本文深入探讨了6VPE技术,一种允许IPv6路由在L3VPN VRF中使用的网络技术。通过新增的vpnv6地址族,MP-BGP得以支持这些操作。文章详细介绍了如何在现有的IPv4+MPLS L3VPN核心上配置6VPE,包括基本核心配置、MP-BGP VPNv6对等设置及验证过程。
6VPE is a network technology that allows IPv6 routes to be included in L3VPN VRFs. A new address family, vpnv6 has been added to MP-BGP to support these operations. An existing IPv4+MPLS L3VPN core is used and this technology functions without IPv6 running on the P routers in the core. VPNv6 address-family neighbors are peered via IPv4 addresses just like vpnv4 address families.
The primary reason for this solution is as of this writing LDP does not support IPv6 prefixes. You can not create a fully functional label switched core using IPv6. This requires making use of an existing IPv4 label switched core in order to distribute IPv6 labels properly. 6VPE is a solution for using IPv6 inside of L3VPNs, while 6PE is a technology for using IPv6 in the global table on a label switched core.
Here is the network we will be using for this example:
6VPE Lab Diagram
Basic core configuration
The first step in setting up a network like this is to get the core configured with LDP and OSPF. The idea here is to give R1 the ability to ping R3 Loopback0 from R1 Loopback0, while making use of label switching. This will be the base that we build the L3VPN MP-BGP peering on later.
We will walk through the configuration of R1. Full router configs are included at the end of the article.
Configure loopback interface:
interface Loopback0
ip address 123.123.123.1 255.255.255.255
end
Enable MPLS and IP:
mpls ip
mpls label protocol ldp
mpls ldp router-id Loopback0
Enable OSPF:
router ospf 123
router-id 123.123.123.1
log-adjacency-changes
network 123.123.12.1 0.0.0.0 area 0
network 123.123.123.1 0.0.0.0 area 0
Provision PE-P link:
interface FastEthernet1/0
description ** Connection to R2 f1/0 **
ip address 123.123.12.1 255.255.255.0
speed auto
duplex auto
mpls ip
end
This should give you a good idea of how we are configuring the core. Basically repeat this process on the other routers to get a complete end-to-end LSP (label switched path) between R1 and R3. You can verify this by reviewing a few pieces of information. Examples are below.
R3 routing table:
R3#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP
+ - replicated route, % - next hop override
Gateway of last resort is not set
123.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
O 123.123.12.0/24 [110/2] via 123.123.23.2, 00:00:57, FastEthernet1/0
C 123.123.23.0/24 is directly connected, FastEthernet1/0
L 123.123.23.3/32 is directly connected, FastEthernet1/0
O 123.123.123.1/32 [110/3] via 123.123.23.2, 00:00:57, FastEthernet1/0
O 123.123.123.2/32 [110/2] via 123.123.23.2, 00:00:57, FastEthernet1/0
C 123.123.123.3/32 is directly connected, Loopback0
R3 mpls forwarding table
R3#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 123.123.12.0/24 0 Fa1/0 123.123.23.2
17 16 123.123.123.1/32 0 Fa1/0 123.123.23.2
18 Pop Label 123.123.123.2/32 0 Fa1/0 123.123.23.2
Finally a traceroute to R1 Loopback0 from R3:
R3#trace 123.123.123.1 so lo0
Type escape sequence to abort.
Tracing the route to 123.123.123.1
1 123.123.23.2 [MPLS: Label 16 Exp 0] 64 msec 84 msec 64 msec
2 123.123.12.1 120 msec 80 msec *
Based on the output from the verification commands we can see we have routes and labels between R1 and R3. This is necessary to be able to do MP-BGP peering between R1 and R3 for L3VPN label distribution. With proper connectivity now established we’ll move onto getting VPNv6 peering configured and verified.
MP-BGP VPNv6 Peering
Now that we have our IPv4+MPLS core configured we can layer on the L3VPN configuration to support IPv6 transport.
Our configuration example will focus on R1. Full config files for the other routers are available at the end of this article.
Enable IPv6 on R1
ipv6 unicast-routing
ipv6 cef
Configure VRF that will have IPv6 in it:
vrf definition 6vpe
rd 123:1
route-target export 123:1
route-target import 123:3
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
Configure CE facing interface with IPv6 and VRF defined
interface FastEthernet1/1
description ** Connection to R4 (VRF 6vpe) **
vrf forwarding 6vpe
no ip address
speed 10
duplex half
ipv6 address FEC0::1/64
end
Configure MP-BGP peering for VPNv6 between R1 and R3
router bgp 123
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 123.123.123.3 remote-as 123
neighbor 123.123.123.3 update-source Loopback0
!
address-family ipv4
no synchronization
no auto-summary
exit-address-family
!
address-family vpnv6
neighbor 123.123.123.3 activate
neighbor 123.123.123.3 send-community both
exit-address-family
!
address-family ipv6 vrf 6vpe
redistribute connected
redistribute static
no synchronization
exit-address-family
Create static route on R1 to get to Loopback0 on R4
ipv6 route vrf 6vpe FEC0:0:0:1::/64 FEC0::2
This configuration is basically mirrored onto R3. Once the configs are complete the verification process can begin.
Verify mpls forwarding table on R1
R1#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 123.123.123.2/32 0 Fa1/0 123.123.12.2
17 Pop Label 123.123.23.0/24 0 Fa1/0 123.123.12.2
18 19 123.123.123.3/32 0 Fa1/0 123.123.12.2
19 No Label FEC0::/64[V] 3108 aggregate/6vpe
20 No Label FEC0:0:0:1::/64[V] \
3762 Fa1/1 FEC0::2
Traceroute from R1 to R3 on 6VPE vrf
R1#trace vrf 6vpe ipv6 fec0:0:0:3::1
Type escape sequence to abort.
Tracing the route to FEC0:0:0:3::1
1 ::FFFF:123.123.12.2 [MPLS: Labels 19/20 Exp 0] 116 msec 104 msec 84 msec
2 FEC0:0:0:2::1 [MPLS: Label 20 Exp 0] 80 msec 68 msec 48 msec
3 FEC0:0:0:3::1 104 msec 56 msec 68 msec
Traceroute from R4 to R5 over the 6VPE L3VPN
R4#trace ipv6 fec0:0:0:3::1
Type escape sequence to abort.
Tracing the route to FEC0:0:0:3::1
1 FEC0::1 56 msec 16 msec 12 msec
2 ::FFFF:123.123.12.2 40 msec 28 msec 16 msec
3 FEC0:0:0:2::1 48 msec 20 msec 32 msec
4 FEC0:0:0:3::1 48 msec 20 msec 24 msec
Summary
6VPE, at the moment, is the best solution for establishing IPv6 connectivity inside of existing IPv4 L3VPNs, or for creating IPv6-only L3VPNs. From a configuration stand-point its basically adding an IPv6 address family to the VRF, VPNv6 and IPv6 address family to BGP, and placing an IPv6 address on a VRF enabled interface. IPv6 traffic is labeled and transmitted across an IPv4+MPLS network using label switching.
R1==========================
ip cef
!
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
no ip address
ipv6 address 2000::1/128
!
interface e0/0
no ip address
no sh
int e0/0.12
en do 12
ipv6 address 2012::1/64
!
ipv6 route ::/0 2012::2
!
!
R2===================================
vrf definition 6VPE
rd 1:1
route-target export 1:1
route-target import 1:1
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
!
ip cef
!
no ip domain lookup
ipv6 unicast-routing
ipv6 cef
!
mpls label protocol ldp
mpls lab ran 2000 2999
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface e0/0
no ip address
no shutdown
!
interface e0/0.23
en do 23
ip address 23.1.1.2 255.255.255.0
mpls ip
!
interface e0/0.12
en do 12
vrf forwarding 6VPE
no ip address
ipv6 address 2012::2/64
!
router ospf 100
router-id 2.2.2.2
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 23.1.1.2 0.0.0.0 area 0
!
router bgp 100
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
!
!
address-family vpnv6
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community both
exit-address-family
!
address-family ipv6 vrf 6VPE
redistribute connected
redistribute static
no synchronization
exit-address-family
!
ipv6 route vrf 6VPE 2000::1/128 2012::1
!
mpls ldp router-id Loopback0
!
R3=============================
ip cef
mpls label protocol ldp
mpls lab r 3000 3999
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface e0/0
no ip address
no sh
!
interface e0/0.23
en do 23
ip address 23.1.1.3 255.255.255.0
mpls ip
!
interface e0/0.34
en do 34
ip address 34.1.1.3 255.255.255.0
mpls ip
!
router ospf 100
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 23.1.1.3 0.0.0.0 area 0
network 34.1.1.3 0.0.0.0 area 0
mpls ldp router-id Loopback0
!
R4==========================
vrf definition 6VPE
rd 1:1
route-target export 1:1
route-target import 1:1
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
!
ip cef
!
ipv6 unicast-routing
ipv6 cef
!
!
mpls label protocol ldp
mpls lab r 4000 4999
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface e0/0
no ip address
no shutdown
!
interface e0/0.34
en do 34
ip address 34.1.1.4 255.255.255.0
mpls ip
!
interface e0/0.45
en do 45
vrf forwarding 6VPE
no ip address
ipv6 address 2045::4/64
!
router ospf 100
router-id 4.4.4.4
log-adjacency-changes
network 4.4.4.4 0.0.0.0 area 0
network 34.1.1.4 0.0.0.0 area 0
!
router bgp 100
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
!
address-family ipv4
no synchronization
no auto-summary
exit-address-family
!
address-family vpnv6
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
exit-address-family
!
address-family ipv6 vrf 6VPE
redistribute connected
redistribute static
no synchronization
exit-address-family
!
ipv6 route vrf 6VPE 2000::5/128 2045::5
!
mpls ldp router-id Loopback0
!
R5=====================
ip cef
ipv6 unicast-routing
ipv6 cef
!
!
interface Loopback0
no ip address
ipv6 address 2000::5/128
!
interface e0/0
no sh
int e0/0.45
en do 45
no ip address
ipv6 address 2045::5/64
!
ipv6 route ::/0 2045::4
!
!
扫一扫
3万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
