MPLS VPN实验

已于 2023-08-16 17:01:23 修改
阅读量50 收藏
点赞数
文章标签: 网络
于 2023-08-16 17:00:18 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/m0_63762929/article/details/132306354
版权

实验图及要求

拓扑图

1.配置IP地址

注:先不配R2g0/0/0、g0/0/02接口和R4g0/0/1、g0/0/2接口

2.配置公网路由

[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]area 0    
[R2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0   
[R2-ospf-1-area-0.0.0.0]network 23.1.1.1 0.0.0.0

[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]area 0   
[R3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0    
[R3-ospf-1-area-0.0.0.0]network 23.1.1.2 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 34.1.1.1 0.0.0.0

[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]area 0  
[R4-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0    
[R4-ospf-1-area-0.0.0.0]network 34.1.1.2 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 47.1.1.1 0.0.0.0
[R4-ospf-1]silent-interface GigabitEthernet 4/0/0
[R4-ospf-1]int g4/0/0	
[R4-GigabitEthernet4/0/0]ospf authentication-mode md5 1 cipher 123456

[R7]ip route-static 0.0.0.0 0 47.1.1.1

  R7访问公网

3.配置MPLS ldp

[R2]mpls lsr-id 2.2.2.2
[R2]mpls
Info: Mpls starting, please wait... OK!
[R2-mpls]mpls ldp
[R2-mpls-ldp]int g0/0/1
[R2-GigabitEthernet0/0/1]mpls
[R2-GigabitEthernet0/0/1]mpls ldp

[R3]mpls lsr-id 3.3.3.3
[R3]mpls
Info: Mpls starting, please wait... OK!
[R3-mpls]mpls ldp
[R3-mpls-ldp]int g0/0/0
[R3-GigabitEthernet0/0/0]mpls
[R3-GigabitEthernet0/0/0] mpls ldp
[R3-GigabitEthernet0/0/0]int g0/0/1
[R3-GigabitEthernet0/0/1]mpls
[R3-GigabitEthernet0/0/1] mpls ldp

[R4]mpls lsr-id 4.4.4.4
[R4]mpls
Info: Mpls starting, please wait... OK!
[R4-mpls]mpls ldp
[R4-mpls-ldp]int g0/0/0
[R4-GigabitEthernet0/0/0]mpls
[R4-GigabitEthernet0/0/0] mpls ldp

4.配置MPLS VPN

   4.1 R2上创建两个vrf空间B1和A1分别对应R4上创建的B2和A2

[R2]ip vpn-instance B1
[R2-vpn-instance-B1]ipv4-family
[R2-vpn-instance-B1-af-ipv4]route-distinguisher 1:1
[R2-vpn-instance-B1-af-ipv4]vpn-target 1:1
[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip binding vpn-instance B1
[R2-GigabitEthernet0/0/0]ip add 192.168.2.2 24

[R2]ip vpn-instance A1
[R2-vpn-instance-A1]ipv4-family	
[R2-vpn-instance-A1-af-ipv4]route-distinguisher 2:2	
[R2-vpn-instance-A1-af-ipv4]vpn-target 2:2
[R2]int g0/0/2	
[R2-GigabitEthernet0/0/2]ip binding vpn-instance A1
[R2-GigabitEthernet0/0/2]ip add 192.168.2.2 24

  4.2 R4创建两个vrf,B2和A2

[R4]ip vpn-instance B2	
[R4-vpn-instance-B2]ipv4-family 	
[R4-vpn-instance-B2-af-ipv4]route-distinguisher 1:1	
[R4-vpn-instance-B2-af-ipv4]vpn-target 1:1
[R4]int g0/0/1	
[R4-GigabitEthernet0/0/1]ip binding vpn-instance B2
[R4-GigabitEthernet0/0/1]ip add 192.168.3.2 24

[R4]ip vpn-instance A2	
[R4-vpn-instance-A2]ipv4-family 	
[R4-vpn-instance-A2-af-ipv4]route-distinguisher 2:2	
[R4-vpn-instance-A2-af-ipv4]vpn-target 2:2
[R4]int g0/0/2	
[R4-GigabitEthernet0/0/2]ip binding vpn-instance A2
[R4-GigabitEthernet0/0/2]ip add 192.168.3.2 24

5.在R2和R4上开启BGP,并建立MP-BPG邻居关系 

[R2]bgp 1
[R2-bgp]router-id 2.2.2.2	
[R2-bgp]peer 4.4.4.4 as-number 1	
[R2-bgp]peer 4.4.4.4 connect-interface LoopBack 0
[R2-bgp]ipv4-family vpnv4 
[R2-bgp-af-vpnv4]peer 4.4.4.4 enable

[R4]bgp 1	
[R4-bgp]router-id 4.4.4.4
[R4-bgp]peer 2.2.2.2 as-number 1
[R4-bgp]peer 2.2.2.2 connect-interface LoopBack 0	
[R4-bgp]ipv4-family vpnv4 
[R4-bgp-af-vpnv4]peer 2.2.2.2 enable

6.CE端与PE端交互路由 

   6.1 R1与R2,R5与R4配置静态

[R1]ip route-static 192.168.3.0 24 192.168.2.2
[R1]ip route-static 192.168.4.0 24 192.168.2.2

[R2]ip route-static vpn-instance B1 192.168.1.0 24 192.168.2.1
[R2]bgp 1
[R2-bgp]ipv4-family vpn-instance B1	
[R2-bgp-B1]network 192.168.1.0 24 #宣告
[R2-bgp-B1]network 192.168.2.0 24 #宣告

[R5]ip route-static 192.168.1.0 24 192.168.3.2
[R5]ip route-static 192.168.2.0 24 192.168.3.2

[R4]ip route-static vpn-instance B2 192.168.4.0 24 192.168.3.1
[R4]bgp 1
[R4-bgp]ipv4-family vpn-instance B2
[R4-bgp-B2]import-route direct #重发布
[R4-bgp-B2]import-route static #重发布

  6.2 R6上配置RIP,R2启动VPNV4专用RIP协议

[R6]rip 1
[R6-rip-1]ver 2	
[R6-rip-1]network 192.168.1.0	
[R6-rip-1]network 192.168.2.0
	
[R2]rip 1 vpn-instance A1
[R2-rip-1]ver 2	
[R2-rip-1]network 192.168.2.0

  6.3 R7上配置OSPF,R4启动VPNV4专用OSPF协议

[R7]ospf 1 router-id 7.7.7.7
[R7-ospf-1]area 0	
[R7-ospf-1-area-0.0.0.0]network 192.168.3.1 0.0.0.0	
[R7-ospf-1-area-0.0.0.0]network 192.168.4.2 0.0.0.0

[R4]ospf 2 vpn-instance A2
[R4-ospf-2]area 0	
[R4-ospf-2-area-0.0.0.0]network 192.168.3.2 0.0.0.0

 7.R6与R2,R7与R4分别进行双向重发布

[R2]bgp 1	
[R2-bgp]ipv4-family vpn-instance A1	
[R2-bgp-A1]import-route rip 1	
[R2]rip 1 vpn-instance A1	
[R2-rip-1]import-route bgp


[R4]ospf 2 vpn-instance A2	
[R4-ospf-2]import-route bgp
[R4]bgp 1	
[R4-bgp]ipv4-family vpn-instance A2	
[R4-bgp-A2]import-route ospf 2

8.测试

R1可以访问R5,R6可以访问R7

乄弋.
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值