1.实验环境:

某公司需要通过mpls vpn实现总部和分部的互访,并且要实现不同部门之间的业务隔离,为了节省开支,总公司使用MCE设备接入不同的部门。要求分公司A只能访问总公司的部门A,分公司B只能访问总公司的部门B。

(1)CE1和CE3为分公司A和分公司B的CE设备;

(2)MCE作为VPN多实例设备接入总公司侧的部门A和部门B;

(3)分公司A和部门A属于vpn实例vpn1、分公司B和部门B属于vpn实例vpn2。

要求相同的vpn实例能够互访,不同的vpn实例不能互访。

2.实验目的:

掌握MCE的应用场景和基本配置

3.实验拓扑:

配置MPLS VPN基本组网-MCE实验拓扑所示。

mpls组播协议 mpls组网方案_OSPF

4.实验步骤:

1)配置接口ip地址,ip规划见表

 配置mpls vpn MCE组网实验ip地址规划表

设备名称

接口编号

Ip地址

所属Vpn实例

PE1

G0/0/0

10.0.11.1/24

vpn1

PE1

G0/0/1

12.1.1.1/24


PE1

G0/0/2

10.0.13.1/24

vpn2

PE1

Loopback 0

1.1.1.1/32


PE2

G0/0/0

23.1.1.2/24


PE2

G0/0/1.10

10.0.100.1/24

vpn1

PE2

G0/0/1.20

10.0.101.1/24

vpn2

PE2

Loopback 0

3.3.3.3/32


P

G0/0/0

12.1.1.2/24


P

G0/0/1

23.1.1.1/24


P

Loopback 0

2.2.2.2/32


CE1

G0/0/0

10.0.11.2/24


CE1

Loopback 0

10.10.10.10/32


CE2

G0/0/0

10.0.2.2/24


CE2

Loopback 0

20.20.20.20/32


CE3

G0/0/0

10.0.13.2/24


CE3

Loopback 0

30.30.30.30/32


CE4

G0/0/0

10.0.4.2/24


CE4

Loopback 0

4.4.4.4/32


MCE

G0/0/0.10

10.0.100.2/24

vpn1

MCE

G0/0/0.20

10.0.101.2/24

vpn2

MCE

G0/0/1

10.0.2.1/24

vpn1

MCE

G0/0/2

10.0.4,1/24

vpn2

2)配置ISP网络的IGP协议

PE1的配置:

[PE1]ospf

[PE1-ospf-1]area 0

[PE1-ospf-1-area-0.0.0.0]network  12.1.1.0 0.0.0.255

[PE1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0

PE2的配置:

[PE2]ospf

[PE2-ospf-1]area 0

[PE2-ospf-1-area-0.0.0.0]network 23.1.1.0 0.0.0.255

[PE2-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0

P的配置:

[P]ospf

[P-ospf-1]area 0

[P-ospf-1-area-0.0.0.0]network  12.1.1.0 0.0.0.255

[P-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0

[P-ospf-1-area-0.0.0.0]network 23.1.1.0 0.0.0.255

查看公网路由的学习情况

[P]display  ip routing-table protocol ospf

Route Flags: R - relay, D - download to fib

------------------------------------------------------------------------------

Public routing table : OSPF

         Destinations : 2        Routes : 2       



OSPF routing table status : <Active>

         Destinations : 2        Routes : 2



Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface



        1.1.1.1/32  OSPF    10   1           D   12.1.1.1        GigabitEthernet0/0/0

        3.3.3.3/32  OSPF    10   1           D   23.1.1.2        GigabitEthernet0/0/1



OSPF routing table status : <Inactive>

         Destinations : 0        Routes : 0

3)配置ISP内部的mpls及mpls ldp,建立公网的lsp隧道

PE1的配置:

[PE1]mpls  lsr-id  1.1.1.1

[PE1]mpls

[PE1-mpls]q

[PE1]mpls ldp

[PE1-mpls-ldp]q

[PE1]int g0/0/1

[PE1-GigabitEthernet0/0/1]mpls

[PE1-GigabitEthernet0/0/1]mpls ldp

P的配置:

[P]mpls ls

[P]mpls lsr-id 2.2.2.2

[P]mpls

[P-mpls]q

[P]mpls ldp

[P-mpls-ldp]q

[P]interface  g0/0/0

[P-GigabitEthernet0/0/0]mpls ldp

[P-GigabitEthernet0/0/0]q

[P]interface  g0/0/1

[P-GigabitEthernet0/0/1]mpls

[P-GigabitEthernet0/0/1]mpls ldp

PE2的配置

[PE2]mpls  lsr-id  3.3.3.3

[PE2]mpls

[PE2-mpls]q

[PE2]mpls ldp

[PE2-mpls-ldp]q

[PE2]interface g0/0/0

[PE2-GigabitEthernet0/0/0]mpls

[PE2-GigabitEthernet0/0/0]mpls ldp

查看mpls lsp的建立情况

[PE1]display mpls  lsp

-------------------------------------------------------------------------------

                 LSP Information: LDP LSP

-------------------------------------------------------------------------------

FEC                In/Out Label  In/Out IF                      Vrf Name      

1.1.1.1/32         3/NULL        -/-                                          

2.2.2.2/32         NULL/3        -/GE0/0/1                                    

2.2.2.2/32         1024/3        -/GE0/0/1                                     

3.3.3.3/32         NULL/1025     -/GE0/0/1                                    

3.3.3.3/32         1025/1025     -/GE0/0/1

4)配置vpn实例,并且将接口加入到vpn实例中

PE1的配置:

[PE1]ip vpn-instance vpn1

[PE1-vpn-instance-vpn1]route-distinguisher 100:1

[PE1-vpn-instance-vpn1-af-ipv4]vpn-target 1:1 both

[PE1]interface  g0/0/0

[PE1-GigabitEthernet0/0/0]ip binding vpn-instance vpn1

[PE1-GigabitEthernet0/0/0]ip address  10.0.11.1 24

PE1的配置:

[PE1]ip vpn-instance vpn2

[PE1-vpn-instance-vpn2]route-distinguisher 200:1

[PE1-vpn-instance-vpn2-af-ipv4]vpn-target 2:2 both

[PE1]interface  g0/0/2

[PE1-GigabitEthernet0/0/2]ip binding  vpn-instance vpn2                    

[PE1-GigabitEthernet0/0/2]ip address  10.0.13.1 24

PE2的配置:

[PE2]ip vpn-instance vpn1

[PE2-vpn-instance-vpn1]  route-distinguisher 100:2

[PE2-vpn-instance-vpn1-af-ipv4]  vpn-target 1:1 both

[PE2]interface  g0/0/1.10

[PE2-GigabitEthernet0/0/1.10]ip binding vpn-instance vpn1

[PE2-GigabitEthernet0/0/1.10]ip address  10.0.100.1 24

[PE2-GigabitEthernet0/0/1.10]dot1q termination vid 10

PE2的配置:

[PE2]ip vpn-instance vpn2

[PE2-vpn-instance-vpn2] route-distinguisher 200:2

[PE2-vpn-instance-vpn2-af-ipv4] vpn-target 2:2 both

[PE2]interface  g0/0/1.20

[PE2-GigabitEthernet0/0/1.20]ip binding vpn-instance vpn2

[PE2-GigabitEthernet0/0/1.20]ip address  10.0.101.1 24

[PE2-GigabitEthernet0/0/1.20]dot1q termination vid 20

MCE的配置(vpn实例vpn1):

[MCE]ip vpn-instance vpn1

[MCE-vpn-instance-vpn1]route-distinguisher 100:3

[MCE-vpn-instance-vpn1-af-ipv4]vpn-target 1:1 both

[MCE]interface  g0/0/0.10

[MCE-GigabitEthernet0/0/0.10]ip binding vpn-instance vpn1

[MCE-GigabitEthernet0/0/0.10]dot1q termination vid 10

[MCE-GigabitEthernet0/0/0.10]ip address  10.0.100.2 24

[MCE]interface  g0/0/1

[MCE-GigabitEthernet0/0/1]ip binding vpn-instance vpn1

[MCE-GigabitEthernet0/0/1]ip address  10.0.2.1 24

MCE的配置(vpn实例vpn2):

[MCE]ip vpn-instance vpn2

[MCE-vpn-instance-vpn2]route-distinguisher 200:3

[MCE-vpn-instance-vpn2-af-ipv4]vpn-target 2:2 both

[MCE]interface  g0/0/0.20

[MCE-GigabitEthernet0/0/0.20]ip binding  vpn-instance vpn2

[MCE-GigabitEthernet0/0/0.20]dot1q termination vid 20

[MCE-GigabitEthernet0/0/0.20]ip address  10.0.101.2 24

[MCE]interface  g0/0/2

[MCE-GigabitEthernet0/0/2]ip binding  vpn-instance vpn2

[MCE-GigabitEthernet0/0/2]ip address  10.0.4.1 24

注意:由于PE2和MCE要区分两个不同部门的路由,实现业务隔离,因此需要配置两个vpn实例,并且使用子接口的方式,将子接口划分到不同的vpn实例中,实现业务流量和路由层面的隔离。

5)配置PE与CE的路由协议,本案例全部使用ospf

配置公司总部部门A和部门B的ospf协议

PE2的配置:

[PE2]ospf 100 vpn-instance vpn1   

[PE2-ospf-100]area  0

[PE2-ospf-100-area-0.0.0.0]network 10.0.100.0 0.0.0.255

[PE2]ospf 200 vpn-instance vpn2

[PE2-ospf-200]area  0

[PE2-ospf-200-area-0.0.0.0]network  10.0.101.0 0.0.0.255

MCE的配置

[MCE]ospf 100 vpn-instance vpn1

[MCE-ospf-100]area  0

[MCE-ospf-100-area-0.0.0.0]network  10.0.100.0 0.0.0.255

[MCE-ospf-100-area-0.0.0.0]network  10.0.2.0 0.0.0.255
[MCE]ospf 200 vpn-instance  vpn2

[MCE-ospf-200]area  0

[MCE-ospf-200-area-0.0.0.0]network 10.0.101.0 0.0.0.255

[MCE-ospf-200-area-0.0.0.0]network  10.0.4.0 0.0.0.255

CE2的配置

[CE2]ospf 100

[CE2-ospf-100]area 0

[CE2-ospf-100-area-0.0.0.0]network  10.0.2.0 0.0.0.255

[CE2-ospf-100-area-0.0.0.0]network  20.20.20.20 0.0.0.0

CE4的配置

[CE4]ospf 200

[CE4-ospf-200]area 0 

[CE4-ospf-200-area-0.0.0.0]network  10.0.4.0 0.0.0.255

[CE4-ospf-200-area-0.0.0.0]network  40.40.40.40 0.0.0.0

查看MCE的ospf邻居关系

<MCE>display  ospf peer  brief



         OSPF Process 100 with Router ID 10.0.100.2

                  Peer Statistic Information

 ----------------------------------------------------------------------------

 Area Id          Interface                        Neighbor id      State   

 0.0.0.0          GigabitEthernet0/0/0.10          10.0.100.1       Full       

 0.0.0.0          GigabitEthernet0/0/1             10.0.2.2         Full       

 ----------------------------------------------------------------------------



         OSPF Process 200 with Router ID 10.0.101.2

                  Peer Statistic Information

 ----------------------------------------------------------------------------

 Area Id          Interface                        Neighbor id      State   

 0.0.0.0          GigabitEthernet0/0/0.20          10.0.101.1       Full       

 0.0.0.0          GigabitEthernet0/0/2             10.0.4.2         Full       

 ----------------------------------------------------------------------------

可以看到MCE与PE2以及CE2、CE4建立了ospf的邻居关系

查看MCE的路由表

Vpn实例vpn1的路由表

<MCE>display  ip routing-table vpn-instance vpn1

Route Flags: R - relay, D - download to fib

------------------------------------------------------------------------------

Routing Tables: vpn1

         Destinations : 8        Routes : 8       



Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface



       10.0.2.0/24  Direct  0    0           D   10.0.2.1        GigabitEthernet0/0/1

       10.0.2.1/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/1

     10.0.2.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/1

     10.0.100.0/24  Direct  0    0           D   10.0.100.2      GigabitEthernet0/0/0.10

     10.0.100.2/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0.10

   10.0.100.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0.10

    20.20.20.20/32  OSPF    10   1           D   10.0.2.2        GigabitEthernet0/0/1

255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

结果表明能够学习到20.20.20.20/32的路由。

Vpn实例vpn2的路由表

<MCE>display ip routing-table vpn-instance vpn2

Route Flags: R - relay, D - download to fib

------------------------------------------------------------------------------

Routing Tables: vpn2

         Destinations : 8        Routes : 8       



Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface



       10.0.4.0/24  Direct  0    0           D   10.0.4.1        GigabitEthernet0/0/2

       10.0.4.1/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/2

     10.0.4.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/2

     10.0.101.0/24  Direct  0    0           D   10.0.101.2      GigabitEthernet0/0/0.20

     10.0.101.2/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0.20

   10.0.101.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0.20

    40.40.40.40/32  OSPF    10   1           D   10.0.4.2        GigabitEthernet0/0/2

255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

结果表明能够学习到40.40.40.40/32的路由。

   

配置公司分部和PE之间的路由协议

PE1的配置:

[PE1]ospf 100 vpn-instance vpn1

[PE1-ospf-100]area  0

[PE1-ospf-100-area-0.0.0.0]network  10.0.11.0 0.0.0.255

[PE1]ospf 200 vpn-instance vpn2

[PE1-ospf-200]area  0

[PE1-ospf-200-area-0.0.0.0]network  10.0.13.0 0.0.0.255

CE1的配置:

[CE1]ospf 100

[CE1-ospf-100]area 0

[CE1-ospf-100-area-0.0.0.0]network  10.10.10.10 0.0.0.0

[CE1-ospf-100-area-0.0.0.0]network 10.0.11.0 0.0.0.255

CE3的配置:

[CE3]ospf 200

[CE3-ospf-200]area  0

[CE3-ospf-200-area-0.0.0.0]network  10.0.13.0 0.0.0.255

[CE3-ospf-200-area-0.0.0.0]network  30.30.30.30 0.0.0.0

6)配置PE之间的mp-bgp

配置MP-BGP的邻居关系

PE1的配置:

[PE1]bgp  100

[PE1-bgp]peer  3.3.3.3 as-number 100

[PE1-bgp]peer  3.3.3.3 connect-interface LoopBack 0

[PE1-bgp]ipv4-family vpnv4

[PE1-bgp-af-vpnv4]peer  3.3.3.3 enable

PE2的配置:

[PE2]bgp  100

[PE2-bgp]peer  1.1.1.1 as-number 100

[PE2-bgp]peer  1.1.1.1 connect-interface LoopBack 0

[PE2-bgp]ipv4-family vpnv4

[PE2-bgp-af-vpnv4]peer  1.1.1.1 enable

查看PE1的vpnv4邻居是否建立:

[PE1]display  bgp  vpnv4 all  peer



 BGP local router ID : 12.1.1.1

 Local AS number : 100

 Total number of peers : 1                Peers in established state : 1



  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv



  3.3.3.3         4         100        2        3     0 00:00:49 Established       0

在PE将从CE学习到的ospf路由引入到BGP中,通过MP-BGP传递给对端PE,并且将BGP的路由引入到ospf中,发布给CE设备。

PE1的配置:

[PE1]bgp  100

[PE1-bgp]ipv4-family vpn-instance vpn1

[PE1-bgp-vpn1]import-route  ospf 100

[PE1-bgp-vpn1]q

[PE1-bgp]ipv4-family vpn-instance vpn2

[PE1-bgp-vpn2]import-route  ospf 200

[PE1]ospf 100

[PE1-ospf-100]import-route  bgp

[PE1]ospf 200

[PE1-ospf-200]import-route  bgp

PE2的配置:

[PE2]bgp  100

[PE2-bgp]ipv4-family vpn-instance vpn1

[PE2-bgp-vpn1]import-route  ospf 100

[PE2-bgp-vpn1]q

[PE2-bgp]ipv4-family vpn-instance vpn2

[PE2-bgp-vpn2]import-route  ospf 200

[PE2]ospf 100

[PE2-ospf-100]import-route  bgp

[PE2]ospf 200

[PE2-ospf-200]import-route  bgp

查看PE2的BGP vpnv4路由:

查看vpn实例vpn1的路由表

[PE2]display bgp vpnv4 vpn-instance  vpn1 routing-table



 BGP Local router ID is 23.1.1.2

 Status codes: * - valid, > - best, d - damped,

               h - history,  i - internal, s - suppressed, S - Stale

               Origin : i - IGP, e - EGP, ? - incomplete





 VPN-Instance vpn1, Router ID 23.1.1.2:



 Total Number of Routes: 5

      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn



 *>   10.0.2.0/24        0.0.0.0         3                     0      ?

 *>i  10.0.11.0/24       1.1.1.1         0          100        0      ?

 *>   10.0.100.0/24      0.0.0.0         0                     0      ?

 *>i  10.10.10.10/32     1.1.1.1         2          100        0      ?

 *>   20.20.20.20/32     0.0.0.0         3                     0      ?

结果表明,包含CE1(10.10.10.10)和CE2(20.20.20.20)的路由信息。

查看vpn实例vpn2的路由表

[PE2]display bgp vpnv4 vpn-instance vpn2 routing-table



 BGP Local router ID is 23.1.1.2

 Status codes: * - valid, > - best, d - damped,

               h - history,  i - internal, s - suppressed, S - Stale

               Origin : i - IGP, e - EGP, ? - incomplete





 VPN-Instance vpn2, Router ID 23.1.1.2:



 Total Number of Routes: 5

      Network            NextHop        MED        LocPrf    PrefVal Path/Ogn



 *>   10.0.4.0/24        0.0.0.0         3                     0      ?

 *>i  10.0.13.0/24       1.1.1.1         0          100        0      ?

 *>   10.0.101.0/24      0.0.0.0         0                     0      ?

 *>i  30.30.30.30/32     1.1.1.1         2          100        0      ?

 *>   40.40.40.40/32     0.0.0.0         3                     0      ?

结果表明,包含CE3(30.30.30.30)和CE4(40.40.40.40)的路由信息。

以vpn实例vpn1的站点为例,查看CE1和CE2的路由表:

<CE1>display  ip routing-table

Route Flags: R - relay, D - download to fib

------------------------------------------------------------------------------

Routing Tables: Public

         Destinations : 11       Routes : 11      



Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface



       10.0.2.0/24  OSPF    10   4           D   10.0.11.1       GigabitEthernet0/0/0

      10.0.11.0/24  Direct  0    0           D   10.0.11.2       GigabitEthernet0/0/0

      10.0.11.2/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0

    10.0.11.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0

     10.0.100.0/24  O_ASE   150  1           D   10.0.11.1       GigabitEthernet0/0/0

    10.10.10.10/32  Direct  0    0           D   127.0.0.1       LoopBack0

    20.20.20.20/32  OSPF    10   4           D   10.0.11.1       GigabitEthernet0/0/0

      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0

      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0

127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0



<CE2>display  ip routing-table

Route Flags: R - relay, D - download to fib

------------------------------------------------------------------------------

Routing Tables: Public

         Destinations : 11       Routes : 11      



Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface



       10.0.2.0/24  Direct  0    0           D   10.0.2.2        GigabitEthernet0/0/0

       10.0.2.2/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0

     10.0.2.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0

      10.0.11.0/24  O_ASE   150  1           D   10.0.2.1        GigabitEthernet0/0/0

     10.0.100.0/24  OSPF    10   2           D   10.0.2.1        GigabitEthernet0/0/0

    10.10.10.10/32  OSPF    10   4           D   10.0.2.1        GigabitEthernet0/0/0

    20.20.20.20/32  Direct  0    0           D   127.0.0.1       LoopBack0

      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0

      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0

127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

结果表明CE1能够学习到CE2的20.20.20.20/32的路由,但是CE2无法学习到CE1的10.10.10.10/32的路由。

查看MCE的vpn实例路由表,

[MCE]display  ip routing-table  vpn-instance vpn1

Route Flags: R - relay, D - download to fib

------------------------------------------------------------------------------

Routing Tables: vpn1

         Destinations : 8        Routes : 8       



Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface



       10.0.2.0/24  Direct  0    0           D   10.0.2.1        GigabitEthernet0/0/1

       10.0.2.1/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/1

     10.0.2.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/1

     10.0.100.0/24  Direct  0    0           D   10.0.100.2      GigabitEthernet0/0/0.10

     10.0.100.2/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0.10

   10.0.100.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0.10

    20.20.20.20/32  OSPF    10   1           D   10.0.2.2        GigabitEthernet0/0/1

255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

结果表明,MCE并没有10.10.10.10/32的路由信息。但是与PE2的ospf邻居可以正常建立。

查看MCE的ospf 100的lsdb。

[MCE]display ospf 100 lsdb



         OSPF Process 100 with Router ID 10.0.100.2

                 Link State Database



                         Area: 0.0.0.0

 Type      LinkState ID    AdvRouter          Age  Len   Sequence   Metric

 Router    10.0.2.2        10.0.2.2           494  48    80000004       1

 Router    10.0.100.2      10.0.100.2         489  48    80000008       1

 Router    10.0.100.1      10.0.100.1         599  36    80000005       1

 Network   10.0.2.1        10.0.100.2         489  32    80000002       0

 Network   10.0.100.1      10.0.100.1         599  32    80000002       0

 Sum-Net   10.10.10.10     10.0.100.1         134  28    80000001       2

 



                 AS External Database

 Type      LinkState ID    AdvRouter          Age  Len   Sequence   Metric

 External  10.0.11.0       10.0.100.1         134  36    80000001       1

结果表明,可以学习到10.10.10.10这条3类lsa,但是并没有产生10.10.10.10/32的ospf路由。原因是由于为了防止环路,OSPF多实例进程使用LSA Options域中一个原先未使用的比特作为标志位,称为DN位。当设备收到DN置位的lsa时,将执行接收不计算的动作,因此需要在ospf进程中关闭该功能。

在MCE中关闭环路检测功能

MCE的配置:

[MCE]ospf 100

[MCE-ospf-100]vpn-instance-capability  simple//用来禁止路由环路检测,直接进行路由计算。

[MCE]ospf 200

[MCE-ospf-200]vpn-instance-capability simple

再次查看MCE的vpn实例vpn1的路由表

[MCE]display  ip routing-table vpn-instance vpn1

Route Flags: R - relay, D - download to fib

------------------------------------------------------------------------------

Routing Tables: vpn1

         Destinations : 10       Routes : 10      



Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface



       10.0.2.0/24  Direct  0    0           D   10.0.2.1        GigabitEthernet0/0/1

       10.0.2.1/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/1

     10.0.2.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/1

      10.0.11.0/24  O_ASE   150  1           D   10.0.100.1      GigabitEthernet0/0/0.10

     10.0.100.0/24  Direct  0    0           D   10.0.100.2      GigabitEthernet0/0/0.10

     10.0.100.2/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0.10

   10.0.100.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0.10

    10.10.10.10/32  OSPF    10   3           D   10.0.100.1      GigabitEthernet0/0/0.10

    20.20.20.20/32  OSPF    10   1           D   10.0.2.2        GigabitEthernet0/0/1

255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

结果表明,可以正常学习到10.10.10.10/32的路由信息。

查看CE2的路由表

<CE2>display ip routing-table

Route Flags: R - relay, D - download to fib

------------------------------------------------------------------------------

Routing Tables: Public

         Destinations : 11       Routes : 11      



Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface



       10.0.2.0/24  Direct  0    0           D   10.0.2.2        GigabitEthernet0/0/0

       10.0.2.2/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0

     10.0.2.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet0/0/0

      10.0.11.0/24  O_ASE   150  1           D   10.0.2.1        GigabitEthernet0/0/0

     10.0.100.0/24  OSPF    10   2           D   10.0.2.1        GigabitEthernet0/0/0

    10.10.10.10/32  OSPF    10   4           D   10.0.2.1        GigabitEthernet0/0/0

    20.20.20.20/32  Direct  0    0           D   127.0.0.1       LoopBack0

      127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0

      127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0

127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

结果表明,也可以正常学习到10.10.10.10/32的路由信息。

7)测试实验结果

<CE1>ping 20.20.20.20

  PING 20.20.20.20: 56  data bytes, press CTRL_C to break

    Reply from 20.20.20.20: bytes=56 Sequence=1 ttl=251 time=50 ms

    Reply from 20.20.20.20: bytes=56 Sequence=2 ttl=251 time=40 ms

    Reply from 20.20.20.20: bytes=56 Sequence=3 ttl=251 time=50 ms

    Reply from 20.20.20.20: bytes=56 Sequence=4 ttl=251 time=50 ms

    Reply from 20.20.20.20: bytes=56 Sequence=5 ttl=251 time=40 ms



  --- 20.20.20.20 ping statistics ---

    5 packet(s) transmitted

    5 packet(s) received

    0.00% packet loss

    round-trip min/avg/max = 40/46/50 ms



<CE1>ping 40.40.40.40

  PING 40.40.40.40: 56  data bytes, press CTRL_C to break

    Request time out

    Request time out

    Request time out

    Request time out

    Request time out



  --- 40.40.40.40 ping statistics ---

    5 packet(s) transmitted

    0 packet(s) received

    100.00% packet loss

CE1可以正常访问CE2,但是无法访问CE4。

<CE3>ping 40.40.40.40       

  PING 40.40.40.40: 56  data bytes, press CTRL_C to break

    Reply from 40.40.40.40: bytes=56 Sequence=1 ttl=251 time=60 ms

    Reply from 40.40.40.40: bytes=56 Sequence=2 ttl=251 time=50 ms

    Reply from 40.40.40.40: bytes=56 Sequence=3 ttl=251 time=50 ms

    Reply from 40.40.40.40: bytes=56 Sequence=4 ttl=251 time=40 ms

    Reply from 40.40.40.40: bytes=56 Sequence=5 ttl=251 time=40 ms



  --- 40.40.40.40 ping statistics ---

    5 packet(s) transmitted

    5 packet(s) received

    0.00% packet loss

    round-trip min/avg/max = 40/48/60 ms



<CE3>ping 20.20.20.20

  PING 20.20.20.20: 56  data bytes, press CTRL_C to break

    Request time out

    Request time out

    Request time out

    Request time out

    Request time out



  --- 20.20.20.20 ping statistics ---

    5 packet(s) transmitted

    0 packet(s) received

    100.00% packet loss