MPLS跨域 option-A

清歌丿

已于 2023-10-30 10:49:28 修改

阅读量350

点赞数

分类专栏： R&S 文章标签：路由器网络网络协议

于 2021-12-01 09:55:27 首次发布

本文链接：https://blog.csdn.net/Sonde_r/article/details/121626638

版权

R&S 专栏收录该内容

14 篇文章 0 订阅

订阅专栏

需要跨域的VPN在ASBR间通过专用的接口管理自己的VPN路由

两个边界的ASBR都把对方看作是自己的CE设备，向对端发送ipv4路由

优点：配置简单，无需在ASBR上配置MPLS

缺点：ASBR需要为每个VPN创建实例，VPNv4路由过于庞大，不易于扩展，还得使用不同的业务接口，跨域VPN路由较少时使用

公网互通，并配置LDP

AS之中通告环回口，建立LDP邻居

私网发布路由

CE1:
ospf 1 router-id 172.16.1.1 
 area 0.0.0.0 
  network 172.16.1.1 0.0.0.0 
  network 192.168.1.0 0.0.0.255 

PE1:
ip vpn-instance 1
 ipv4-family
  route-distinguisher 1:1
  vpn-target 100:200 export-extcommunity
  vpn-target 100:100 import-extcommunity

ospf 100 router-id 1.1.1.1 vpn-instance 1
 area 0.0.0.0 
  network 192.168.1.0 0.0.0.255 

bgp 100
 peer 3.3.3.3 as-number 100 
 peer 3.3.3.3 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 3.3.3.3 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 3.3.3.3 enable


ASBR1:
ip vpn-instance 1
 ipv4-family
  route-distinguisher 2:2
  vpn-target 100:100 export-extcommunity
  vpn-target 100:200 import-extcommunity

interface GigabitEthernet0/0/1
 ip binding vpn-instance 1

bgp 100
 peer 1.1.1.1 as-number 100 
 peer 1.1.1.1 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 1.1.1.1 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 1.1.1.1 enable

边界路由器路由传递

ASBR1:
bgp 100
 ipv4-family vpn-instance 1 
  peer 33.3.3.4 as-number 200 

ASBR2:
ip vpn-instance 1
 ipv4-family
  route-distinguisher 3:3
  vpn-target 200:100 export-extcommunity
  vpn-target 200:200 import-extcommunity

bgp 200
 ipv4-family vpn-instance 1 
  peer 33.3.3.3 as-number 100 

interface GigabitEthernet0/0/1
 ip binding vpn-instance 1

路由传递给PE2

ASBR2:

bgp 200
 peer 6.6.6.6 as-number 200 
 peer 6.6.6.6 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 6.6.6.6 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 6.6.6.6 enable
 #
 ipv4-family vpn-instance 1 
  peer 33.3.3.3 as-number 100 


PE2：
bgp 200
 peer 4.4.4.4 as-number 200 
 peer 4.4.4.4 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 4.4.4.4 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 4.4.4.4 enable

ip vpn-instance 1
 ipv4-family
  route-distinguisher 4:4
  vpn-target 200:200 export-extcommunity
  vpn-target 200:100 import-extcommunity

interface GigabitEthernet0/0/0
 ip binding vpn-instance 1

传递给CE2设备

PE2:
ospf 100 router-id 6.6.6.6 vpn-instance 1
 area 0.0.0.0 
import-route bgp 

interface GigabitEthernet0/0/0
 ip binding vpn-instance 1
 ip address 192.168.2.1 255.255.255.0 
 ospf enable 100 area 0.0.0.0

CE2:
ospf 1 router-id 172.16.2.1 
 area 0.0.0.0 
#
interface GigabitEthernet0/0/0
 ospf enable 1 area 0.0.0.0

CE2设备传递路由给CE1:

CE2:
ospf 1 router-id 172.16.2.1 
 area 0.0.0.0 
network 172.16.2.1 0.0.0.0

PE2：
bgp 200
 ipv4-family vpn-instance 1 
  import-route ospf 100

PE1：
ospf 100 router-id 1.1.1.1 vpn-instance 1
 import-route bgp