企业规模不断扩大时,不同地点有可能属于不同的AS,当两个不同AS的CE之间需要互相通信时,要用到跨域技术。
跨域需要解决的问题:1 .AS之间不会运行LDP协议,无法经历外层隧道。
2. PE之间没有运行IGP协议,默认情况下无法建立BGP邻居,进而无法传递VPNv4路由.
解决思路:OpitonA 采用ipv4数据包转发数据——将对端的整个AS看成一个CE
OpitonB 采用携带一层MPLS标签的方式转发数据——
OpitonC 采用多层MPLS标签的方式转发数据——
基础环境搭建完成需检验:
[AR3]dis isis peer //检查isis配置,邻居状态正常
Peer information for ISIS(1)
System Id Interface Circuit Id State HoldTime Type PRI
-------------------------------------------------------------------------------
0000.0000.0002 GE0/0/0 0000.0000.0003.01 Up 28s L2 64
0000.0000.0004 GE0/0/1 0000.0000.0003.02 Up 23s L2 64
Total Peer(s): 2
[AR3]dis isis peer //检查mplsp配置,去往2、4都有标签(正常)
Peer information for ISIS(1)
System Id Interface Circuit Id State HoldTime Type PRI
-------------------------------------------------------------------------------
0000.0000.0002 GE0/0/0 0000.0000.0003.01 Up 28s L2 64
0000.0000.0004 GE0/0/1 0000.0000.0003.02 Up 23s L2 64
Total Peer(s): 2
[AR3]dis mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
2.2.2.2/32 NULL/3 -/GE0/0/0
2.2.2.2/32 1024/3 -/GE0/0/0
3.3.3.3/32 3/NULL -/-
4.4.4.4/32 NULL/3 -/GE0/0/1
4.4.4.4/32 1025/3 -/GE0/0/1
[AR2]dis bgp vpnv4 all peer //检查bgp配置,查看bgp的vpnv4邻居,状态为Established 正常
BGP local router ID : 2.2.2.2
Local AS number : 100
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv
4.4.4.4 4 100 13 15 0 00:11:42 Established
OpitonA配置举例:
在R2上创建实例2,并绑定与R1相连的接口,与R5相连的接口建立基于vpnv4的EBGP关系。
在R4上创建实例4,并绑定与R5相连的接口,与R5相连的接口建立基于vpnv4的EBGP关系。
[AR2]ip vpn-instance 2
[AR2-vpn-instance-2]route-distinguisher 2:2
[AR2-vpn-instance-2-af-ipv4]vpn-target 2:4 export-extcommunity
[AR2-vpn-instance-2-af-ipv4]vpn-target 4:2 import-extcommunity
[AR2-GigabitEthernet0/0/0]ip binding vpn-instance 2
[AR2-GigabitEthernet0/0/0]ip add 12.1.1.2 24
[AR2]bgp 100
[AR2-bgp]ipv4-family vpn-instance 2
[AR2-bgp-4]peer 12.1.1.1 as-number 1
[AR4]ip vpn-instance 4
[AR4-vpn-instance-4]route-distinguisher 4:4
[AR4-vpn-instance-4-af-ipv4]vpn-target 2:4 import-extcommunity
[AR4-vpn-instance-4-af-ipv4]vpn-target 4:2 export-extcommunity
[AR4-GigabitEthernet0/0/1]ip binding vpn-instance 4
[AR4-GigabitEthernet0/0/1]ip add 45.1.1.4 24
[AR4]bgp 100
[AR4-bgp]ipv4-family vpn-instance 4
[AR4-bgp-4]peer 45.1.1.5 as-number 200R5和R7参照R2和R4配置(略)
配置结果验证:
[AR2]dis bgp vpnv4 all routing-table //在R2上查看R1的路由信息
Total number of routes from all PE: 2
Route Distinguisher: 2:2
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 192.168.1.0 12.1.1.1 0 0 1i
Route Distinguisher: 4:4
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 192.168.0.0 4.4.4.4 100 0 200 8i
VPN-Instance 2, Router ID 2.2.2.2:
Total Number of Routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 192.168.0.0 4.4.4.4 100 0 200 8i
*> 192.168.1.0 12.1.1.1 0 0 1i
<AR4>dis bgp vpnv4 all routing-table 192.168.1.0 //在R4上查看R1的路由信息
BGP local router ID : 4.4.4.4
Local AS number : 100
Total routes of Route Distinguisher(2:2): 1
BGP routing table entry information of 192.168.1.0/24:
Label information (Received/Applied): 1027/NULL
From: 2.2.2.2 (2.2.2.2) //下一跳为R2
Route Duration: 00h12m07s
Relay IP Nexthop: 34.1.1.3
Relay IP Out-Interface: GigabitEthernet0/0/0
Relay Tunnel Out-Interface: GigabitEthernet0/0/0
Relay token: 0x1
Original nexthop: 2.2.2.2
Qos information : 0x0
Ext-Community:RT <2 : 4>
<AR5>dis bgp vpnv4 all routing-table 192.168.1.0 //在R5上查看R1的路由信息
BGP local router ID : 5.5.5.5
Local AS number : 200
Total routes of Route Distinguisher(5:5): 1
BGP routing table entry information of 192.168.1.0/24:
Label information (Received/Applied): NULL/1027 //收到的标签为空,说明是ipv4路由
From: 45.1.1.4 (4.4.4.4) //下一跳为R4
Route Duration: 00h14m59s
Direct Out-interface: GigabitEthernet0/0/0
Original nexthop: 45.1.1.4
Qos information : 0x0
Ext-Community:RT <5 : 7>
<AR7>dis bgp vpnv4 all routing-table 192.168.1.0 //在R7上查看R1的路由信息
BGP local router ID : 7.7.7.7
Local AS number : 200
Total routes of Route Distinguisher(5:5): 1
BGP routing table entry information of 192.168.1.0/24:
Label information (Received/Applied): 1027/NULL //出标签为空,即剥离标签
From: 5.5.5.5 (5.5.5.5)
Route Duration: 00h28m00s
Relay IP Nexthop: 67.1.1.6 //下一跳为R6
Relay IP Out-Interface: GigabitEthernet0/0/0
Relay Tunnel Out-Interface: GigabitEthernet0/0/0
Relay token: 0x1
Original nexthop: 5.5.5.5
Qos information : 0x0
Ext-Community:RT <5 : 7>
[AR8]dis bgp routing-table 192.168.1.0 //在R8上查看R1的路由信息
BGP local router ID : 78.1.1.8
Local AS number : 8
Paths: 1 available, 1 best, 1 select
BGP routing table entry information of 192.168.1.0/24:
From: 78.1.1.7 (7.7.7.7) //下一跳为R7
Route Duration: 00h27m08s
Direct Out-interface: GigabitEthernet0/0/0
Original nexthop: 78.1.1.7
Qos information : 0x0
AS-path 200 100 1, origin igp, pref-val 0, valid, external, best, select, activ
e, pre 255
[AR8]ping -a 192.168.0.1 192.168.1.1 //在R8上ping R1上宣告的路由
PING 192.168.1.1: 56 data bytes, press CTRL_C to break
Reply from 192.168.1.1: bytes=56 Sequence=1 ttl=249 time=70 ms
Reply from 192.168.1.1: bytes=56 Sequence=2 ttl=249 time=70 ms
Reply from 192.168.1.1: bytes=56 Sequence=3 ttl=249 time=70 ms
Reply from 192.168.1.1: bytes=56 Sequence=4 ttl=249 time=50 ms
Reply from 192.168.1.1: bytes=56 Sequence=5 ttl=249 time=50 ms
--- 192.168.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 50/62/70 ms
R1上的数据来到R2,打上V标、T标,在出R4时剥离。进入R5时又打上,出R7时又剥离。
扫一扫
1070
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
