【mpls】

题目要求

IP配置

R1
inter g0/0/0
ip ad 192.168.2.1 24
inter lo0
ip ad 192.168.1.1 24
R5
inter g0/0/0
ip ad 192.168.3.1 24
inter lo0
ip ad 192.168.4.1 24
R6
inter g0/0/0
ip ad 192.168.2.1 24
inter lo0
ip ad 192.168.1.2 24
R7
inter g0/0/0
ip ad 192.168.3.1 24
inter lo0
ip ad 192.168.4.2 24

ISP部分
R2
inter g0/0/1
ip ad 23.1.1.2 24
inter lo0
ip ad 2.2.2.2 24

R3
inter g0/0/0
ip ad 23.1.1.3 24
inter g0/0/1
ip ad 34.1.1.3 24
inter lo0
ip ad 3.3.3.3 24

R4
inter g0/0/0
ip ad 34.1.1.4 24
inter lo0
ip ad 4.4.4.4 24

OSPF配置

R2
ospf 1 router-id 2.2.2.2
area 0
network 23.1.1.0 0.0.0.255
network 2.2.2.0 0.0.0.255

R3
ospf 1 router-id 3.3.3.3
area 0
network 23.1.1.0 0.0.0.255
network 34.1.1.0 0.0.0.255
network 3.3.3.0 0.0.0.255

R4
ospf 1 router-id 4.4.4.4
area 0
network 34.1.1.0 0.0.0.255
network 4.4.4.0 0.0.0.255

MPLS配置

R2
mpls lsr-id 2.2.2.2
mpls
mpls ldp
q

interface GigabitEthernet 0/0/1
mpls
mpls ldp

R3
mpls lsr-id 3.3.3.3
mpls
mpls ldp
q

interface GigabitEthernet 0/0/0
mpls
mpls ldp

interface GigabitEthernet 0/0/1
mpls
mpls ldp

R4
mpls lsr-id 4.4.4.4
mpls
mpls ldp
q

interface GigabitEthernet 0/0/0
mpls
mpls ldp

//在公网上面配置好mpls

MPLS VPN配置

R2
ip vpn-instance a
route-distinguisher 1:1 //设置RD值，全网唯一
vpn-target 1:1 RT值 必须对端的PE端一致
interface GigabitEthernet 0/0/0 进入链接CE端的接口
ip binding vpn-instance a 关联到vrf空间
ip address 192.168.2.2 24 配置私有ip地址

ip vpn-instance b
route-distinguisher 2:2
vpn-target 2:2
interface GigabitEthernet 0/0/2
ip binding vpn-instance b
ip address 192.168.2.2 24

R4
ip vpn-instance a
route-distinguisher 1:1
vpn-target 1:1
interface GigabitEthernet 0/0/1
ip binding vpn-instance a
ip address 192.168.3.2 24

ip vpn-instance b
route-distinguisher 2:2
vpn-target 2:2
interface GigabitEthernet 0/0/2
ip binding vpn-instance b
ip address 192.168.3.2 24

实现公司互通

R1
ospf 2
area 0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255

R2
ospf 2 vpn-instance a
area 0
network 192.168.2.0 0.0.0.255

R6
ospf 3
area 0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255

R2
ospf 3 vpn-instance b
area 0
network 192.168.2.0 0.0.0.255

R5
ospf 2
area 0
network 192.168.3.0 0.0.0.255
network 192.168.4.0 0.0.0.255

R4
ospf 2 vpn-instance a
area 0
network 192.168.3.0 0.0.0.255

R7
ospf 3
area 0
network 192.168.3.0 0.0.0.255
network 192.168.4.0 0.0.0.255

R4
ospf 3 vpn-instance b
area 0
network 192.168.3.0 0.0.0.255

Bgp配置

R2
bgp 1
peer 4.4.4.4 as-number 1
peer 4.4.4.4 connect-interface lo0
ipv4-family vpnv4
peer 4.4.4.4 enable

R4
bgp 1
peer 2.2.2.2 as-number 1
peer 2.2.2.2 connect-interface lo0
ipv4-family vpnv4
peer 2.2.2.2 enable

双向重发布
R2
bgp 1
ipv4-family vpn-instance a
import-route ospf 2
ipv4-family vpn-instance b
import-route ospf 3
q
ospf 2
import-route bgp
ospf 3
import-route bgp

R4
bgp 1
ipv4-family vpn-instance a
import-route ospf 2
ipv4-family vpn-instance b
import-route ospf 3
q
ospf 2
import-route bgp
ospf 3
import-route bgp

MPLS VPN完成 私网环境(A1与A2 B1与B2)互通
解决R7(公司B2)上网问题 (R4-R7的g4/0/0-g0/0/1属于上网链路)

R4
inter g4/0/0
ip ad 100.1.1.1 24

R7
inter g0/0/1
ip ad 100.1.1.2 24

acl 2000
rule permit source any
q
inter g0/0/1
nat outbound 2000
q

下放缺省

R7
ospf 3
default-route-advertise always
q
ip route-static 0.0.0.0 0 100.1.1.1

R4
bgp 1
network 100.1.1.0 24

R3
ip route-static 0.0.0.0 0 34.1.1.4

R6
ip route-static 0.0.0.0 0 192.168.2.2

R4
bgp 1
ipv4-family vpn-instance b
default-route imported