跨域××× 组网实例-OptionC
组网需求
R1 和R6 属于同一个×××。R1 通过AS100 的R2 接入,R6 通过AS200 的R5 接入。采用OptionC 方式实现跨域的BGP/MPLS ×××,即,采用PE 间通过Multi-hop MP-EBGP 发布标签×××-IPv4 路由方式管理××× 路由。
配置思路大致如此:
1、先做通路由。在同一个AS内,先通过运行IGP做通AS内部路由,再在各PE路由器上运行BGP,宣告通过IGP学到的路由和直连路由。做完以后,可以在PE1(本实例中的R2)上PING通PE2(本实例中的R5)的L0接口和外部接口(F1/0)。
2、配置在各PE之间能够交换带标签的IPV4路由。PE1(R2)与ASBR-PE1(R3)、PE2(R5)与ASBR-PE2(R4)、ASBR-PE1与ASBR-PE2
3、ASBR-PE在向本AS内的PE发布路由时,将下一跳改为自己
4、在ASBR-PE 上配置路由策略:对于从本AS 内的PE 接收的路由,在向对端AS的ASBR 发布时,分配MPLS 标签;对于向本AS 内的PE 发布的路由,如果是带标签的IPv4 路由,为其分配新的MPLS 标签。
5、在PE与PE之间(R2与R5)建立邻居关系,直接发布×××V4路由。所以在ASBR-PE上要有能够支持带标签的IPV4路由的能力。(别忘了关闭默认的标签过滤功能)。
r1#show run
!
hostname r1 #用户CE设备,和ISP的PE设备相连
!
no ip domain lookup
!
ip cef
!
interface Loopback0
ip address 10.1.1.1 255.255.255.0 #模拟内网网段
!
interface FastEthernet0/0 # 内网出口接口,和ISP的PE相连
ip address 1.1.1.1 255.255.255.0
duplex half
!
router bgp 1000 #在CE上运行BGP,和相邻的PE设备
no synchronization 建立EBGP邻居
bgp log-neighbor-changes
redistribute connected #宣告直连网段
neighbor 1.1.1.2 remote-as 100 #和相邻的PE设备建立EBGP邻居
no auto-summary
!
ip classless
end
r2#show run
hostname r2 #PE设备,是ISP和用户相连的设备
!
no ip domain lookup
!
ip vrf vpn #创建一个VRF(×××路由转发),华为称作
rd 100:1 # ×××实例,RD(路由标识符)
route-target export 100:1 #路由目标,用于路由过滤
route-target import 100:1
!
ip cef
!
interface Loopback0
ip address 20.1.1.1 255.255.255.255 #注意子网掩码为4个255,防止路
! #由被聚合,LSP不能正确处理内层标签
interface FastEthernet0/0 #在此接口上绑定VRF
ip vrf forwarding vpn #先做这一步,再配置IP地址
ip address 1.1.1.2 255.255.255.0
duplex half
!
interface FastEthernet1/0
ip address 2.1.1.1 255.255.255.0
duplex half
tag-switching ip #配置MPLS能力
!
router ospf 1 #运行OSPF 路由协议
log-adjacency-changes
network 2.1.1.1 0.0.0.0 area 0 #宣告
network 20.1.1.1 0.0.0.0 area 0
!
router bgp 100 #运行BGP路由协议,AS号为100
bgp log-neighbor-changes
neighbor 30.1.1.1 remote-as 100 #和ASBR PE路由器建立邻居关系
neighbor 30.1.1.1 update-source Loopback0
neighbor 50.1.1.1 remote-as 200 #和另一个AS中的PE建产邻居关系
neighbor 50.1.1.1 ebgp-multihop 10 #允许最大跳数为10跳
neighbor 50.1.1.1 update-source Loopback0
!
address-family ipv4
redistribute connected #引入直连路由
neighbor 30.1.1.1 activate #激活邻居(默认)
neighbor 30.1.1.1 send-label #配置相邻设备支持带标签路由
no neighbor 50.1.1.1 activate #关闭默认的邻居活跃状态
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 50.1.1.1 activate #在此地址族下激活邻居(CE2)
neighbor 50.1.1.1 send-community extended #发送×××V4路由
exit-address-family
!
address-family ipv4 vrf vpn #PE1和CE1建立EBGP邻居关系,
redistribute connected 将学到的×××路由引入到×××V4
neighbor 1.1.1.1 remote-as 1000 路由里
neighbor 1.1.1.1 activate
no auto-summary
no synchronization
exit-address-family
!
ip classless
end
r3#show run
hostname r3 #ISP自治系统边界路由器,和另外一个AS的
! 边界路由器相连
no ip domain lookup
!
ip cef
!
interface Loopback0
ip address 30.1.1.1 255.255.255.255 #注意子网掩码为4个255,防止路
! #由被聚合,LSP不能正确处理内层标签
interface FastEthernet0/0 #和另一个AS的ASBR路由器相连的
ip address 3.1.1.1 255.255.255.0 接口,此接口不用使能MPLS
duplex half
!
interface FastEthernet1/0 #和同一AS内的PE相连的接口,此
ip address 2.1.1.2 255.255.255.0 接口需使能MPLS
duplex half
tag-switching ip
!
router ospf 1 #运行OSPF协议
log-adjacency-changes
network 2.1.1.2 0.0.0.0 area 0
network 30.1.1.1 0.0.0.0 area 0
!
router bgp 100 #运行BGP协议,AS号为100
no bgp default route-target filter #关闭默认的路由标签过滤功能
bgp log-neighbor-changes
neighbor 3.1.1.2 remote-as 200 #和相邻AS的ASBR的PE建立邻居
neighbor 20.1.1.1 remote-as 100 #和同AS内的PE建立邻居
neighbor 20.1.1.1 update-source Loopback0
!
address-family ipv4
redistribute connected #引入直连路由
redistribute ospf 1 #引入OSPF路由
neighbor 3.1.1.2 activate #激活邻居
neighbor 3.1.1.2 send-label #配置相邻设备支持带标签路由
neighbor 3.1.1.2 route-map aa out #在出方向上应用路由图aa
neighbor 20.1.1.1 activate #激活邻居
neighbor 20.1.1.1 send-label #配置相邻设备支持带标签路由
neighbor 20.1.1.1 next-hop-self #更改下一跳为自己
neighbor 20.1.1.1 route-map bb out #在出方向上应用路由图bb
no auto-summary
no synchronization
exit-address-family
!
ip classless
!
route-map aa permit 10 #创建路由图aa,对于从本AS的PE接受的路由
set mpls-label 在向对端AS的ASBR的PE发布时,分配MPLS标签
!
route-map bb permit 10 #创建路由图bb,对于向本AS内发布的路由,如果
match mpls-label 是带标签的IPV4路由,为其分配新的MPLS标签
set mpls-label
!
end
r4#show run
hostname r4 #ISP自治系统边界路由器,和另外一个AS的
! 边界路由器相连
no ip domain lookup
!
ip cef
!
interface Loopback0
ip address 40.1.1.1 255.255.255.255 #注意子网掩码为4个255,防止路
! #由被聚合,LSP不能正确处理内层标签
interface FastEthernet0/0 #和另一个AS的ASBR路由器相连的
ip address 3.1.1.2 255.255.255.0 接口,此接口不用使能MPLS
duplex half
!
interface FastEthernet1/0 #和同一AS内的PE相连的接口,此
ip address 4.1.1.1 255.255.255.0 接口需使能MPLS
duplex half
tag-switching ip
!
router ospf 1 #运行OSPF
log-adjacency-changes
network 4.1.1.1 0.0.0.0 area 0
network 40.1.1.1 0.0.0.0 area 0
!
router bgp 200 #运行BGP协议,AS号为200
no bgp default route-target filter#关闭默认的路由标签过滤功能
bgp log-neighbor-changes
neighbor 3.1.1.1 remote-as 100 #和相邻AS的ASBR的PE建立邻居
neighbor 50.1.1.1 remote-as 200 #和同AS内的PE建立邻居
neighbor 50.1.1.1 update-source Loopback0
!
address-family ipv4
redistribute connected #引入直连路由
redistribute ospf 1 #引入OSPF路由
neighbor 3.1.1.1 activate #激活邻居
neighbor 3.1.1.1 send-label #配置相邻设备支持带标签路由
neighbor 3.1.1.1 route-map aa out #在出方向上应用路由图aa
neighbor 50.1.1.1 activate #激活邻居
neighbor 50.1.1.1 send-label #配置相邻设备支持带标签路由
neighbor 50.1.1.1 next-hop-self #更改下一跳为自己
neighbor 50.1.1.1 route-map cc out#在出方向上应用路由图cc
no auto-summary
no synchronization
exit-address-family
!
ip classless
!
route-map aa permit 10 #创建路由图aa,对于从本AS的PE接受的路由
set mpls-label 在向对端AS的ASBR的PE发布时,分配MPLS标签
!
route-map cc permit 10 #创建路由图bb,对于向本AS内发布的路由,如果
match mpls-label 是带标签的IPV4路由,为其分配新的MPLS标签
set mpls-label
!
End
r5#show run
hostname r5 #PE设备,是ISP和用户相连的设备
!
no ip domain lookup
!
ip vrf vpn #创建一个VRF(×××路由转发)
rd 200:1
route-target export 100:1
route-target import 100:1
!
ip cef
!
interface Loopback0
ip address 50.1.1.1 255.255.255.255
!
interface FastEthernet0/0 #在此接口绑定VRF(×××实例)
ip vrf forwarding vpn
ip address 5.1.1.1 255.255.255.0
duplex half
!
interface FastEthernet1/0
ip address 4.1.1.2 255.255.255.0
duplex half
tag-switching ip
!
router ospf 1
log-adjacency-changes
network 4.1.1.2 0.0.0.0 area 0
network 50.1.1.1 0.0.0.0 area 0
!
router bgp 200 #和R2上的基本原理一致
bgp log-neighbor-changes
neighbor 20.1.1.1 remote-as 100
neighbor 20.1.1.1 ebgp-multihop 10
neighbor 20.1.1.1 update-source Loopback0
neighbor 40.1.1.1 remote-as 200
neighbor 40.1.1.1 update-source Loopback0
!
address-family ipv4
redistribute connected
no neighbor 20.1.1.1 activate
neighbor 40.1.1.1 activate
neighbor 40.1.1.1 send-label
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 20.1.1.1 activate
neighbor 20.1.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf vpn
redistribute connected
neighbor 5.1.1.2 remote-as 2000
neighbor 5.1.1.2 activate
no auto-summary
no synchronization
exit-address-family
!
ip classless
End
r6#show run
hostname r6 #用户CE设备,和ISP的PE设备相连
!
no ip domain lookup
!
ip cef
!
interface Loopback0 #和R1上的基本原理一致
ip address 60.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address 5.1.1.2 255.255.255.0
duplex half
!
interface FastEthernet1/0
no ip address
shutdown
duplex half
!
router bgp 2000 #和R1上的基本原理一致
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 5.1.1.1 remote-as 200
no auto-summary
!
ip classless
End
r1#traceroute
Protocol [ip]:
Target IP address: 60.1.1.1
Source address:
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 60.1.1.1
1 1.1.1.2 104 msec 124 msec 44 msec
2 2.1.1.2 [MPLS: Labels 24/18 Exp 0] 252 msec 148 msec 200 msec
3 3.1.1.2 [MPLS: Labels 16/18 Exp 0] 188 msec 172 msec 120 msec
4 5.1.1.1 [AS 200] [MPLS: Label 18 Exp 0] 72 msec 208 msec 196 msec
5 5.1.1.2 [AS 200] 292 msec * 196 msec
r1#show ip route
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, FastEthernet0/0
5.0.0.0/24 is subnetted, 1 subnets
B 5.1.1.0 [20/0] via 1.1.1.2, 00:47:16
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Loopback0
60.0.0.0/24 is subnetted, 1 subnets
B 60.1.1.0 [20/0] via 1.1.1.2, 00:47:16
r2#show ip route
Gateway of last resort is not set
50.0.0.0/32 is subnetted, 1 subnets
B 50.1.1.1 [200/2] via 30.1.1.1, 01:05:17
2.0.0.0/24 is subnetted, 1 subnets
C 2.1.1.0 is directly connected, FastEthernet1/0
4.0.0.0/24 is subnetted, 1 subnets
B 4.1.1.0 [200/0] via 30.1.1.1, 01:05:17
20.0.0.0/32 is subnetted, 1 subnets
C 20.1.1.1 is directly connected, Loopback0
40.0.0.0/32 is subnetted, 1 subnets
B 40.1.1.1 [200/0] via 30.1.1.1, 01:05:17
30.0.0.0/32 is subnetted, 1 subnets
O 30.1.1.1 [110/2] via 2.1.1.2, 01:10:32, FastEthernet1/0
r2#show ip route vrf vpn
Routing Table: vpn
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
C 1.1.1.0 is directly connected, FastEthernet0/0
5.0.0.0/24 is subnetted, 1 subnets
B 5.1.1.0 [20/0] via 50.1.1.1, 00:48:24
10.0.0.0/24 is subnetted, 1 subnets
B 10.1.1.0 [20/0] via 1.1.1.1, 01:44:40
60.0.0.0/24 is subnetted, 1 subnets
B 60.1.1.0 [20/0] via 50.1.1.1, 00:48:24
r2#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 30.1.1.1/32 0 Fa1/0 2.1.1.2
17 Aggregate 1.1.1.0/24[V] 2212
18 Untagged 10.1.1.0/24[V] 570 Fa0/0 1.1.1.1
r3#show ip route
Gateway of last resort is not set
50.0.0.0/32 is subnetted, 1 subnets
B 50.1.1.1 [20/2] via 3.1.1.2, 01:06:14
2.0.0.0/24 is subnetted, 1 subnets
C 2.1.1.0 is directly connected, FastEthernet1/0
3.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 3.1.1.2/32 is directly connected, FastEthernet0/0
C 3.1.1.0/24 is directly connected, FastEthernet0/0
4.0.0.0/24 is subnetted, 1 subnets
B 4.1.1.0 [20/0] via 3.1.1.2, 01:06:14
20.0.0.0/32 is subnetted, 1 subnets
O 20.1.1.1 [110/2] via 2.1.1.1, 01:11:24, FastEthernet1/0
40.0.0.0/32 is subnetted, 1 subnets
B 40.1.1.1 [20/0] via 3.1.1.2, 01:06:14
30.0.0.0/32 is subnetted, 1 subnets
C 30.1.1.1 is directly connected, Loopback0
r3#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 20.1.1.1/32 9163 Fa1/0 2.1.1.1
17 Pop tag 3.1.1.2/32 0 Fa0/0 3.1.1.2
22 Pop tag 4.1.1.0/24 1140 Fa0/0 3.1.1.2
23 Pop tag 40.1.1.1/32 0 Fa0/0 3.1.1.2
24 16 50.1.1.1/32 9106 Fa0/0 3.1.1.2
r4#show ip route
Gateway of last resort is not set
50.0.0.0/32 is subnetted, 1 subnets
O 50.1.1.1 [110/2] via 4.1.1.2, 01:07:17, FastEthernet1/0
2.0.0.0/24 is subnetted, 1 subnets
B 2.1.1.0 [20/0] via 3.1.1.1, 01:07:06
3.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 3.1.1.1/32 is directly connected, FastEthernet0/0
C 3.1.1.0/24 is directly connected, FastEthernet0/0
4.0.0.0/24 is subnetted, 1 subnets
C 4.1.1.0 is directly connected, FastEthernet1/0
20.0.0.0/32 is subnetted, 1 subnets
B 20.1.1.1 [20/2] via 3.1.1.1, 01:07:06
40.0.0.0/32 is subnetted, 1 subnets
C 40.1.1.1 is directly connected, Loopback0
30.0.0.0/32 is subnetted, 1 subnets
B 30.1.1.1 [20/0] via 3.1.1.1, 01:07:07
r4#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 50.1.1.1/32 9071 Fa1/0 4.1.1.2
17 Pop tag 3.1.1.1/32 0 Fa0/0 3.1.1.1
18 Pop tag 2.1.1.0/24 570 Fa0/0 3.1.1.1
19 16 20.1.1.1/32 9762 Fa0/0 3.1.1.1
20 Pop tag 30.1.1.1/32 0 Fa0/0 3.1.1.1
r5#show ip route
Gateway of last resort is not set
50.0.0.0/32 is subnetted, 1 subnets
C 50.1.1.1 is directly connected, Loopback0
2.0.0.0/24 is subnetted, 1 subnets
B 2.1.1.0 [200/0] via 40.1.1.1, 00:59:02
4.0.0.0/24 is subnetted, 1 subnets
C 4.1.1.0 is directly connected, FastEthernet1/0
20.0.0.0/32 is subnetted, 1 subnets
B 20.1.1.1 [200/2] via 40.1.1.1, 00:59:02
40.0.0.0/32 is subnetted, 1 subnets
O 40.1.1.1 [110/2] via 4.1.1.1, 01:07:56, FastEthernet1/0
30.0.0.0/32 is subnetted, 1 subnets
B 30.1.1.1 [200/0] via 40.1.1.1, 00:59:02
r5#show ip route vrf vpn
Routing Table: vpn
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 20.1.1.1, 00:50:47
5.0.0.0/24 is subnetted, 1 subnets
C 5.1.1.0 is directly connected, FastEthernet0/0
10.0.0.0/24 is subnetted, 1 subnets
B 10.1.1.0 [20/0] via 20.1.1.1, 00:50:47
60.0.0.0/24 is subnetted, 1 subnets
B 60.1.1.0 [20/0] via 5.1.1.2, 01:43:55
r5#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 40.1.1.1/32 0 Fa1/0 4.1.1.1
17 Aggregate 5.1.1.0/24[V] 520
18 Untagged 60.1.1.0/24[V] 1812 Fa0/0 5.1.1.2
r6# show ip route
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 5.1.1.1, 00:51:05
5.0.0.0/24 is subnetted, 1 subnets
C 5.1.1.0 is directly connected, FastEthernet0/0
10.0.0.0/24 is subnetted, 1 subnets
B 10.1.1.0 [20/0] via 5.1.1.1, 00:51:05
60.0.0.0/24 is subnetted, 1 subnets
C 60.1.1.0 is directly connected, Loopback0
r6#traceroute
Protocol [ip]:
Target IP address: 10.1.1.1
Source address:
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 10.1.1.1
1 5.1.1.1 52 msec 84 msec 16 msec
2 4.1.1.1 [MPLS: Labels 19/18 Exp 0] 180 msec 236 msec 168 msec
3 3.1.1.1 [MPLS: Labels 16/18 Exp 0] 196 msec 272 msec 144 msec
4 1.1.1.2 [AS 100] [MPLS: Label 18 Exp 0] 176 msec 264 msec 148 msec
5 1.1.1.1 [AS 100] 296 msec * 216 msec
