实验要求:
一、23456是运营商,跑mpls
二、678是CE端,要求6到运营商写静态,7用ospf,8用rip
三、6789互通
先使运营商ip可达,我选择rip
再开启mpls(需要在所有标签经过的接口开启协议)
mpls lsr-id 3.3.3.3
mpls
mpls ldp
interface GigabitEthernet0/0/0
mpls
mpls ldp
在PE路由器上起bgp(非直连建邻)
bgp 100
router-id 3.3.3.3
peer 4.4.4.4 as-number 100
peer 4.4.4.4 connect-interface LoopBack0
peer 5.5.5.5 as-number 100
peer 5.5.5.5 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 4.4.4.4 enable
peer 5.5.5.5 enable
#
ipv4-family vpnv4
policy vpn-target
peer 4.4.4.4 enable
peer 4.4.4.4 advertise-community
peer 5.5.5.5 enable
peer 5.5.5.5 advertise-community
定义VRF虚拟空间(要确保RD、RT值没有出错)
ip vpn-instance a
ipv4-family
route-distinguisher 3:3
vpn-target 4:4 5:5 export-extcommunity
vpn-target 3:3 import-extcommunity
绑定接口ip地址
interface GigabitEthernet0/0/1
ip binding vpn-instance a
ip address 63.1.1.2 255.255.255.0
在3的vpn上写向6的静态
ip route-static vpn-instance a 6.6.6.6 255.255.255.255 63.1.1.1
在4起ospf
ospf 100 vpn-instance b
area 0.0.0.0
network 47.1.1.1 0.0.0.0
5起rip
rip 2 vpn-instance c
default-route originate
version 2
network 58.0.0.0
双向重发布
bgp 100
ipv4-family vpn-instance c
import-route direct
import-route rip 2
9要通78(9上要写缺省) 在6上做NAT
acl number 2000
rule 10 permit source 9.9.9.9 0
rule 15 permit source 69.1.1.2 0
interface GigabitEthernet0/0/0
nat outbound 2000