一、实验
拓扑
1、基础配置
CE1
system
sysname CE1
int g 0/0/0
ip add 10.0.12.1 24
int l 0
ip add 1.1.1.1 32
int l 1
ip add 192.168.1.1 24
CE2
system
sysname CE2
int g 0/0/0
ip add 10.0.78.8 24
int l 0
ip add 8.8.8.8 32
int l 1
ip add 192.168.2.1 24
PE1
system
sysname PE1
int g 0/0/0
ip add 10.0.12.2 24
int g 0/0/1
ip add 10.0.23.2 24
int l 0
ip add 2.2.2.2 32
PE2
system
sysname PE2
int g 0/0/0
ip add 10.0.67.7 24
int g 0/0/1
ip add 10.0.78.7 24
int l 0
ip add 7.7.7.7 32
P1
system
sysname P1
int g 0/0/0
ip add 10.0.23.3 24
int g 0/0/1
ip add 10.0.34.3 24
int g 0/0/2
ip add 10.0.39.3 24
int l 0
ip add 3.3.3.3 32
P2
system
sysname P2
int g 0/0/0
ip add 10.0.56.6 24
int g 0/0/1
ip add 10.0.67.6 24
int g 0/0/2
ip add 10.0.106.6 24
int l 0
ip add 6.6.6.6 32
RR1
system
sysname RR1
int g 0/0/0
ip add 10.0.39.9 24
int l 0
ip add 9.9.9.9 32
RR2
system
sysname RR2
int g 0/0/0
ip add 10.0.106.10 24
int l 0
ip add 10.10.10.10 32
ASBR-PE1
system
sysname ASBR-PE1
int g 0/0/0
ip add 10.0.34.4 24
int g 0/0/1
ip add 10.0.45.4 24
int l 0
ip add 4.4.4.4 32
ASBR-PE2
system
sysname ASBR-PE2
int g 0/0/0
ip add 10.0.45.5 24
int g 0/0/1
ip add 10.0.56.5 24
int l 0
ip add 5.5.5.5 322、配置运营商之间的IGP路由协议
PE1
isis 1
network-entity 49.0001.0000.0001.00
q
int g 0/0/1
isis enable
isis circuit-level level-2
int l 0
isis enable
isis circuit-level level-2
P1
isis 1
network-entity 49.0001.0000.0002.00
q
int g 0/0/1
isis enable
isis circuit-level level-2
int g 0/0/0
isis enable
isis circuit-level level-2
int g 0/0/2
isis enable
isis circuit-level level-2
int l 0
isis enable
isis circuit-level level-2
RR1
isis 1
network-entity 49.0001.0000.0004.00
q
int g 0/0/0
isis enable
isis circuit-level level-2
int l 0
isis enable
isis circuit-level level-2
ASBR-PE1
isis 1
network-entity 49.0001.0000.0003.00
q
int g 0/0/0
isis enable
isis circuit-level level-2
int l 0
isis enable
isis circuit-level level-2
PE2
ospf 1 router-id 7.7.7.7
area 0
netw 10.0.67.7 0.0.0.0
netw 7.7.7.7 0.0.0.0
P2
ospf 1 router-id 6.6.6.6
area 0
netw 10.0.67.6 0.0.0.0
netw 10.0.56.6 0.0.0.0
netw 6.6.6.6 0.0.0.0
netw 10.0.106.6 0.0.0.0
RR2
ospf 1 router-id 10.10.10.10
area 0
netw 10.0.106.10 0.0.0.0
netw 10.10.10.10 0.0.0.0
ASBR-PE2
ospf 1 router-id 5.5.5.5
area 0
netw 10.0.56.5 0.0.0.0
netw 5.5.5.5 0.0.0.0查看邻居状态
[P1]display isis peer
Peer information for ISIS(1)
System Id Interface Circuit Id State HoldTime Type PRI
-------------------------------------------------------------------------------
0001.0000.0001 GE0/0/0 0001.0000.0002.01 Up 23s L2 64
0001.0000.0003 GE0/0/1 0001.0000.0003.01 Up 8s L2 64
0001.0000.0004 GE0/0/2 0001.0000.0002.03 Up 25s L2 64
Total Peer(s): 3
[P2]display ospf peer br
OSPF Process 1 with Router ID 6.6.6.6
Peer Statistic Information
----------------------------------------------------------------------------
Area Id Interface Neighbor id State
0.0.0.0 GigabitEthernet0/0/0 5.5.5.5 Full
0.0.0.0 GigabitEthernet0/0/1 7.7.7.7 Full
0.0.0.0 GigabitEthernet0/0/2 10.10.10.10 Full
----------------------------------------------------------------------------3、配置运营商之间的MPLS LDP标签隧道
PE1
mpls lsr-id 2.2.2.2
mpls
q
mpls ldp
q
int g 0/0/1
mpls
mpls ldp
P1
mpls lsr-id 3.3.3.3
mpls
q
mpls ldp
q
int g 0/0/1
mpls
mpls ldp
int g 0/0/0
mpls
mpls ldp
int g 0/0/2
mpls
mpls ldp
RR1
mpls lsr-id 9.9.9.9
mpls
q
mpls ldp
q
int g 0/0/0
mpls
mpls ldp
ASBR-PE1
mpls lsr-id 4.4.4.4
mpls
q
mpls ldp
q
int g 0/0/0
mpls
mpls ldp
int g 0/0/1
mpls
PE2
mpls lsr-id 7.7.7.7
mpls
q
mpls ldp
q
int g 0/0/0
mpls
mpls ldp
P2
mpls lsr-id 6.6.6.6
mpls
q
mpls ldp
q
int g 0/0/0
mpls
mpls ldp
int g 0/0/1
mpls
mpls ldp
int g 0/0/2
mpls
mpls ldp
RR2
mpls lsr-id 10.10.10.10
mpls
q
mpls ldp
q
int g 0/0/0
mpls
mpls ldp
ASBR-PE2
mpls lsr-id 5.5.5.5
mpls
q
mpls ldp
q
int g 0/0/1
mpls
mpls ldp
int g 0/0/0
mpls4、配置运营商BGP和RR之间的MP-EBGP
PE1
bgp 65002
router-id 2.2.2.2
peer 9.9.9.9 as 65002
peer 9.9.9.9 con l 0
peer 9.9.9.9 label-route-capability
ipv4-family vpnv4
peer 9.9.9.9 enable
RR1
bgp 65002
router-id 9.9.9.9
peer 2.2.2.2 as 65002
peer 2.2.2.2 con l 0
peer 2.2.2.2 label-route-capability
peer 2.2.2.2 re
peer 2.2.2.2 next-hop-invariable
peer 4.4.4.4 as 65002
peer 4.4.4.4 con l 0
peer 4.4.4.4 label-route-capability
peer 10.10.10.10 as-number 65003
peer 10.10.10.10 connect-interface LoopBack0
peer 10.10.10.10 ebgp-max-hop
peer 10.10.10.10 next-hop-invariable
netw 9.9.9.9 32
ipv4-family vpnv4
peer 2.2.2.2 enable
peer 2.2.2.2 re
peer 10.10.10.10 enable
peer 10.10.10.10 next-hop-invariable
undo policy vpn-target
ASBR-PE1
route-policy 1 permit node 10
if-match mpls-label
apply mpls-label
q
route-policy 2 permit node 10
apply mpls-label
q
bgp 65002
router-id 4.4.4.4
peer 9.9.9.9 as 65002
peer 9.9.9.9 con l 0
peer 9.9.9.9 label-route-capability
peer 9.9.9.9 route-policy 1 export
peer 10.0.45.5 as 65003
peer 10.0.45.5 label-route-capability
peer 10.0.45.5 route-policy 2 export
netw 9.9.9.9 32
netw 2.2.2.2 32
ASBR-PE2
route-policy 1 permit node 10
apply mpls-label
q
route-policy 2 permit node 10
if-match mpls-label
apply mpls-label
q
bgp 65003
router-id 5.5.5.5
peer 10.10.10.10 as 65003
peer 10.10.10.10 con l 0
peer 10.10.10.10 label-route-capability
peer 10.10.10.10 route-policy 2 export
peer 10.0.45.4 as 65002
peer 10.0.45.4 label-route-capability
peer 10.0.45.4 route-policy 1 export
netw 10.10.10.10 32
netw 7.7.7.7 32
RR2
bgp 65003
router-id 10.10.10.10
peer 5.5.5.5 as 65003
peer 5.5.5.5 con l 0
peer 5.5.5.5 label-route-capability
peer 7.7.7.7 as 65003
peer 7.7.7.7 con l 0
peer 7.7.7.7 label-route-capability
peer 7.7.7.7 re
peer 7.7.7.7 next-hop-invariable
peer 9.9.9.9 as 65002
peer 9.9.9.9 con l 0
peer 9.9.9.9 ebgp-max-hop
peer 9.9.9.9 next-hop-invariable
netw 10.10.10.10 32
ipv4-family vpnv4
peer 7.7.7.7 enable
peer 7.7.7.7 re
peer 9.9.9.9 enable
peer 9.9.9.9 next-hop-invariable
undo policy vpn-target
PE2
bgp 65003
router-id 7.7.7.7
peer 10.10.10.10 as 65003
peer 10.10.10.10 con l 0
peer 10.10.10.10 label-route-capability
ipv4-family vpnv4
peer 10.10.10.10 enable查看邻居状态
[RR1]display bgp peer
BGP local router ID : 9.9.9.9
Local AS number : 65002
Total number of peers : 3 Peers in established state : 3
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv
2.2.2.2 4 65002 17 16 0 00:13:57 Established
0
4.4.4.4 4 65002 11 11 0 00:08:29 Established
1
10.10.10.10 4 65003 2 4 0 00:00:00 Established
0
[RR2]display bgp peer
BGP local router ID : 10.10.10.10
Local AS number : 65003
Total number of peers : 3 Peers in established state : 3
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv
5.5.5.5 4 65003 16 16 0 00:13:39 Established
1
7.7.7.7 4 65003 17 17 0 00:13:30 Established
0
9.9.9.9 4 65002 4 5 0 00:00:18 Established
1查看vpnv4邻居状态
[RR1]display bgp vpnv4 al peer
BGP local router ID : 9.9.9.9
Local AS number : 65002
Total number of peers : 2 Peers in established state : 2
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv
10.10.10.10 4 65003 5 5 0 00:00:22 Established
1
[RR2]display bgp vpnv4 all peer
BGP local router ID : 10.10.10.10
Local AS number : 65003
Total number of peers : 2 Peers in established state : 2
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv
9.9.9.9 4 65002 6 7 0 00:01:23 Established
15、配置CE与PE之间的BGP路由协议
CE1
bgp 65001
router-id 1.1.1.1
peer 10.0.12.2 as 65002
netw 192.168.1.0 24
PE1
ip vpn-instance A
ipv4-family
route-distinguisher 1:1
vpn-target 100:100 export-extcommunity
vpn-target 100:100 import-extcommunity
q
q
int g 0/0/0
ip bind vpn A
ip add 10.0.12.2 24
q
bgp 65002
ipv4-family vpn-instance A
peer 10.0.12.1 as 65001
CE2
bgp 65004
router-id 8.8.8.8
peer 10.0.78.7 as 65003
netw 192.168.2.0 24
PE2
ip vpn-instance B
ipv4-family
route-distinguisher 1:2
vpn-target 100:100
q
q
int g 0/0/1
ip bind vpn B
ip add 10.0.78.7 24
q
bgp 65003
ipv4-family vpn-instance B
peer 10.0.78.8 as 65004查看vpnv4邻居状态
[PE1]display bgp vpnv4 all peer
BGP local router ID : 2.2.2.2
Local AS number : 65002
Total number of peers : 2 Peers in established state : 2
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv
9.9.9.9 4 65002 3 6 0 00:01:44 Established
0
Peer of IPv4-family for vpn instance :
VPN-Instance A, Router ID 2.2.2.2:
10.0.12.1 4 65001 3 2 0 00:00:03 Established
1
[PE2]display bgp vpnv4 all peer
BGP local router ID : 7.7.7.7
Local AS number : 65003
Total number of peers : 2 Peers in established state : 2
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv
10.10.10.10 4 65003 3 5 0 00:01:17 Established
0
Peer of IPv4-family for vpn instance :
VPN-Instance B, Router ID 7.7.7.7:
10.0.78.8 4 65004 3 2 0 00:00:04 Established
1查看vpnv4路由
<PE1>display bgp vpnv4 all routing-table
BGP Local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 2
Route Distinguisher: 1:1
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 192.168.1.0 10.0.12.1 0 0 65001i
Route Distinguisher: 1:2
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 192.168.2.0 7.7.7.7 100 0 65003 6500
4i
VPN-Instance A, Router ID 2.2.2.2:
Total Number of Routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 192.168.1.0 10.0.12.1 0 0 65001i
*>i 192.168.2.0 7.7.7.7 100 0 65003 6500
4i
<PE2>display bgp vpnv4 all routing-table
BGP Local router ID is 7.7.7.7
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 2
Route Distinguisher: 1:1
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 192.168.1.0 2.2.2.2 100 0 65002 6500
1i
Route Distinguisher: 1:2
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 192.168.2.0 10.0.78.8 0 0 65004i
VPN-Instance B, Router ID 7.7.7.7:
Total Number of Routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 192.168.1.0 2.2.2.2 100 0 65002 6500
1i
*> 192.168.2.0 10.0.78.8 0 0 65004i测试
<CE1>tracert -a 192.168.1.1 192.168.2.1
traceroute to 192.168.2.1(192.168.2.1
), max hops: 30 ,packet length: 40,press CTRL_C to break
1 10.0.12.2 20 ms 20 ms 10 ms
2 10.0.23.3 40 ms 50 ms 50 ms
3 10.0.34.4 50 ms 50 ms 40 ms
4 10.0.45.5 50 ms 60 ms 50 ms
5 10.0.56.6 40 ms 50 ms 50 ms
6 10.0.78.7 60 ms 40 ms 30 ms
7 10.0.78.8 50 ms 50 ms 50 ms
<CE2>tracert -a 192.168.2.1 192.168.1.1
traceroute to 192.168.1.1(192.168.1.1
), max hops: 30 ,packet length: 40,press CTRL_C to break
1 10.0.78.7 20 ms 10 ms 10 ms
2 10.0.67.6 40 ms 50 ms 40 ms
3 10.0.56.5 50 ms 40 ms 40 ms
4 10.0.45.4 40 ms 50 ms 40 ms
5 10.0.34.3 50 ms 40 ms 40 ms
6 10.0.12.2 50 ms 40 ms 60 ms
7 10.0.12.1 70 ms 50 ms 60 ms 控制平面
1、CE1通过BGP宣告192.168.1.0/24的路由传递给自己的ebgp邻居2.2.2.2。
2、PE1从实例A的ebgp邻居收到该路由后打上实例A的RD与RT值使该路由变成vpnv4路由传递给自己的vpnv4邻居9.9.9.9。
3、RR1从vpnv4邻居收到该路由,由于我们配置了不检查RT值命令所以RR会直接接收该路由传递给其他的vpnv4邻居10.10.10.10且由于我们配置了下一跳参数不变,所以RR1在传递给自己的ebgp邻居时下一跳不会改变。
4、RR2从vpnv4邻居收到该路由,由于我们配置了不检查RT值命令所以RR会直接接收该路由传递给其他的vpnv4邻居7.7.7.7且由于我们配置了下一跳参数不变,所以RR1在传递给自己的vpnv4邻居时下一跳不会改变。
5、PE2收到从RR反射过来的路由检查入RT值是否与自己的出RT值一致,一致接收并将路由传递给自己的其他vpnv4邻居。
数据平面
1、CE1发出报文
CE1收到目的IP为192.168.2.1的数据报文,查FIB表进行转发
2、PE1收到报文
PE1从实例A接口下收到该报文查实例A的FIB表进行转发。
根据FIB表打上一个标签1027(vpnv4标签)送入隧道0x8
打上一个标签1030(为对端PE2分配的bgp标签),并送入隧道0x3
打上一个标签1024(为ASBR-PE1分配的LDP标签),解析10.0.23.3的MAC从G0/0/1接口发出
3、P1收到报文
P1收到该报文发现是一个标签报文,查标签转发表进行转发。
P1将外层标签1024交换成3号标签(次末跳弹出标签),解析10.0.34.4的MAC从G0/0/1口发出。
4、ASBR-PE1收到报文
ASBR-PE1收到该报文发现是一个标签报文,查标签转发表,将外层标签1030交换成1025。
5、ASBR-PE2收到报文
ASBR-PE2收到该报文查标签转发表,将外层标签1025弹出,送入隧道0x6。
打上一个1025标签,解析10.0.56.6从G0/0/1接口发出。
6、P2收到报文
P2收到该报文,查标签转发表进行转发,将外层标签1025交换成3号标签(次末跳弹出)。
7、PE2收到报文
PE2收到该报文后查标签转发表,将内层标签1027弹出送入实例B当中,查实例B的FIB表转发。
以上就是本章的全部内容了,如果本文章对你的学习有所帮助的话麻烦点个赞加个收藏,文章若有错误或疑问可联系博主删除更改,感谢大家的浏览观看!