前面給各位小夥伴講解了MPLS VPN Option-C的方案一,今天給講講方案二。其實熟悉的小夥伴都知道方案一和方案二大部分是相同的,唯一的差別用到了路由引入以及MPLS路由交換。廢話不多說還是直接上網絡拓撲和配置吧。
MPLS VPN Option-C方案二
1.各裝置接口IP配置省略;
2.配置OSPF
[PE1]ospf 1 router-id 1.1.1.1
area 0
network 1.1.1.1 0.0.0.0
network 12.12.12.0 0.0.0.3
quit
quit
[P1]ospf 1 router-id 2.2.2.2
area 0
network 2.2.2.2 0.0.0.0
network 12.12.12.0 0.0.0.3
network 23.23.23.0 0.0.0.3
network 72.72.72.0 0.0.0.3
quit
quit
[ASBR1]ospf 1 router-id 3.3.3.3
area 0
network 3.3.3.3 0.0.0.0
network 23.23.23.0 0.0.0.3
quit
quit
[RR1]ospf 1 router-id 7.7.7.7
area 0
network 7.7.7.7 0.0.0.0
network 72.72.72.0 0.0.0.3
quit
quit
[PE2]ospf 1 router-id 6.6.6.6
area 0
network 6.6.6.6 0.0.0.0
network 56.56.56.0 0.0.0.3
quit
quit
[P2]ospf 1 router-id 5.5.5.5
area 0
network 5.5.5.5 0.0.0.0
network 45.45.45.0 0.0.0.3
network 56.56.56.0 0.0.0.3
network 58.58.58.0 0.0.0.3
quit
quit
[ASBR2]ospf 1 router-id 4.4.4.4
area 0
network 4.4.4.4 0.0.0.0
network 45.45.45.0 0.0.0.3
quit
quit
[RR2]ospf 1 router-id 8.8.8.8
area 0
network 8.8.8.8 0.0.0.0
network 58.58.58.0 0.0.0.3
quit
quit
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.使能MPLS/MPLS LDP
[PE1]mpls lsr-id 1.1.1.1
mpls
mpls ldp
qui
inter gig 0/0/0
mpls
mpls ldp
quit
[P1]mpls lsr-id 2.2.2.2
mpls
mpls ldp
qui
inter gig 0/0/0
mpls
mpls ldp
quit
inter gig 0/0/1
mpls
mpls ldp
quit
[ASBR1]mpls lsr-id 3.3.3.3
mpls
mpls ldp
qui
inter gig 0/0/1
mpls
mpls ldp
quit
[ASBR1]mpls lsr-id 4.4.4.4
mpls
mpls ldp
qui
inter gig 0/0/1
mpls
mpls ldp
quit
[P2]mpls lsr-id 5.5.5.5
mpls
mpls ldp
qui
inter gig 0/0/0
mpls
mpls ldp
quit
inter gig 0/0/1
mpls
mpls ldp
quit
[PE2]mpls lsr-id 6.6.6.6
mpls
mpls ldp
qui
inter gig 0/0/0
mpls
mpls ldp
quit
4.ASBR之間配置EBGP
[ASBR1]bgp 100
peer 34.34.34.2 as 200
qui
[ASBR2]bgp 200
peer 34.34.34.1 as 100
qui
5.ASBR通告RR的環回口引入到IGP
[ASBR1]bgp 100
network 7.7.7.7 32
qui
ospf
import-route bgp
quit
[ASBR2]bgp 200
network 8.8.8.8 32
qui
ospf
import-route bgp
quit
6.PE配置VPN執行個體并綁定接口
[PE1]ip vpn-instance hcie
route-dis 100:1
vpn-target 100:1 both
quit
quit
inter gig 0/0/1
ip binding vpn-instance hcie
ip addre 10.1.1.2 30
quit
[PE2]ip vpn-instance hcie
route-dis 100:1
vpn-target 100:1 both
quit
quit
inter gig 0/0/1
ip binding vpn-instance hcie
ip addre 20.1.1.1 30
quit
7.VPN執行個體中配置與CE的EBGP
[PE1]bgp 100
ipv4-family vpn-instance hcie
peer 10.1.1.1 as 65001
quit
quit
[PE2]bgp 200
ipv4-family vpn-instance hcie
peer 20.1.1.2 as 65002
quit
quit
[CE1]bgp 65001
peer 10.1.1.2 as 100
network 11.11.11.11 32
quit
[CE2]bgp 65002
peer 20.1.1.1 as 200
network 22.22.22.22 32
quit
8.配置PE與RR ,以及RR之間的BGP和MP-BGP
[PE1]bgp 100
peer 7.7.7.7 as 100
peer 7.7.7.7 con l0
ipv4-family vpnv4
peer 7.7.7.7 enable
quit
qui
[PE2]bgp 200
peer 8.8.8.8 as 200
peer 8.8.8.8 con l0
ipv4-family vpnv4
peer 8.8.8.8 enable
quit
qui
[RR1]bgp 100
peer 1.1.1.1 as 100
peer 1.1.1.1 con l0
peer 8.8.8.8 as 200
peer 8.8.8.8 con l0
peer 8.8.8.8 ebgp-max-hop 10
ipv4-family vpnv4
undo policy vpn-target
peer 1.1.1.1 enable
peer 1.1.1.1 next-hop-inv
peer 8.8.8.8 enable
peer 8.8.8.8 next-hop-inv
quit
qui
[RR2]bgp 200
peer 6.6.6.6 as 200
peer 6.6.6.6 con l0
peer 7.7.7.7 as 100
peer 7.7.7.7 con l0
peer 7.7.7.7 ebgp-max-hop 10
ipv4-family vpnv4
undo policy vpn-target
peer 6.6.6.6 enable
peer 6.6.6.6 next-hop-inv
peer 7.7.7.7 enable
peer 7.7.7.7 next-hop-inv
quit
qui
9.配置ASBR交換标簽
[ASBR1]bgp 100
peer 34.34.34.2 as 200
peer 34.34.34.2 label-route-capability
quit
mpls
lsp-trigger bgp-label-route
quit
[ASBR2]bgp 200
peer 34.34.34.1 as 100
peer 34.34.34.1 label-route-capability
quit
mpls
lsp-trigger bgp-label-route
quit
10.配置路由政策
[ASBR1]inter gig 0/0/0
ip addre 34.34.34.1 30
mpls
quit
route-policy policy1 permit node 10
apply mpls-label
qui
bgp 100
peer 34.34.34.2 as 200
peer 34.34.34.2 route-policy policy1 export
network 1.1.1.1 32
qui
[ASBR2]inter gig 0/0/0
ip addre 34.34.34.2 30
mpls
quit
route-policy policy1 permit node 10
apply mpls-label
qui
bgp 200
peer 34.34.34.1 as 100
peer 34.34.34.1 route-policy policy1 export
network 6.6.6.6 32
qui
結果驗證:
在ASBR上驗證是否可以看到路由的标簽資訊
ASBR1上執行display bgp routing-table label
ASBR2上執行display bgp routing-table label
在CE上檢視是否學習到對端CE發來的路由
通過檢視的路由資訊我們不難發現在CE1上可以找到CE2發來的路由資訊“22.22.22.22/32 EBGP”,同樣在CE2上可以找到CE1發來的路由資訊“11.11.11.11/32 EBGP”.
測試網絡連通性