MPLS-多场景组网

燕大虾仁

已于 2025-04-11 19:27:06 修改

阅读量172

点赞数 3

文章标签：网络

于 2025-04-11 19:25:02 首次发布

本文链接：https://blog.csdn.net/weixin_64094881/article/details/147152308

版权

如图：R1/R2/R6为AS100，R3/R4/R5为AS200。现要使AS100内路由互通，且R1/R2的流量必须经过R3。

R1和R3、R2和R3用OSPF协议。R5和R6用BGP协议。

在R3上启用2个实例，分别绑定R1和R2、出向RT值设置为12：1，入向RT值设置为1：12

在R5上也启用两个实例，一个用来接收R1/R2过来的数据，一个用来发送数据给R1/R2

注意：R5和R6互联的接口需要用两个子接口，对应R5上的两个实例。R5发送数据的实例需要做防环处理，当发送数据去往R1/R2时由于携带了R6的AS号，所以R1/R2不会接收。（R1/R2发送给R6时，因为是通过ospf引入bgp的，所以并没有AS100的标记，因此R6可以接收）

具体配置如下：

<AR3>
#
ip vpn-instance 1                    //创建VPN实例
 ipv4-family
  route-distinguisher 1:1              //配置RD
  vpn-target 12:1 export-extcommunity     //配置出向RT
  vpn-target 1:12 import-extcommunity      //配置入向RT
#
ip vpn-instance 2
 ipv4-family
  route-distinguisher 2:2
  vpn-target 12:1 export-extcommunity
  vpn-target 1:12 import-extcommunity
#
mpls lsr-id 3.3.3.3                      //配置mpls,提供隧道
mpls
#
mpls ldp
#
isis 1                                        //配置isis，用于底层互通
 is-level level-2
 network-entity 49.0003.0000.0000.0003.00
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip binding vpn-instance 1                   //接口绑定VPN实例
 ip address 192.168.13.3 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip binding vpn-instance 2                  //接口绑定VPN实例
 ip address 192.168.23.3 255.255.255.0 
#
interface GigabitEthernet0/0/2
 ip address 34.1.1.3 255.255.255.0 
 isis enable 1
 mpls                                      //接口下启用mpls ldp 及 isis
 mpls ldp
#
interface NULL0
#
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255 
 isis enable 1                              //环回口启用isis，用于连接IBGP邻居
#
bgp 200
 router-id 3.3.3.3
 undo default ipv4-unicast
 peer 5.5.5.5 as-number 200 
 peer 5.5.5.5 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  undo peer 5.5.5.5 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 5.5.5.5 enable                    //勿忘
 #
 ipv4-family vpn-instance 1 
  import-route ospf 1                     //在实例1中引入ospf 1
 #
 ipv4-family vpn-instance 2 
  import-route ospf 2                    //在实例2中引入ospf 2
#
ospf 1 router-id 3.1.1.1 vpn-instance 1
 import-route bgp                          //ospf 1 绑定实例 1 并引入bgp
 area 0.0.0.0 
  network 192.168.13.3 0.0.0.0 
#
ospf 2 router-id 3.2.2.2 vpn-instance 2
 import-route bgp                               //ospf 2 绑定实例 2 并引入bgp
 area 0.0.0.0      
  network 192.168.23.3 0.0.0.0

<AR5>

ip vpn-instance in                      //创建VPN实例
 ipv4-family
  route-distinguisher 5:5
  vpn-target 12:1 import-extcommunity            //配置RT用于接收R1/R2数据
#
ip vpn-instance out
 ipv4-family
  route-distinguisher 5:6
  vpn-target 1:12 export-extcommunity             //配置RT用于给R1/R2发送数据
#
mpls lsr-id 5.5.5.5
mpls
#
mpls ldp
#

isis 1
 is-level level-2
 network-entity 49.0005.0000.0000.0005.00
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip address 45.1.1.5 255.255.255.0 
 isis enable 1
 mpls
 mpls ldp
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/1.1         //创建子接口
 dot1q termination vid 10               
 ip binding vpn-instance in             //绑定VPN实例
 ip address 10.1.1.5 255.255.255.0 
 arp broadcast enable
#
interface GigabitEthernet0/0/1.2            //创建子接口
 dot1q termination vid 20
 ip binding vpn-instance out                   //绑定VPN实例
 ip address 20.1.1.5 255.255.255.0 
 arp broadcast enable
#

interface LoopBack0
 ip address 5.5.5.5 255.255.255.255 
 isis enable 1
#
bgp 200
 router-id 5.5.5.5
 undo default ipv4-unicast
 peer 3.3.3.3 as-number 200 
 peer 3.3.3.3 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  undo peer 3.3.3.3 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 3.3.3.3 enable
 #
 ipv4-family vpn-instance in 
  peer 10.1.1.6 as-number 100     //配置EBGP与R6互联
 #
 ipv4-family vpn-instance out 
  peer 20.1.1.6 as-number 100      //配置EBGP与R6互联
  peer 20.1.1.6 allow-as-loop         //允许AS环路
#

<AR1>
#
interface GigabitEthernet0/0/0
 ip address 192.168.13.1 255.255.255.0 

#
interface LoopBack0
 ip address 172.16.1.1 255.255.255.255 
#
ospf 1 router-id 1.1.1.1 
 area 0.0.0.0 
  network 172.16.1.1 0.0.0.0 
  network 192.168.13.1 0.0.0.0 


<AR2>
#
interface GigabitEthernet0/0/0
 ip address 192.168.23.2 255.255.255.0 
#

interface LoopBack0
 ip address 172.16.2.1 255.255.255.255 
#
ospf 1 router-id 2.2.2.2 
 area 0.0.0.0 
  network 172.16.2.1 0.0.0.0 
  network 192.168.23.2 0.0.0.0 



<AR4>
#
mpls lsr-id 4.4.4.4
mpls
#
mpls ldp
#
isis 1
 is-level level-2
 network-entity 49.0004.0000.0000.0004.00

#
interface GigabitEthernet0/0/0
 ip address 34.1.1.4 255.255.255.0 
 isis enable 1
 mpls
 mpls ldp
#
interface GigabitEthernet0/0/1
 ip address 45.1.1.4 255.255.255.0 
 isis enable 1
 mpls
 mpls ldp
#
interface LoopBack0
 ip address 4.4.4.4 255.255.255.255 
 isis enable 1

<AR6>
#
interface GigabitEthernet0/0/0.1
 dot1q termination vid 10
 ip address 10.1.1.6 255.255.255.0 
 arp broadcast enable
#
interface GigabitEthernet0/0/0.2
 dot1q termination vid 20
 ip address 20.1.1.6 255.255.255.0 
 arp broadcast enable
#

interface LoopBack0
 ip address 172.16.3.1 255.255.255.255 
#
bgp 100
 router-id 6.6.6.6
 peer 10.1.1.5 as-number 200 
 peer 20.1.1.5 as-number 200 
 #
 ipv4-family unicast
  undo synchronization
  network 172.16.3.1 255.255.255.255 
  peer 10.1.1.5 enable
  peer 20.1.1.5 enable