作者:https://blog.51cto.com/361531/1710063
Central Services ***(中心服务***)
在该拓扑中,所有的客户端可以访问中心服务器.(无所谓中心有多少个PE)
服务器可以和客户端互通.
而client不能和client之间进行互通.
这就是典型的中心/分支结构.
实际上也是通过RT的控制来达到该目的的.
在不同的client,都做上不同的私有RT.例如client-1: RT both 123:101.
client-2: RT both 123:102.以此类推.
可是他们有共同的RT export和import.刚好和中心端是对应的.
所以client之间是不能互通的,但是都能和中心端进行互通.
Central Services ***模型:
需求:
R3和R5这两个PE下面下挂的VRF Central Services需要能相互访问.
有4个Client VRF. 分别是Hank-7,10,2,9,他们之间不能互通,但是他们都能与中心服务器之间进行互通.
所用到的技术,依然是利用RT的export和import进行管理控制路由前缀.
路由导入导出的模型如下:
有了上面的RT设计,该试验就变得相当简单了。
在该拓扑中, R1和R8都是属于Cetral services的服务器.
R7,R10,R2,R9都要能和中心服务器进行访问,但是R7,10,2,9之间是不能相互访问的,因为他们属于不同的VRF.
在R7,10,2,9上面都会宣告环回口xx.1.1.1/32,中心服务器和分支机构都要能相互学习到对端的环回口路由.
通过实验结果,可以发现,R1和R8都学习到22.1.1.1/32, 77.1.1.1/32,99.1.1.1/32,110.1.1.1/32.
首先来看R1的路由表:
再来看R8的路由表:
对于其他的CE路由器,路由表中均有11.1.1.1和88.1.1.1的中心服务器的路由:
在中心端PE路由上面,可以看到,任意的CE环回口路由,都是打上了RT export 200:1,所以中心端才能接收该路由:
核心端配置:
关于CE的配置这里就不再赘述了,一个环回口,一个物理接口,IGP用OSPF.
PE-3配置:
ip vrf Central-service
description ###Central-server-VRF###
rd 3:3
route-target export 200:1
route-target export 200:2
route-target import 200:1
!
ip cef
mpls label range 300 399
mpls label protocol ldp
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 33.1.1.1 255.255.255.255
!
interface Ethernet0/2
ip address 35.1.1.3 255.255.255.0
mpls ip
!
interface Ethernet0/3
ip address 34.1.1.3 255.255.255.0
mpls ip
!
interface Ethernet1/0
ip vrf forwarding Central-service
ip address 13.1.1.3 255.255.255.0
!
router ospf 100 vrf Central-service
redistribute bgp 65000 subnets
network 13.1.1.3 0.0.0.0 area 10
!
router ospf 1
router-id 33.1.1.1
network 33.1.1.1 0.0.0.0 area 0
network 34.1.1.3 0.0.0.0 area 0
network 35.1.1.3 0.0.0.0 area 0
!
router bgp 65000
bgp router-id 33.1.1.1
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor IBGP peer-group
neighbor IBGP remote-as 65000
neighbor IBGP update-source Loopback0
neighbor 44.1.1.1 peer-group IBGP
neighbor 55.1.1.1 peer-group IBGP
neighbor 66.1.1.1 peer-group IBGP
!
address-family ipv4
neighbor 44.1.1.1 activate
neighbor 55.1.1.1 activate
neighbor 66.1.1.1 activate
exit-address-family
!
address-family ***v4
neighbor IBGP send-community extended
neighbor 44.1.1.1 activate
neighbor 55.1.1.1 activate
neighbor 66.1.1.1 activate
exit-address-family
!
address-family ipv4 vrf Central-service
redistribute ospf 100 match internal external 1 external 2
exit-address-family
!
PE-5配置:
ip vrf Central-service
description ###Central-server-VRF###
rd 5:5
route-target export 200:1
route-target export 200:2
route-target import 200:1
!
ip cef
no ipv6 cef
mpls label range 500 599
mpls label protocol ldp
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 55.1.1.1 255.255.255.255
!
interface Ethernet0/0
ip vrf forwarding Central-service
ip address 58.1.1.5 255.255.255.0
!
interface Ethernet0/1
ip address 56.1.1.5 255.255.255.0
mpls ip
!
interface Ethernet0/2
ip address 35.1.1.5 255.255.255.0
mpls ip
!
router ospf 101 vrf Central-service
domain-id 0.0.0.100
redistribute bgp 65000 subnets
network 58.1.1.5 0.0.0.0 area 20
!
router ospf 1
router-id 55.1.1.1
network 35.1.1.5 0.0.0.0 area 0
network 55.1.1.1 0.0.0.0 area 0
network 56.1.1.5 0.0.0.0 area 0
!
router bgp 65000
bgp router-id 55.1.1.1
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor IBGP peer-group
neighbor IBGP remote-as 65000
neighbor IBGP update-source Loopback0
neighbor 33.1.1.1 peer-group IBGP
neighbor 44.1.1.1 peer-group IBGP
neighbor 66.1.1.1 peer-group IBGP
!
address-family ipv4
neighbor 33.1.1.1 activate
neighbor 44.1.1.1 activate
neighbor 66.1.1.1 activate
exit-address-family
!
address-family ***v4
neighbor IBGP send-community extended
neighbor 33.1.1.1 activate
neighbor 44.1.1.1 activate
neighbor 66.1.1.1 activate
exit-address-family
!
address-family ipv4 vrf Central-service
redistribute ospf 101 match internal external 1 external 2
exit-address-family
!
PE-4配置:
ip vrf Hank-2
rd 2:2
route-target export 200:1
route-target import 200:2
!
ip vrf Hank-9
rd 9:9
route-target export 200:1
route-target import 200:2
!
ip cef
mpls label range 400 499
mpls label protocol ldp
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 44.1.1.1 255.255.255.255
!
interface Ethernet0/3
ip address 34.1.1.4 255.255.255.0
mpls ip
!
interface Ethernet1/0
ip address 46.1.1.4 255.255.255.0
mpls ip
!
interface Ethernet1/1
ip vrf forwarding Hank-2
ip address 24.1.1.4 255.255.255.0
!
interface Ethernet1/2
ip vrf forwarding Hank-9
ip address 49.1.1.4 255.255.255.0
!
router ospf 104 vrf Hank-2
domain-id 0.0.0.100
redistribute bgp 65000 subnets
network 24.1.1.4 0.0.0.0 area 20
!
router ospf 105 vrf Hank-9
domain-id 0.0.0.100
redistribute bgp 65000 subnets
network 49.1.1.4 0.0.0.0 area 90
!
router ospf 1
router-id 44.1.1.1
network 34.1.1.4 0.0.0.0 area 0
network 44.1.1.1 0.0.0.0 area 0
network 46.1.1.4 0.0.0.0 area 0
!
router bgp 65000
bgp router-id 44.1.1.1
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor IBGP peer-group
neighbor IBGP remote-as 65000
neighbor IBGP update-source Loopback0
neighbor 33.1.1.1 peer-group IBGP
neighbor 55.1.1.1 peer-group IBGP
neighbor 66.1.1.1 peer-group IBGP
!
address-family ipv4
neighbor 33.1.1.1 activate
neighbor 55.1.1.1 activate
neighbor 66.1.1.1 activate
exit-address-family
!
address-family ***v4
neighbor IBGP send-community extended
neighbor 33.1.1.1 activate
neighbor 55.1.1.1 activate
neighbor 66.1.1.1 activate
exit-address-family
!
address-family ipv4 vrf Hank-2
redistribute ospf 104 match internal external 1 external 2
exit-address-family
!
address-family ipv4 vrf Hank-9
redistribute ospf 105 match internal external 1 external 2
exit-address-family
!
PE-6配置:
ip vrf Hank-10
rd 10:10
route-target export 200:1
route-target import 200:2
!
ip vrf Hank-7
rd 7:7
route-target export 200:1
route-target import 200:2
!
ip cef
mpls label range 600 699
mpls label protocol ldp
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 66.1.1.1 255.255.255.255
!
interface Ethernet0/0
ip vrf forwarding Hank-7
ip address 67.1.1.6 255.255.255.0
!
interface Ethernet0/1
ip address 56.1.1.6 255.255.255.0
mpls ip
!
interface Ethernet0/2
ip vrf forwarding Hank-10
ip address 106.1.1.6 255.255.255.0
!
interface Ethernet1/0
ip address 46.1.1.6 255.255.255.0
mpls ip
!
router ospf 102 vrf Hank-7
domain-id 0.0.0.100
redistribute bgp 65000 subnets
network 67.1.1.6 0.0.0.0 area 70
!
router ospf 103 vrf Hank-10
domain-id 0.0.0.100
redistribute bgp 65000 subnets
network 106.1.1.6 0.0.0.0 area 100
!
router ospf 1
router-id 66.1.1.1
network 46.1.1.6 0.0.0.0 area 0
network 56.1.1.6 0.0.0.0 area 0
network 66.1.1.1 0.0.0.0 area 0
!
router bgp 65000
bgp router-id 66.1.1.1
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor IBGP peer-group
neighbor IBGP remote-as 65000
neighbor IBGP update-source Loopback0
neighbor 33.1.1.1 peer-group IBGP
neighbor 44.1.1.1 peer-group IBGP
neighbor 55.1.1.1 peer-group IBGP
!
address-family ipv4
neighbor 33.1.1.1 activate
neighbor 44.1.1.1 activate
neighbor 55.1.1.1 activate
exit-address-family
!
address-family ***v4
neighbor IBGP send-community extended
neighbor 33.1.1.1 activate
neighbor 44.1.1.1 activate
neighbor 55.1.1.1 activate
exit-address-family
!
address-family ipv4 vrf Hank-10
redistribute ospf 103 match internal external 1 external 2
exit-address-family
!
address-family ipv4 vrf Hank-7
redistribute ospf 102 match internal external 1 external 2
exit-address-family
!
6760
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
