54.MPBGP MPLS VPN 实验组网——PE-CE 部署OSPF

MPBGP MPLS VPN 实验组网——OSPF

一、实验目的

A-Hub 与 A-Spoke 为同一家公司的两地网络，B-Hub 与 BSpoke 为另一家公司的两地网络，RTA、RTB、RTC 为运营商网络，内部 IGP 使用 OSPF 连通，外网构建 BGP 网络；
各个 CE 与PE 之间部署运行 OSPF 协议，令 RTA 与 RTC 之间实现 MPLS VPN，在穿越 BGP 网络环境下实现公司内部的通信

二、配置

1.基础配置，端口IP+内网OSPF

//防止自动退出
user-interface con 0
 idle-timeout 0 0
 q
 

R1

interface GigabitEthernet0/0/0
 ip address 12.1.1.1 255.255.255.252 
interface GigabitEthernet0/0/1
ip address 14.1.1.1 255.255.255.252  
interface GigabitEthernet0/0/2
 ip address 15.1.1.1 255.255.255.252 
interface LoopBack0
 ip address 1.1.1.1 255.255.255.255 

ospf 1 router-id 1.1.1.1 
 area 0.0.0.0 
  network 1.1.1.1 0.0.0.0 
  network 12.1.1.0 0.0.0.3 

R2

interface GigabitEthernet0/0/0
 ip address 12.1.1.2 255.255.255.252 
interface GigabitEthernet0/0/1
 ip address 23.1.1.1 255.255.255.252 
interface GigabitEthernet0/0/2
interface LoopBack0
 ip address 2.2.2.2 255.255.255.255 
ospf 1 router-id 2.2.2.2 
 area 0.0.0.0 
  network 2.2.2.2 0.0.0.0 
  network 12.1.1.0 0.0.0.3 
  network 23.1.1.0 0.0.0.3 
#

R3

interface GigabitEthernet0/0/0
 ip address 23.1.1.2 255.255.255.252 
interface GigabitEthernet0/0/1
 ip address 36.1.1.1 255.255.255.252 
interface GigabitEthernet0/0/2
 ip address 37.1.1.1 255.255.255.252 
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255 
ospf 1 router-id 3.3.3.3 
 area 0.0.0.0 
  network 3.3.3.3 0.0.0.0 
  network 23.1.1.0 0.0.0.3 
#

2.开启LDP

R1：

[Huawei]mpls lsr-id 1.1.1.1
[Huawei]mpls 
Info: Mpls starting, please wait... OK!
[Huawei-mpls]mpls ldp
[Huawei-mpls-ldp]
[Huawei-mpls-ldp]int g0/0/0
[Huawei-GigabitEthernet0/0/0]mpls ldp

R2：

[Huawei]mpls lsr 2.2.2.2
[Huawei]mpls	
Info: Mpls starting, please wait... OK!
[Huawei-mpls]mpls ldp
[Huawei-mpls-ldp]int g0/0/0
[Huawei-GigabitEthernet0/0/0]mpls
[Huawei-GigabitEthernet0/0/0]mpls ldp
[Huawei-GigabitEthernet0/0/0]int g0/0/1
[Huawei-GigabitEthernet0/0/1]mpls
[Huawei-GigabitEthernet0/0/1]mpls ldp

R3

[Huawei]mpls lsr-id 3.3.3.3
[Huawei]mpls 
Info: Mpls starting, please wait... OK!
[Huawei-mpls]mpls ldp
[Huawei-mpls-ldp]int g0/0/0
[Huawei-GigabitEthernet0/0/0]mpls	
[Huawei-GigabitEthernet0/0/0]mpls 
[Huawei-GigabitEthernet0/0/0]mpls ldp
[Huawei-GigabitEthernet0/0/0]

查看LDP会话建立情况

[Huawei]DIS mpls ldp session 

 LDP Session(s) in Public Network
 Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
 A '*' before a session means the session is being deleted.
 ------------------------------------------------------------------------------
 PeerID             Status      LAM  SsnRole  SsnAge      KASent/Rcv
 ------------------------------------------------------------------------------
 1.1.1.1:0          Operational DU   Active   0000:00:12  50/50
 3.3.3.3:0          Operational DU   Passive  0000:00:10  43/43
 ------------------------------------------------------------------------------
 TOTAL: 2 session(s) Found.

3.PE配置VRF 绑定接口

R1

[Huawei-GigabitEthernet0/0/1]ip vpn-instance A-Hub
[Huawei-vpn-instance-A-Hub]route-distinguisher 100:1
[Huawei-vpn-instance-A-Hub-af-ipv4]vpn-target 100:1
[Huawei-vpn-instance-A-Hub-af-ipv4]int g0/0/1 
[Huawei-GigabitEthernet0/0/1]ip binding vpn-instance A-Hub

> 接口绑定VPN实例（VRF）原地址会被删除 需要重新配置地址
Info: All IPv4 related configurations on this interface are removed!
Info: All IPv6 related configurations on this interface are removed!

[Huawei-GigabitEthernet0/0/1]ip address 14.1.1.1 30

[Huawei]ip vpn-instance H-Hub
[Huawei-vpn-instance-H-Hub]route-distinguisher 200:1
[Huawei-vpn-instance-H-Hub-af-ipv4]vpn-target 200:1
[Huawei-vpn-instance-H-Hub-af-ipv4]int g0/0/2
[Huawei-GigabitEthernet0/0/2]ip add 15.1.1.1 30

配置RT 不写方向默认为both
[Huawei-vpn-instance-A-Hub]dis this
[V200R003C00]
ip vpn-instance A-Hub
ipv4-family
route-distinguisher 100:1
vpn-target 100:1 export-extcommunity
vpn-target 100:1 import-extcommunity

R3

[Huawei]ip vpn-instance   A-Spoke
[Huawei-vpn-instance-A-Spoke]route-distinguisher 100:1
[Huawei-vpn-instance-A-Spoke-af-ipv4]vpn-target 100:1
[Huawei-vpn-instance-A-Spoke-af-ipv4]int g0/0/1
[Huawei-GigabitEthernet0/0/1]ip binding vpn-instance A-Spoke
[Huawei-GigabitEthernet0/0/1]ip add 36.1.1.1 30


[Huawei]ip vpn-instance B-Spoke
[Huawei-vpn-instance-B-Spoke]route-distinguisher 200:1
[Huawei-vpn-instance-B-Spoke-af-ipv4]vpn-target 200:1
[Huawei-GigabitEthernet0/0/2]ip binding vpn-instance B-Spoke
[Huawei-GigabitEthernet0/0/2]ip address 37.1.1.1 30

建立BGP* Vpnv4下要重新建立关系
AR1

[Huawei]bgp 100
[Huawei-bgp]peer 3.3.3.3 as-number 100
[Huawei-bgp]peer 3.3.3.3 connect-interface lo 0
[Huawei-bgp]ipv4-family vpnv4
[Huawei-bgp-af-vpnv4]peer 3.3.3.3 enable 
//进入 BGP-VPNv4 子地址族 使能对等体交换 BGP-VPNv4 路由信息

AR3

[Huawei]bgp 100
[Huawei-bgp]peer 1.1.1.1 as 100
[Huawei-bgp]peer 1.1.1.1 connect-interface  lo 0
[Huawei-bgp]ipv4-family vpnv4
[Huawei-bgp-af-vpnv4]peer 1.1.1.1 enable 

[Huawei-bgp-af-vpnv4]dis bgp vpnv4 all peer
BGP local router ID : 23.1.1.2
Local AS number : 100
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre fRcv
1.1.1.1 4 100 4 5 0 00:02:28 Established 0

4.CE-PE部署 OSPF

进程号本地有效，R4 OSPF1 可以与 R1 OSPF 2建立邻居关系

R4
[Huawei]ospf 1 router-id 4.4.4.4 
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 14.1.1.2 0.0.0.3
[Huawei-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]q


R5
[Huawei]ospf 1 router-id 5.5.5.5
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 15.1.1.2 0.0.0.3
[Huawei-ospf-1-area-0.0.0.0]network 5.5.5.5 0.0.0.0

5.PE部署OSPF+路由引入

R1

R1   ——   A Hub
[Huawei]ospf 2 router-id 1.1.1.1 vpn-instance A-Hub
[Huawei-ospf-3]area 0
[Huawei-ospf-3-area-0.0.0.0]net 14.1.1.1 0.0.0.3

R1   ——   B Hub
[Huawei]ospf 3 router-id 1.1.1.1 vpn-instance H-Hub
[Huawei-ospf-3]area 0
[Huawei-ospf-3-area-0.0.0.0]net 15.1.1.1 0.0.0.3


路由引入
BGP引入A-Hub的OSPF
[Huawei]bgp 100
[Huawei-bgp]ipv4-family vpn-instance A-Hub
[Huawei-bgp-A-Hub]import-route ospf 2
BGP引入B-Hub
[Huawei-bgp]ipv4-family vpn-instance H-Hub
[Huawei-bgp-H-Hub]import-route os	
[Huawei-bgp-H-Hub]import-route ospf 3

OSPF引入BGP

[Huawei]ospf 2 vpn-instance A-Hub
[Huawei-ospf-2]import-route bgp

[Huawei]ospf 3 vpn-instance H-Hub
[Huawei-ospf-3]import-route bgp

R6 R7同理起OSPF

为避免混乱，CE的OSPF的进程号习惯性与PE使用一致
R6
[Huawei-ospf-2]area 0
[Huawei-ospf-2-area-0.0.0.0]net 6.6.6.6 0.0.0.0
[Huawei-ospf-2-area-0.0.0.0]net 36.1.1.2 0.0.0.3

R7
[Huawei]ospf 3 router-id 7.7.7.7
[Huawei-ospf-3]area 0
[Huawei-ospf-3-area-0.0.0.0]net 37.1.1.1 0.0.0.255
[Huawei-ospf-3-area-0.0.0.0]net 7.7.7.7 0.0.0.0

R3

#
ospf 2 router-id 3.3.3.3 vpn-instance A-Spoke
 import-route bgp
 area 0.0.0.0 
  network 3.3.3.3 0.0.0.0 
  network 36.1.1.0 0.0.0.3 
#
ospf 3 router-id 3.3.3.3 vpn-instance B-Spoke
 import-route bgp
 area 0.0.0.0 
  network 3.3.3.3 0.0.0.0 
  network 37.1.1.0 0.0.0.255 


 #
 ipv4-family vpn-instance A-Spoke 
  import-route ospf 2
 #
 ipv4-family vpn-instance B-Spoke 
  import-route ospf 3

总结

A-Hub
宣告环回地址 Lo1

[Huawei-ospf-1-area-0.0.0.0]int lo 1
[Huawei-LoopBack1]ip add 192.168.1.1 30
[Huawei-LoopBack1]ospf 1
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 192.168.1.1 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]q

A-Spoke
宣告环回地址Lo1

[Huawei-LoopBack0]int lo 1
[Huawei-LoopBack1]ip add 192.168.2.1 24
[Huawei-LoopBack1]ospf 2
[Huawei-ospf-2]area 0
[Huawei-ospf-2-area-0.0.0.0]net 192.168.2.1 0.0.0.255
[Huawei-ospf-2-area-0.0.0.0]q

A-Hub查看OSPF学习到的路由

PE1 查看FIB表

这里是引用