目录
实验环境
实验要求
1、R1和R5是客户A两个站点的cE设备,R6和R7是客户B两个站点的CE设备,通过 MPLS VPN骨干网络分别连接不同客户的站点。
2、R1和R5采用静态路由方式传递私网路由,R6通过Rip将私网路由传递给PE设备;R7通过ospF将私网路由传递给pE设备
3、R7单独拉一根网线,R7可以访问R2/R3/R4环回
实验步骤
1、分配IP地址
R1 | 环回0:192.168.1.1/24 G0/0/0:192.168.2.1/24 | R2 | 环回0:2.2.2.2/24 G0/0/0:192.168.2.2/24 G0/0/1:172.16.2.2/24 G0/0/2:23.0.0.1/24 |
R3 | 环回0:3.3.3.3/24 G0/0/0:23.0.0.2/24 G0/0/1:34.0.0.1/24 | R4 | 环回0:4.4.4.4/24 G0/0/0:192.168.3.1/24 G0/0/1:172.16.3.1/24 G0/0/2:34.0.0.2/24 G4/0/0:47.0.0.1/24 |
R5 | 环回0:192.168.4.1/24 G0/0/0:192.168.3.2/24 | R6 | 环回0:172.16.1.1/24 G0/0/0:172.16.2.1/24 |
R7 | 环回0:172.16.4.1/24 G0/0/0:172.16.3.2/24 G0/0/1:47.0.0.2/24 |
分析:其中R2的G0/0/0接口、G0/0/1接口和R4G0/0/1接口、G0/0/2接口的IP地址需要在VRF空间创建好之后将对应接口划分进入对应的VRF空间后进行配置,否则配置的该IP地址会被VRF空间删除。
2、对MPLS-VPN骨干网络进行OSPF宣告
2.1配置命令
R2:
[r2]ospf 1 router-id 2.2.2.2
[r2-ospf-1]area 0
[r2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[r2-ospf-1-area-0.0.0.0]network 23.0.0.0 0.0.0.255
R3:
[r3]ospf 1 router-id 3.3.3.3
[r3-ospf-1]area 0
[r3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[r3-ospf-1-area-0.0.0.0]network 23.0.0.0 0.0.0.255
[r3-ospf-1-area-0.0.0.0]network 34.0.0.0 0.0.0.255
R4:
[r4]ospf 1 router-id 4.4.4.4
[r4-ospf-1]area 0
[r4-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0
[r4-ospf-1-area-0.0.0.0]network 34.0.0.0 0.0.0.255
[r4-ospf-1-area-0.0.0.0]network 47.0.0.0 0.0.0.255
2.2检查MPLS-VPN骨干获取情况
R2:
R3:
R4:
3、开启MPLS
3.1配置命令
R2:
[r2]mpls lsr-id 2.2.2.2
[r2]mpls
Info: Mpls starting, please wait... OK!
[r2-mpls]q
[r2]mpls ldp
[r2-mpls-ldp]q
[r2]int g 0/0/2
[r2-GigabitEthernet0/0/2]mpls
[r2-GigabitEthernet0/0/2]mpls ldp
R3:
[r3]mpls lsr-id 3.3.3.3
[r3]mpls
Info: Mpls starting, please wait... OK!
[r3-mpls]q
[r3]mpls ldp
[r3-mpls-ldp]q
[r3]int g 0/0/0
[r3-GigabitEthernet0/0/0]mpls
[r3-GigabitEthernet0/0/0]mpls ldp
[r3-GigabitEthernet0/0/0]int g 0/0/1
[r3-GigabitEthernet0/0/1]mpls
[r3-GigabitEthernet0/0/1]mpls ldp
R4:
[r4]mpls lsr-id 4.4.4.4
[r4]mpls
Info: Mpls starting, please wait... OK!
[r4-mpls]q
[r4]mpls ldp
[r4-mpls-ldp]q
[r4]int g 0/0/2
[r4-GigabitEthernet0/0/2]mpls
[r4-GigabitEthernet0/0/2]mpls ldp
3.2查看LSP信息
R2:
R3:
R4:
4、创建VRF空间
4.1客户A
R2:
[r2]ip vpn-instance a
[r2-vpn-instance-a1]route-distinguisher 1:5
[r2-vpn-instance-a1-af-ipv4]vpn-target 1:1 export-extcommunity
[r2-vpn-instance-a1-af-ipv4]vpn-target 1:1 import-extcommunity
[r2-vpn-instance-a1-af-ipv4]q
[r2-vpn-instance-a1]q
[r2]int g 0/0/0
[r2-GigabitEthernet0/0/0]ip binding vpn-instance a
[r2-GigabitEthernet0/0/0]ip ad 192.168.2.2 24
R4:
[r4]ip vpn-instance a
[r4-vpn-instance-a2]route-distinguisher 1:5
[r4-vpn-instance-a2-af-ipv4]vpn-target 1:1 import-extcommunity
[r4-vpn-instance-a2-af-ipv4]vpn-target 1:1 export-extcommunity
[r4-vpn-instance-a2-af-ipv4]q
[r4-vpn-instance-a2]q
[r4]int g 0/0/0
[r4-GigabitEthernet0/0/0]ip binding vpn-instance a
[r4-GigabitEthernet0/0/0]ip ad 192.168.3.1 24
4.2客户B
R2:
[r2]ip vpn-instance b
[r2-vpn-instance-b1]route-distinguisher 6:7
[r2-vpn-instance-b1-af-ipv4]vpn-target 2:2 export-extcommunity
[r2-vpn-instance-b1-af-ipv4]vpn-target 2:2 import-extcommunity
[r2-vpn-instance-b1-af-ipv4]q
[r2-vpn-instance-b1]q
[r2]int g 0/0/1
[r2-GigabitEthernet0/0/1]ip binding vpn-instance b
[r2-GigabitEthernet0/0/1]ip ad 172.16.2.2 24
R4:
[r4]ip vpn-instance bi
[r4-vpn-instance-b2]route-distinguisher 6:7
[r4-vpn-instance-b2-af-ipv4]vpn-target 2:2 import-extcommunity
[r4-vpn-instance-b2-af-ipv4]vpn-target 2:2 export-extcommunity
[r4-vpn-instance-b2-af-ipv4]q
[r4-vpn-instance-b2]q
[r4]int g 0/0/1
[r4-GigabitEthernet0/0/1]ip binding vpn-instance b
[r4-GigabitEthernet0/0/1]ip ad 172.16.3.1 24
4.3验证
R2pingR1:
R2pingR6:
R4pingR5:
R4pingR7:
5、对客户A站点的路由器添加静态路由
R1:
[r1]ip route-static 192.168.3.0 24 192.168.2.2
[r1]ip route-static 192.168.4.0 24 192.168.2.2
R2:
[r2]ip route-static vpn-instance a 192.168.1.0 24 192.168.2.1
R4:
[r4]ip route-static vpn-instance a 192.168.4.0 24 192.168.3.2
R5:
[r5]ip route-static 192.168.1.0 24 192.168.3.1
[r5]ip route-static 192.168.2.0 24 192.168.3.1
6、客户B开启RIP和OSPF宣告路由信息
6.1客户B站点1开启RIP
R2:
[r2]rip 1 v
[r2]rip 1 vpn-instance b
[r2-rip-1]v 2
[r2-rip-1]network 172.16.0.0
R6:
[r6]rip 1
[r6-rip-1]v 2
[r6-rip-1]network 172.16.0.0
6.2客户B站点2开启ospf
R4:
[r4]ospf 2 vpn-instance b router-id 4.4.4.4
[r4-ospf-2]area 0
[r4-ospf-2-area-0.0.0.0]network 172.16.0.0 0.0.255.255
R7:
[r7]ospf 1 router-id 7.7.7.7
[r7-ospf-1]area 0
[r7-ospf-1-area-0.0.0.0]network 172.16.0.0 0.0.255.255
7、MP-BGP建邻
客户A
R2:
[r2]bgp 1
[r2-bgp]router-id 2.2.2.2
[r2-bgp]peer 4.4.4.4 as 1
[r2-bgp]peer 4.4.4.4 connect-interface LoopBack 0
[r2-bgp]ipv4-family vpnv4
[r2-bgp-af-vpnv4]peer 4.4.4.4 enable
R4:
[r4]bgp 1
[r4-bgp]router-id 4.4.4.4
[r4-bgp]peer 2.2.2.2 as 1
[r4-bgp]peer 2.2.2.2 connect-interface LoopBack 0
[r4-bgp]ipv4-family vpnv4
[r4-bgp-af-vpnv4]peer 2.2.2.2 enable
8、MP-BGP路由发布
客户A
R2:
[r2]bgp 1
[r2-bgp]ipv4-family vpn-instance a
[r2-bgp-a1]import-route direct
[r2-bgp-a1]import-route static
R4:
[r4]bgp 1
[r4-bgp]ipv4-family vpnv4
[r4-bgp]ipv4-family vpn-instance a
[r4-bgp-a2]import-route direct
[r4-bgp-a2]import-route static
客户B
R2:
[r2]bgp 1
[r2-bgp]ipv4-family vpn-instance b
[r2-bgp-b]import-route rip 1
[r2-bgp-b]q
[r2-bgp]q
[r2]rip 1
[r2-rip-1]import-route bgp
R4:
[r4]bgp 1
[r4-bgp]ipv4-family vpn-instance b
[r4-bgp-b]import-route ospf 2
[r4-bgp-b]q
[r4-bgp]q
[r4]ospf 2
[r4-ospf-2]import-route bgp
9、对R7添加缺省路由
分析:由于先前已经在R4上将自身直连的47.0.0.0网段的路由进行了宣告,所以在BGP骨干链路上的设备已经获取到了47.0.0.0网段的路由,所以想要使R7可以访问R2/3/4的环回,只需为R7添加缺省路由即可进行通讯。
命令:[r7]ip route-static 0.0.0.0 0 47.0.0.1
检查:
R7pingR2的环回,
R7pingR3的环回,
R7pingR4的环回,