实验目的:通过MPLS、IS-IS、BGP、MPLS VPN 技术,使R1上的LoopBack0的1.1.1.1能够ping通R5上的LoopBack0的5.5.5.5。
开始配置:
IP配置:
<R1>dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.1.1.1/24 up up
LoopBack0 1.1.1.1/32 up up(s)
NULL0 unassigned up up(s)
<R2>dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 12.1.1.2/24 up up
GigabitEthernet0/0/1 23.1.1.2/24 up up
LoopBack0 2.2.2.2/32 up up(s)
NULL0 unassigned up up(s)
<R3>dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 23.1.1.3/24 up up
GigabitEthernet0/0/1 34.1.1.3/24 up up
LoopBack0 3.3.3.3/32 up up(s)
NULL0 unassigned up up(s)
<R4>dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 34.1.1.4/24 up up
GigabitEthernet0/0/1 45.1.1.4/24 up up
LoopBack0 4.4.4.4/32 up up(s)
NULL0 unassigned up up(s)
<R5>dis ip in br
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 45.1.1.5/24 up up
LoopBack0 5.5.5.5/32 up up(s)
NULL0 unassigned up up(s)
IS-IS配置:
[R2]isis 1
[R2-isis-1]network-entity 49.0002.0000.0000.0002
[R2-isis-1]is-level level-2
[R2-isis-1]int g 0/0/1
[R2-GigabitEthernet0/0/1]isis enable 1
[R2-GigabitEthernet0/0/1]int loop 0
[R2-LoopBack0]isis enable 1
[R3]isis 1
[R3-isis-1]network-entity 49.0003.0000.0000.0003.00
[R3-isis-1]is-level level-2
[R3-isis-1]int g0/0/0
[R3-GigabitEthernet0/0/0]isis enable 1
[R3-GigabitEthernet0/0/0]int g 0/0/1
[R3-GigabitEthernet0/0/1]isis enable 1
[R3-GigabitEthernet0/0/1]int loo 0
[R3-LoopBack0]isis enable 1
[R4]isis 1
[R4-isis-1]network-entity 49.0004.0000.0000.0004.00
[R4-isis-1]is-level level-2
[R4-isis-1]int g 0/0/0
[R4-GigabitEthernet0/0/0]isis enable 1
[R4-GigabitEthernet0/0/1]int loo 0
[R4-LoopBack0]isis enable 1
配置完成测试一下
[R2-LoopBack0]ping -a 2.2.2.2 4.4.4.4
PING 4.4.4.4: 56 data bytes, press CTRL_C to break
Reply from 4.4.4.4: bytes=56 Sequence=1 ttl=254 time=90 ms
Reply from 4.4.4.4: bytes=56 Sequence=2 ttl=254 time=60 ms
Reply from 4.4.4.4: bytes=56 Sequence=3 ttl=254 time=60 ms
--- 4.4.4.4 ping statistics ---
3 packet(s) transmitted
3 packet(s) received
0.00% packet loss
round-trip min/avg/max = 60/70/90 ms配置MPLS,涉及到MPLS的路由器为R2、R3、R4:
[R2]mpls lsr-id 2.2.2.2
[R2]mpls
[R2-mpls]mpls ldp
[R2-GigabitEthernet0/0/0]int g 0/0/1
[R2-GigabitEthernet0/0/1]mpls
[R2-GigabitEthernet0/0/1]mpls ldp
[R3]mpls lsr-id 3.3.3.3
[R3]mpls
[R3-mpls]mpls ldp
[R3-mpls-ldp]int g 0/0/0
[R3-GigabitEthernet0/0/0]mpls
[R3-GigabitEthernet0/0/0]mpls ldp
[R3-GigabitEthernet0/0/0]int g 0/0/1
[R3-GigabitEthernet0/0/1]mpls
[R3-GigabitEthernet0/0/1]mpls ldp
[R4]mpls lsr-id 4.4.4.4
[R4]mpls
[R4-mpls]mpls ldp
[R4-mpls-ldp]int g 0/0/0
[R4-GigabitEthernet0/0/0]mpls
[R4-GigabitEthernet0/0/0]mpls ldp
//在R3上查看mpls邻居是否建立成功
[R3]display mpls ldp peer
LDP Peer Information in Public network
A '*' before a peer means the peer is being deleted.
------------------------------------------------------------------------------
PeerID TransportAddress DiscoverySource
------------------------------------------------------------------------------
2.2.2.2:0 2.2.2.2 GigabitEthernet0/0/0
4.4.4.4:0 4.4.4.4 GigabitEthernet0/0/1
------------------------------------------------------------------------------
TOTAL: 2 Peer(s) Found.
//接着查看标签是否连续且一致(//不太了解这个标签原理,所以有些词不达意,一般邻居建立成功都是对的)
[R4]dis mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
2.2.2.2/32 NULL/1024 -/GE0/0/0
2.2.2.2/32 1024/1024 -/GE0/0/0
3.3.3.3/32 NULL/3 -/GE0/0/0
3.3.3.3/32 1025/3 -/GE0/0/0
4.4.4.4/32 3/NULL -/- //看这个 In/Out Label列的3/NULL
[R3]displa mpls ls
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
2.2.2.2/32 NULL/3 -/GE0/0/0
2.2.2.2/32 1024/3 -/GE0/0/0
3.3.3.3/32 3/NULL -/-
4.4.4.4/32 NULL/3 -/GE0/0/1
4.4.4.4/32 1025/3 -/GE0/0/1 //接着看这个
[R2]display mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
2.2.2.2/32 3/NULL -/-
3.3.3.3/32 NULL/3 -/GE0/0/1
3.3.3.3/32 1024/3 -/GE0/0/1
4.4.4.4/32 NULL/1025 -/GE0/0/1 //最后应该看这个
4.4.4.4/32 1025/1025 -/GE0/0/1 这个样子MPLS的第一步应该算是配置完成,接着我们配置bgp 200。
BGP 200中需要配置的路由器为R2和R4。
[R2]bgp 200
[R2-bgp]undo default ipv4-unicast //关闭ipv4的peer自动建立
[R2-bgp]router-id 2.2.2.2
[R2-bgp]peer 4.4.4.4 as-number 200
[R2-bgp]peer 4.4.4.4 connect-interface LoopBack 0
[R2-bgp]ipv4-family vpnv4 //我们需要的是在vpnv4中建立
[R2-bgp-af-vpnv4]peer 4.4.4.4 enable
R4同样配置
[R4]bgp 200
[R4-bgp]undo default ipv4-unicast
[R4-bgp]router-id 4.4.4.4
[R4-bgp]peer 2.2.2.2 as-number 200
[R4-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[R4-bgp]ipv4-family vpnv4
[R4-bgp-af-vpnv4]peer 2.2.2.2 enable
查询bgp邻居
[R4-bgp]display bgp vpnv4 all peer
BGP local router ID : 4.4.4.4
Local AS number : 200
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv
2.2.2.2 4 200 2 3 0 00:00:24 Established 配置R1和R5的bgp
[R1]bgp 100
[R1-bgp]router-id 1.1.1.1
[R1-bgp]peer 12.1.1.2 as-number 200
[R1-bgp]network 1.1.1.1 32
[R5]bgp 300
[R5-bgp]router-id 5.5.5.5
[R5-bgp]peer 45.1.1.4 as-number 200
[R1-bgp]network 5.5.5.5 32配置R2上的VPN实例,创建完实例后,进入bgp中绑定
[R2]ip vpn-instance 1
[R2-vpn-instance-1]route-distinguisher 1:1
[R2-vpn-instance-1]vpn-target 1:5 export-extcommunity
[R2-vpn-instance-1]vpn-target 5:1 import-extcommunity
[R2-vpn-instance-1-af-ipv4]int g 0/0/0
[R2-GigabitEthernet0/0/0]ip binding vpn-instance 1
[R2-GigabitEthernet0/0/0]ip address 12.1.1.2 24 //绑定实例之后需要重新敲ip地址
[R2]bgp 200
[R2-bgp]ipv4-family vpn-instance 1
[R2-bgp-1]peer 12.1.1.1 as-number 100
配置R4上的VPN实例,创建完实例后,进入bgp中绑定
[R4]ip vpn-instance 5
[R4-vpn-instance-5]route-distinguisher 5:5
[R4-vpn-instance-5]vpn-target 1:5 import-extcommunity
[R4-vpn-instance-5]vpn-target 5:1 export-extcommunity
[R4-bgp-5]int g 0/0/1
[R4-GigabitEthernet0/0/1]ip binding vpn-instance 5
[R4-GigabitEthernet0/0/1]ip address 45.1.1.4 24[R4]bgp 200
[R4-bgp]ipv4-family vpn-instance 5
[R4-bgp-5]peer 45.1.1.5 as-number 300本地路由转发介绍一下:
[R2]dis bgp vpnv4 all routing-table
BGP Local router ID is 2.2.2.2
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 1
Route Distinguisher: 1:1
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 1.1.1.1/32 12.1.1.1 0 0 100i
VPN-Instance 1, Router ID 2.2.2.2:
Total Number of Routes: 1
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 1.1.1.1/32 12.1.1.1 0 0 100i
在R2上,先收到了来自vpn实例1的路由1.1.1.1,通过本地路由转发到了ipv4路由上,所以有了2条路由。接下来看一下R4的路由。
[R4]dis bgp vpnv4 all routing-table
BGP Local router ID is 4.4.4.4
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 1
Route Distinguisher: 1:1
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 1.1.1.1/32 2.2.2.2 0 100 0 100i
VPN-Instance 5, Router ID 4.4.4.4:
Total Number of Routes: 1
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 1.1.1.1/32 2.2.2.2 0 100 0 100i
在R4上,先收到了来自ipv4的路由1.1.1.1,通过本地路由转发到了vpn实例5上。
在R1上测试:实验成功。
[R1]ping -a 1.1.1.1 5.5.5.5
PING 5.5.5.5: 56 data bytes, press CTRL_C to break
Reply from 5.5.5.5: bytes=56 Sequence=1 ttl=253 time=110 ms
Reply from 5.5.5.5: bytes=56 Sequence=2 ttl=253 time=90 ms
Reply from 5.5.5.5: bytes=56 Sequence=3 ttl=253 time=120 ms
Reply from 5.5.5.5: bytes=56 Sequence=4 ttl=253 time=110 ms
Reply from 5.5.5.5: bytes=56 Sequence=5 ttl=253 time=90 ms
--- 5.5.5.5 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 90/104/120 ms
小计:VPN路由自动递归到隧道,所以route recursive-lookup tunnel不需要敲。
最后:此文章仅作为本人备考HCIE过程中的实验记录,文章如果有错,欢迎各位大佬指正。若是有同样备考IE的小伙伴可以私聊我,一起学习~
1913
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
