拓扑分析
某公司北京研发部门A与上海研发部门B通过MPLS BGP 专线互通
配置思路
1.底层IGP与MPLS配置
2.两台PE设备(AR2/AR7)间建立VPNV4的EBGP邻居,创建VPN实例控制收发路由,PE与CE(AR1与AR8)建立VPN实例EBGP邻居
3.ASBR(AR4/AR5)间建立IPV4 EBGP邻居,且开启标签分发能力,引入本MPLS域内PE环回口,创建route-police下发ASBR之间的MPLS BGP标签
4.ASBR上开启MPLS为BGP分发标签能力,使得能从对端ASBR上学习到的PE环回口标签传输可达
配置开始
1.底层IGP与MPLS配置略过,摘取AR3与AR6的IGP与MPLS状态图
AR3上:
IGP
MPLS
AR6上:
IGP
MPLS
2.两台PE设备(AR2/AR7)间建立VPNV4的EBGP邻居,创建VPN实例控制收发路由,PE与CE(AR1与AR8)建立VPN实例EBGP邻居
AR2上:
ip vpn-instance VPNA //起VPN实例
ipv4-family
route-distinguisher 1:1
vpn-target 100:100 export-extcommunity
vpn-target 100:100 import-extcommunity
bgp 100 //与对端PE起EBGP邻居
peer 7.7.7.7 as-number 200
peer 7.7.7.7 ebgp-max-hop 255
peer 7.7.7.7 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
undo peer 7.7.7.7 enable
#
ipv4-family vpnv4
policy vpn-target
peer 7.7.7.7 enable
#
ipv4-family vpn-instance VPNA //与CE起VPN实例邻居
peer 192.168.0.2 as-number 300
AR1上:
bgp 300
router-id 1.1.1.1
peer 192.168.0.1 as-number 100
#
ipv4-family unicast
undo synchronization
network 1.1.1.1 255.255.255.255
peer 192.168.0.1 enable
AR7与AR8同理
3.ASBR(AR4/AR5)间建立IPV4 EBGP邻居,且开启标签分发能力,引入本MPLS域内PE环回口,创建route-police下发ASBR之间的MPLS BGP标签
AR4上:
route-policy OUT permit node 0 //路由策略
apply mpls-label
bgp 100
peer 192.168.1.2 as-number 200 //与对端ASBR起EBG邻居
#
ipv4-family unicast
undo synchronization
network 2.2.2.2 255.255.255.255 //引入本地MPLS域内的PE环回口
peer 192.168.1.2 enable
peer 192.168.1.2 route-policy OUT export //引用路由策略
peer 192.168.1.2 label-route-capability //开启标签分发能力
AR5上:
route-policy OUT permit node 0 //路由策略
apply mpls-label
bgp 200
peer 192.168.1.1 as-number 100 //与对端ASBR起EBG邻居
#
ipv4-family unicast
undo synchronization
network 7.7.7.7 255.255.255.255 //引入本地MPLS域内的PE环回口
peer 192.168.1.1 enable
peer 192.168.1.1 route-policy OUT export //引用路由策略
peer 192.168.1.1 label-route-capability //开启标签分发能力
4.ASBR上开启MPLS为BGP分发标签能力,使得能从对端ASBR上学习到的PE环回口标签传输可达
interface GigabitEthernet0/0/1 //接口下开MPLS标签
mpls
#
mpls
lsp-trigger bgp-label-route //开启MPLS为BGP分发标签能力
AR1上测试连通性