HUB-SPOKE模式主要是让SPOKECE的路由在HUBCE上进行交换,起到一个中心多个分支的效果,具体的可以百度。
其实HUBCE---HUBPE之间可以使用其他的路由协议,但是一样要注意环路的保护。如果是OSPF,则需要更改OSPF的***-TAG属性,如果SPOKE-CE是LSA3进入的,则无法实现HUBSPOKE。通常情况下HUBCE--HUBPE之间是运行的EBGP。要注意所有的SPOKE-PE上必须配置允许环路1次,HUBPE上必须在某一边出方向的***中配置允许环回1次。否则路由无法正常学习。另外所有PE上的RD最好都不一样,否则会出现问题。
下面是这次试验的配置。
<HUB-PE>
%Sep 29 09:15:00:780 2007 HUB-PE SHELL/5/LOGIN: Console login from con0
<HUB-PE>
<HUB-PE>
<HUB-PE>dis cur
#
sysname HUB-PE
#
cpu-usage cycle 1min
#
mpls lsr-id 11.11.11.1
#
radius scheme system
#
mpls
#
mpls ldp
#
ip ***-instance A
route-distinguisher 1:1
***-target 1:1 import-extcommunity
#
ip ***-instance B
route-distinguisher 1:3
***-target 1:2 export-extcommunity
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
interface Aux0
async mode flow
#
interface GigabitEthernet0/0/0
ip address 3.3.3.1 255.255.255.252
mpls
mpls ldp enable
#
interface GigabitEthernet0/0/1
ip address 4.4.4.1 255.255.255.252
mpls
mpls ldp enable
#
interface GigabitEthernet0/0/2
ip address dhcp-alloc
#
interface GigabitEthernet0/0/2.1
ip binding ***-instance A
ip address 1.1.1.2 255.255.255.252
vlan-type dot1q vid 1                    
#
interface GigabitEthernet0/0/2.2
ip binding ***-instance B
ip address 2.2.2.2 255.255.255.252
vlan-type dot1q vid 2
#
interface NULL0
#
interface LoopBack1
ip address 11.11.11.1 255.255.255.255
#
bgp 100
undo synchronization
group ibgpA internal
peer 11.11.11.2 group ibgpA
peer 11.11.11.2 connect-interface LoopBack1
group ibgpB internal
peer 11.11.11.3 group ibgpB
peer 11.11.11.3 connect-interface LoopBack1
#
ipv4-family ***-instance A
   undo synchronization
   group ebgpA external
   peer 1.1.1.1 group ebgpA as-number 200  
#
ipv4-family ***-instance B
   undo synchronization
   group ebgpB external
   peer 2.2.2.1 group ebgpB as-number 200
   peer 2.2.2.1 allow-as-loop 1
#
ipv4-family ***v4
   peer ibgpA enable
   peer 11.11.11.2 group ibgpA
   peer ibgpB enable
   peer 11.11.11.3 group ibgpB
#
ospf 1
area 0.0.0.0
   network 3.3.3.1 0.0.0.0
   network 4.4.4.1 0.0.0.0
   network 11.11.11.1 0.0.0.0
#
FTP server enable
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4                    
authentication-mode scheme
#
return
<HUB-PE>      
-----------------------------------------------------
[HUB-ce]dis cur
   Now create configuration...
   Current configuration
   !
     version 1.74
     sysname HUB-ce
     firewall enable
     aaa-enable
     aaa accounting-scheme optional
   !
   interface Aux0
     async mode flow
     link-protocol ppp
   !
   interface Ethernet0
   !
   interface Ethernet0.1
     vlan-type dot1q vid 1
     ip address 1.1.1.1 255.255.255.252
   !
   interface Ethernet0.2
     vlan-type dot1q vid 2
     ip address 2.2.2.1 255.255.255.252
   !
   interface Serial0
     link-protocol ppp                     
   !
   quit
   bgp 200
     undo synchronization
     peer 2.2.2.2 as-number 100
     peer 1.1.1.2 as-number 100
   !
   quit
   !
   return
[HUB-ce]  
------------------------------------------------------------
<SPOKE-PEB>
<SPOKE-PEB>dis cur
#
sysname SPOKE-PEB
#
cpu-usage cycle 1min
#
mpls lsr-id 11.11.11.3
#
radius scheme system
#
mpls
#
mpls ldp
#
ip ***-instance B
route-distinguisher 1:2
***-target 1:1 export-extcommunity
***-target 1:2 import-extcommunity
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp                         
#
interface Aux0
async mode flow
#
interface Ethernet0/0
ip address 4.4.4.2 255.255.255.252
mpls
mpls ldp enable
#
interface Ethernet0/1
ip address dhcp-alloc
#
interface Serial0/0
clock DTECLK1
link-protocol ppp
ip address dhcp-alloc
#
interface NULL0
#
interface LoopBack1
ip address 11.11.11.3 255.255.255.255
#
interface LoopBack2
ip binding ***-instance B                
ip address 222.222.222.222 255.255.255.0
#
bgp 100
undo synchronization
group ibgpB internal
peer 11.11.11.1 group ibgpB
peer 11.11.11.1 connect-interface LoopBack1
#
ipv4-family ***-instance B
   import-route direct
   undo synchronization
#
ipv4-family ***v4
   peer ibgpB enable
   peer ibgpB allow-as-loop
   peer 11.11.11.1 group ibgpB
#
ospf 1
area 0.0.0.0
   network 4.4.4.2 0.0.0.0
   network 11.11.11.3 0.0.0.0
#
FTP server enable
#                                         
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
---------------------------------------------------------------
<SPOKE-PEA>dis cur
#
sysname SPOKE-PEA
#
cpu-usage cycle 1min
#
mpls lsr-id 11.11.11.2
#
radius scheme system
#
mpls
#
mpls ldp
#
ip ***-instance A
route-distinguisher 1:1
***-target 1:1 export-extcommunity
***-target 1:2 import-extcommunity
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp                         
#
interface Aux0
async mode flow
#
interface Ethernet0/0
ip address 3.3.3.2 255.255.255.252
mpls
mpls ldp enable
#
interface Ethernet0/1
ip address dhcp-alloc
#
interface Serial0/0
link-protocol ppp
ip address dhcp-alloc
#
interface NULL0
#
interface LoopBack1
ip address 11.11.11.2 255.255.255.255
#
interface LoopBack2
ip binding ***-instance A
ip address 111.111.111.111 255.255.255.0
#
bgp 100
undo synchronization
group ibgpA internal
peer 11.11.11.1 group ibgpA
peer 11.11.11.1 connect-interface LoopBack1
#
ipv4-family ***-instance A
   import-route direct
   undo synchronization
#
ipv4-family ***v4
   peer ibgpA enable
   peer 11.11.11.1 group ibgpA
   peer 11.11.11.1 allow-as-loop
#
ospf 1
area 0.0.0.0
   network 3.3.3.2 0.0.0.0
   network 11.11.11.2 0.0.0.0
#
FTP server enable
#
user-interface con 0                      
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
-----------------------------------------------------------------------
另外要注意一个重要的关于RD的问题。
当2个***,在某***没有RT入策略,会存在的问题。
同一个***如果RT相同,但是2个RD不同的路由都会存放到这个***中。不过如果另外一个***在没有设置入方向的RT策略的时候,如果RD与某条***1中的路由RD一样,则会接收***1中的路由,这充分证明了,RD某些时候也是逼不得已的为路由存放做出贡献。当然如果***2有RT列表,则在之前久会被RT过滤掉,不会存在这样的情况。
   因此这样的情况会造成HUBSPOKE模型中,HUBPE,接收来自***1的IBGP路由因为是带LABLE的必须优选,而从HUBCE来的EBGP路由没有被优选,最后因为IBGP的水平分割导致下方的SPOKEPE无法学习路由。
所以要记住,如果HUBSPOKE模式,那SPOKEPE和HUBPE的***中RD最好全都不一样否则会出现该问题。