MPLS--通过全局路由表接入因特网（GRE）

最新推荐文章于 2023-11-04 14:20:27 发布

weixin_33747129

最新推荐文章于 2023-11-04 14:20:27 发布

阅读量191

点赞数

原文链接：http://blog.51cto.com/692344/900247

版权

拓扑如下：

为CE路由器提供因特网接入的简单方法是让PE上的一个连接到CE路由器上的接口处于全局路由空间中，既PE路由器有一个指向CE路由器的VRF接口，还有一个指向CE路由器的接口但是不在VRF中。那么CE路由器就可以将××× 流量发送到×××接口，将因特网流量发送的到全局路由表接口。

这个方法的缺点是在PE和CE之间使用两条链路。可行的解决问题方法有FR或802.1Q子接口，但是有时候ISP是不允许封装第二层子接口，这时就可以使用GRE隧道穿越VRF接口。

CE路由器的缺省路由指向隧道接口，所有非精确匹配路由流量都会根据缺省路由被发送到隧道口到达全局路由表，而有精确匹配路由流量都会发送到物理接口，到达VRF。从因特网到用户的流量将根据PE路由器的静态路由转发到隧道口。isp在骨干网转发来自和去往因特网的流量。

配置如下：

R5#show run
Building configuration...

Current configuration : 891 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R5
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
interface Tunnel1
ip address 10.0.0.5 255.255.255.0
tunnel source FastEthernet0/1
tunnel destination 192.168.15.1
!
interface FastEthernet0/0
ip address 192.168.5.5 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.15.5 255.255.255.0
duplex auto
speed auto
!
!
router rip
version 2
network 192.168.5.0
network 192.168.15.0
no auto-summary
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 Tunnel1
!

control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end

-------------------------------华丽的分割线-------------------------------------------------

R1#sh run
Building configuration...

Current configuration : 1867 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
ip vrf r1
rd 1:100
route-target export 1:100
route-target import 4:100
!
mpls label range 100 199
mpls label protocol ldp
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Tunnel1
ip address 10.0.0.1 255.255.255.0
tunnel source FastEthernet0/1
tunnel destination 192.168.15.5
tunnel vrf r1
!
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
duplex auto
speed auto
mpls ip
!
interface FastEthernet0/1
ip vrf forwarding r1
ip address 192.168.15.1 255.255.255.0
duplex auto
speed auto
!
!
router ospf 100
router-id 1.1.1.1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 192.168.12.0 0.0.0.255 area 0
!
router rip
!
address-family ipv4 vrf r1
redistribute bgp 100 metric transparent
network 192.168.15.0
no auto-summary
version 2
exit-address-family
!
router bgp 100
bgp router-id 1.1.1.1
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
!
address-family ipv4
redistribute static
neighbor 4.4.4.4 activate
no auto-summary
no synchronization
exit-address-family
!
address-family ***v4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
exit-address-family
!
address-family ipv4 vrf r1
redistribute rip
no synchronization
exit-address-family
!
no ip http server
no ip http secure-server
ip route 192.168.5.0 255.255.255.0 Tunnel1
!
mpls ldp router-id Loopback0
!
!
control-plane
!

line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end