如上图所示:
R1/R3 模拟为PE R2 模拟为P R4/R6 模拟为CE
在R1/R2/R3上起RIP,分别在R1和R3上都起2个不同的vpn实例;
CE端用子接口来区分模拟2个不同vpn实例,都是相同网段的地址。
vpnA两边的模拟用户是100.1.1.1和100.1.1.2
×××B两边模拟的用户是100.1.1.4和100.1.1.6
不同×××的相同用户可以互访。
配置信息如下:
R1配置信息:
ip vrf mpls
rd 100:1
route-target export 1:100
route-target import 1:100
!
ip vrf test
rd 200:1
route-target export 200:1
route-target import 200:1
!
ip cef
mpls label protocol ldp
interface Loopback10
ip address 10.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 1.1.1.1 255.255.255.0
duplex auto
speed auto
mpls label protocol ldp
tag-switching ip
!
interface FastEthernet0/1
ip vrf forwarding mpls
ip address 4.1.1.1 255.255.255.0
duplex auto
speed auto
tag-switching ip
!
interface FastEthernet0/1.100
encapsulation dot1Q 100
ip vrf forwarding test
ip address 104.1.1.1 255.255.255.0
tag-switching ip
!
router rip
version 2
network 1.0.0.0
network 10.0.0.0
no auto-summary
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 30.1.1.1 remote-as 100
neighbor 30.1.1.1 update-source Loopback10
no auto-summary
!
address-family vpnv4
neighbor 30.1.1.1 activate
neighbor 30.1.1.1 send-community both
exit-address-family
!
address-family ipv4 vrf test
redistribute connected
redistribute static
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf mpls
redistribute connected
redistribute static
no auto-summary
no synchronization
exit-address-family
!
ip classless
ip route vrf mpls 100.1.1.2 255.255.255.255 4.1.1.4
ip route vrf test 100.1.1.4 255.255.255.255 104.1.1.4
R2配置信息:
ip cef
mpls label protocol ldp
interface Loopback20
ip address 20.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address 1.1.1.2 255.255.255.0
duplex auto
speed auto
mpls label protocol ldp
tag-switching ip
!
interface FastEthernet0/1
ip address 2.2.2.2 255.255.255.0
duplex auto
speed auto
mpls label protocol ldp
tag-switching ip
!
router rip
version 2
network 1.0.0.0
network 2.0.0.0
network 20.0.0.0
no auto-summary
!
R3配置信息:
ip vrf mpls
rd 100:1
route-target export 1:100
route-target import 1:100
!
ip vrf test1
rd 200:1
route-target export 200:1
route-target import 200:1
!
ip cef
mpls label protocol ldp
interface Loopback30
ip address 30.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip vrf forwarding mpls
ip address 6.1.1.3 255.255.255.0
duplex auto
speed auto
tag-switching ip
!
interface FastEthernet0/0.100
encapsulation dot1Q 100
ip vrf forwarding test1
ip address 103.1.1.3 255.255.255.0
tag-switching ip
!
interface FastEthernet0/1
ip address 2.2.2.3 255.255.255.0
duplex auto
speed auto
mpls label protocol ldp
tag-switching ip
!
router rip
version 2
network 2.0.0.0
network 30.0.0.0
no auto-summary
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 10.1.1.1 remote-as 100
neighbor 10.1.1.1 update-source Loopback30
no auto-summary
!
address-family vpnv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.1 send-community both
exit-address-family
!
address-family ipv4 vrf test1
redistribute connected
redistribute static
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf mpls
redistribute connected
redistribute static
no auto-summary
no synchronization
exit-address-family
!
ip classless
ip route vrf mpls 100.1.1.1 255.255.255.255 6.1.1.6 ----100.1.1.1和100.1.1.2在同一个×××实例
ip route vrf test1 100.1.1.6 255.255.255.255 103.1.1.6 ----100.1.1.6和100.1.1.4在同一个×××实例
R4配置信息:
interface Loopback100
ip address 100.1.1.2 255.255.255.255
!
interface Loopback101
ip address 100.1.1.4 255.255.255.255
!
interface FastEthernet0/1
ip address 4.1.1.4 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1.100
encapsulation dot1Q 100
ip address 104.1.1.4 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 4.1.1.1
ip route 100.1.1.6 255.255.255.255 104.1.1.1
R6配置信息:
interface Loopback100
ip address 100.1.1.1 255.255.255.255
!
interface Loopback103
ip address 100.1.1.6 255.255.255.255
!
interface FastEthernet0/0
ip address 6.1.1.6 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/0.100
encapsulation dot1Q 100
ip address 103.1.1.6 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 6.1.1.3
ip route 100.1.1.4 255.255.255.255 103.1.1.3
在R3路由信息:
R3#show ip route vrf mpls
Routing Table: mpls
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
100.0.0.0/32 is subnetted, 2 subnets
S 100.1.1.1 [1/0] via 6.1.1.6
B 100.1.1.2 [200/0] via 10.1.1.1, 3d22h
4.0.0.0/24 is subnetted, 1 subnets
B 4.1.1.0 [200/0] via 10.1.1.1, 3d23h
6.0.0.0/24 is subnetted, 1 subnets
C 6.1.1.0 is directly connected, FastEthernet0/0
R3#show ip route vrf test1
Routing Table: test1
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
103.0.0.0/24 is subnetted, 1 subnets
C 103.1.1.0 is directly connected, FastEthernet0/0.100
100.0.0.0/32 is subnetted, 2 subnets
B 100.1.1.4 [200/0] via 10.1.1.1, 3d21h
S 100.1.1.6 [1/0] via 103.1.1.6
104.0.0.0/24 is subnetted, 1 subnets
B 104.1.1.0 [200/0] via 10.1.1.1, 3d21h
MPLS转发表:
R3#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 18 10.1.1.1/32 0 Fa0/1 2.2.2.2
17 Pop tag 1.1.1.0/24 0 Fa0/1 2.2.2.2
19 Aggregate 6.1.1.0/24[V] 115046
20 Aggregate 103.1.1.0/24[V] 0
21 Pop tag 20.1.1.0/24 0 Fa0/1 2.2.2.2
22 18 100.1.1.2/32[V] 0 Fa0/1 2.2.2.2
24 18 4.1.1.0/24[V] 0 Fa0/1 2.2.2.2
25 Untagged 100.1.1.1/32[V] 18582 Fa0/0 6.1.1.6
26 Untagged 100.1.1.6/32[V] 93456 Fa0/0.100 103.1.1.6
27 18 100.1.1.4/32[V] 0 Fa0/1 2.2.2.2
28 18 104.1.1.0/24[V] 0 Fa0/1 2.2.2.2
在R1的路由信息
MPLS转发表:
R1#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 19 30.1.1.1/32 0 Fa0/0 1.1.1.2
17 Pop tag 2.2.2.0/24 0 Fa0/0 1.1.1.2
18 Aggregate 4.1.1.0/24[V] 2392
19 19 6.1.1.0/24[V] 0 Fa0/0 1.1.1.2
20 19 100.1.1.6/32[V] 0 Fa0/0 1.1.1.2
22 Pop tag 20.1.1.0/24 0 Fa0/0 1.1.1.2
23 Untagged 100.1.1.2/32[V] 27930 Fa0/1 4.1.1.4
24 19 100.1.1.1/32[V] 0 Fa0/0 1.1.1.2
25 19 103.1.1.0/24[V] 0 Fa0/0 1.1.1.2
26 Untagged 100.1.1.4/32[V] 63130 Fa0/1.100 104.1.1.4
28 Aggregate 104.1.1.0/24[V] 0
在R6上进行测试网络的连通性
R6#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 6.1.1.3 to network 0.0.0.0
103.0.0.0/24 is subnetted, 1 subnets
C 103.1.1.0 is directly connected, FastEthernet0/0.100
100.0.0.0/32 is subnetted, 3 subnets
S 100.1.1.4 [1/0] via 103.1.1.3
C 100.1.1.6 is directly connected, Loopback103
C 100.1.1.1 is directly connected, Loopback100
6.0.0.0/24 is subnetted, 1 subnets
C 6.1.1.0 is directly connected, FastEthernet0/0
60.0.0.0/24 is subnetted, 1 subnets
C 60.1.1.0 is directly connected, Loopback6
S* 0.0.0.0/0 [1/0] via 6.1.1.3
R6#ping 100.1.1.2 source 100.1.1.1 repeat 10
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 100.1.1.2, timeout is 2 seconds:
Packet sent with a source address of 100.1.1.1
!!!!!!!!!!
Success rate is 100 percent (10/10), round-trip min/avg/max = 108/152/204 ms
R6#ping 100.1.1.4 source 100.1.1.1 repeat 10
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 100.1.1.4, timeout is 2 seconds:
Packet sent with a source address of 100.1.1.1
!.!!!!!!!!
Success rate is 90 percent (9/10), round-trip min/avg/max = 108/136/172 ms
R6#ping 100.1.1.4 source 100.1.1.6 repeat 10
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 100.1.1.4, timeout is 2 seconds:
Packet sent with a source address of 100.1.1.6
!!!!!!!!!!
Success rate is 100 percent (10/10), round-trip min/avg/max = 92/139/220 ms
R6#ping 100.1.1.2 source 100.1.1.6 repeat 10
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 100.1.1.2, timeout is 2 seconds:
Packet sent with a source address of 100.1.1.6
!!!!.!!!!!
Success rate is 90 percent (9/10), round-trip min/avg/max = 120/173/272 ms
通过wireshark进行抓包分析,
R3的F0/1抓包,源ip 100.1.1.6 ping100.1.1.2;和源100.1.1.1 ping100.1.1.2带的label是一致的。
R3的F0/1抓包,Ping 100.1.1.4
R3的F0/1抓包,源100.1.1.1 ping 100.1.1.2
根据转包的信息,从R6上模拟的数据,通过路由转发到R3上,然后查找R3上的MPLS的转发表并打上相应的labels,分别走两个×××实例的路由信息找出相应的出口,这样就能够保证两个相同网段的地址能够通过不同的vpn实例进行数据转发。
上面的表述有什么不当的地方,欢迎各位大侠补刀!!!
