->ARouting Table: B->AGateway of last resort is not set55.0.0.0/24 is subnetted, 1 subnetsR 55.1.1.0 [120/1] via 192.168.3.5, 00:00:02, Serial0/0B 192.168.1.0/24 [200/1] via 2.2.2.2, 05:06:06B 192.168.2.0/24 [200/0] via 2.2.2.2, 05:06:06192.168.3.0/24 is variably subnetted, 2 subnets, 2 masksC 192.168.3.0/24 is directly connected, Serial0/0L 192.168.3.4/32 is directly connected, Serial0/0R 192.168.4.0/24 [120/1] via 192.168.3.5, 00:00:02, Serial0/07、CE3与PE1之间、CE4与PE2之间使用OSPF协议
CE3路由器:CE3(config)#int lo 0CE3(config-if)#ip address 192.168.1.100 255.255.255.0CE3(config-if)#int s0/0CE3(config-if)#ip address 192.168.2.6 255.255.255.0CE3(config-if)#no shutdown CE3(config)#router ospf 1 CE3(config-router)#router-id 6.6.6.6CE3(config-router)#network 192.168.1.0 0.0.0.255 a 0CE3(config-router)#network 192.168.2.0 0.0.0.255 a 0PE1路由器:
PE1(config)#ip vrf xianPE1(config-vrf)#rd 2:2PE1(config-vrf)#route-target 2:2PE1(config-vrf)#exiPE1(config)#int s0/2PE1(config-if)#ip vrf forwarding xianPE1(config-if)#ip address 192.168.2.2 255.255.255.0PE1(config-if)#no shutdownPE1(config)#router ospf 1 vrf xian
PE1(config-router)#router-id 2.2.2.2PE1(config-router)#network 2.2.2.2 0.0.0.0 a 0PE1(config-router)#network 192.168.2.0 0.0.0.255 a 0CE4路由器:
CE4(config)#int lo 0CE4(config-if)#ip address 192.168.4.100 255.255.255.0CE4(config-if)#int lo 1CE4(config-if)#ip address 77.1.1.100 255.255.255.0CE4(config-if)#endCE4(config-if)#int s0/0CE4(config-if)#ip address 192.168.3.7 255.255.255.0CE4(config-if)#no shutdown CE4(config)#router ospf 1CE4(config-router)#router-id 7.7.7.7CE4(config-router)#network 192.168.4.0 0.0.0.255 a 0CE4(config-router)#network 192.168.3.0 0.0.0.255 a 0CE4(config-router)#network 77.1.1.0 0.0.0.255 a 0PE2路由器:
PE2(config)#ip vrf beijing PE2(config-vrf)#rd 2:2PE2(config-vrf)#route-target 2:2PE2(config-vrf)#exiPE2(config)#int s0/2PE2(config-if)#ip vrf forwarding beijing PE2(config-if)#ip address 192.168.3.4 255.255.255.0PE2(config-if)#no shutdownPE2(config)#router ospf 1 vrf beijing
PE2(config-router)#router-id 4.4.4.4PE2(config-router)#network 192.168.3.0 0.0.0.255 a 08、在PE1和PE2上做双向重发布
PE1路由器:将bgp重发布到ospf中PE1(config)#router ospf 1 vrf xian PE1(config-router)#redistribute bgp 1 subnets将ospf重发布到bgp中
PE1(config)#router bgp 1PE1(config-router)#address-family ipv4 vrf xianPE1(config-router-af)#redistribute ospf 1PE2路由器:
将bgp重发布到ospf中PE2(config)#router ospf 1 vrf beijingPE2(config-router)#redistribute bgp 1 subnets PE2(config-router)#exi将ospf重发布到bgp中
PE2(config)#router bgp 1PE2(config-router)#address-family ipv4 vrf beijingPE2(config-router-af)#redistribute ospf 1此时,CE3与CE4已经能够互相通信,检验如下:
CE3#ping 77.1.1.100 Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 77.1.1.100, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 38/40/45 msCE4#ping 192.168.1.100 source 77.1.1.100
Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 192.168.1.100, timeout is 2 seconds:Packet sent with a source address of 77.1.1.100 !!!!!但是,CE1与CE4、CE3与CE2不能互通,检验如下:
CE1#ping 77.1.1.100Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 77.1.1.100, timeout is 2 seconds:.....Success rate is 0 percent (0/5)CE3#ping 55.1.1.100
Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 55.1.1.100, timeout is 2 seconds:.....Success rate is 0 percent (0/5)9、部分路由表和VRF表
CE3路由器:路由表CE3#sho ip route Gateway of last resort is not set77.0.0.0/32 is subnetted, 1 subnetsO IA 77.1.1.100 [110/129] via 192.168.2.2, 00:31:50, Serial0/0192.168.1.0/24 is variably subnetted, 2 subnets, 2 masksC 192.168.1.0/24 is directly connected, Loopback0L 192.168.1.100/32 is directly connected, Loopback0192.168.2.0/24 is variably subnetted, 2 subnets, 2 masksC 192.168.2.0/24 is directly connected, Serial0/0L 192.168.2.6/32 is directly connected, Serial0/0O IA 192.168.3.0/24 [110/65] via 192.168.2.2, 00:33:31, Serial0/0192.168.4.0/32 is subnetted, 1 subnetsO IA 192.168.4.100 [110/129] via 192.168.2.2, 00:33:31, Serial0/0PE1路由器:
VRF表:xianPE1#sho ip route vrf xianRouting Table: xianGateway of last resort is not set77.0.0.0/32 is subnetted, 1 subnetsB 77.1.1.100 [200/65] via 4.4.4.4, 00:33:20192.168.1.0/32 is subnetted, 1 subnetsO 192.168.1.100 [110/65] via 192.168.2.6, 00:47:15, Serial0/2192.168.2.0/24 is variably subnetted, 2 subnets, 2 masksC 192.168.2.0/24 is directly connected, Serial0/2L 192.168.2.2/32 is directly connected, Serial0/2B 192.168.3.0/24 [200/0] via 4.4.4.4, 00:35:01192.168.4.0/32 is subnetted, 1 subnetsB 192.168.4.100 [200/65] via 4.4.4.4, 00:35:01CE4路由器:
路由表CE4#sho ip route Gateway of last resort is not set77.0.0.0/8 is variably subnetted, 2 subnets, 2 masksC 77.1.1.0/24 is directly connected, Loopback1L 77.1.1.100/32 is directly connected, Loopback1192.168.1.0/32 is subnetted, 1 subnetsO IA 192.168.1.100 [110/129] via 192.168.3.4, 00:37:26, Serial0/0O IA 192.168.2.0/24 [110/65] via 192.168.3.4, 00:37:26, Serial0/0192.168.3.0/24 is variably subnetted, 2 subnets, 2 masksC 192.168.3.0/24 is directly connected, Serial0/0L 192.168.3.7/32 is directly connected, Serial0/0192.168.4.0/24 is variably subnetted, 2 subnets, 2 masksC 192.168.4.0/24 is directly connected, Loopback0L 192.168.4.100/32 is directly connected, Loopback0PE2路由器
VRF表:beijingPE2#sho ip route vrf beijingRouting Table: beijingGateway of last resort is not set77.0.0.0/32 is subnetted, 1 subnetsO 77.1.1.100 [110/65] via 192.168.3.7, 00:36:28, Serial0/2192.168.1.0/32 is subnetted, 1 subnetsB 192.168.1.100 [200/65] via 2.2.2.2, 00:42:18B 192.168.2.0/24 [200/0] via 2.2.2.2, 00:42:18192.168.3.0/24 is variably subnetted, 2 subnets, 2 masksC 192.168.3.0/24 is directly connected, Serial0/2L 192.168.3.4/32 is directly connected, Serial0/2192.168.4.0/32 is subnetted, 1 subnetsO 192.168.4.100 [110/65] via 192.168.3.7, 00:39:01, Serial0/2四、注意
1、本案例中,CE与PE之间都是使用的动态路由协议,当然也可以使用静态。但是,当路由条目较多或需要添加路由条目时,使用动态路由协议比较方便。2、要注意PE端的配置,PE端有VRF。3、当CE与PE之间使用EIGRP协议时,要注意AS号的配置。转载于:https://blog.51cto.com/13596342/2155053
你可能感兴趣的文章
面积并
查看>>
java-JDBC
查看>>
通信术语解释
查看>>
对.NET跨平台的随想
查看>>
ng-view 路由 简单应用
查看>>
Nginx Rewrite规则初探(转)
查看>>
黑魔法NSURLProtocol 可拦截网络加载
查看>>
Webtop中新建文档,无法选择Type和Format
查看>>
Integration Services创建ETL包
查看>>
IE浏览器开发中遇到的问题
查看>>
【C#学习笔记】载入图片并居中
查看>>
php实现按utf8编码对字符串进行分割
查看>>
Ftp的断点下载实现
查看>>
[转载] ubuntu Authentication failure
查看>>
Ring0 - 链表
查看>>
修改数组之----splice
查看>>
a版本冲刺第五天
查看>>
Arduino示例教程超声波测距实验
查看>>
Redis操作hash
查看>>
轻松搞定个人虚拟桌面部署之5-在客户端测试远程桌面
查看>>