聪明文档网
最新最全的文档下载
当前位置:
首页> BGP MPLS VPN综合实验
BGP MPLS VPN综合实验
时间: 下载该word文档
BGP MPLS VPN综合实验
实验拓扑如下:
一、实验背景:
其中R1,R2,R3为某运营商网络中的PE-P-PE设备,R1/R2/R3运行OSPF协议打通IBGP路由,承载MPLS VPN业务;其中R1,R2,R3为一个MPLS域;R4,R5,R6,R7模拟客户的CE设备; R4与R6为同一个VPN站点:SITE-A, R5与R7为同一个VPN站点SITE-B 二、PE与CE间的路由方式:
R1与R4采用OSPF +VPN多实例,R1与R5采用EBGP R3与R6采用静态路由方式 R3与R7采用EBGP
三、IP地址规划:
R1 E0/0/0:192.168.1.1/30 LOOPBACK: 1.1.1.1/32 E0/0/1:192.168.3.1/30 G0/0/0:192.168.4.1/30 R2 E0/0/0:192.168.1.2/30 E0/0/1:192.168.2.1/30 LOOPBACK: 2.2.2.2/32 R3 E0/0/0:192.168.2.2/30 LOOPBACK: 3.3.3.3/32 E0/0/1:192.168.5.1/30 G0/0/0:192.168.6.1/30 R4 E0/0/0:192.168.3.2/30 LOOPBACK: 4.4.4.4/32 R5 E0/0/0:192.168.4.2/30 LOOPBACK: 5.5.5.5/32 R6 E0/0/0:192.168.5.2/30 LOOPBACK: 6.6.6.6/32 R7 E0/0/0:192.168.6.1/30 LOOPBACK: 7.7.7.7/32
四、实验需求:
按照要求完成本实验,业务验证:同一VPN站点的CE能够互访;并能够熟练掌握查看VPN路由信息;
配置步骤:
1. 首先配置各设备的IP地址(略 2. 完成R1-R2-R3之间的OSPF配置;
R1 ospf 1 area 0.0.0.0 network 192.168.1.0 0.0.0.3 network 1.1.1.1 0.0.0.0 R2 ospf 1 area 0.0.0.0 network 192.168.1.0 0.0.0.3 network 2.2.2.2 0.0.0.0 network 192.168.2.0 0.0.0.3 R3 ospf 1 area 0.0.0.0 network 192.168.2.0 0.0.0.3 network 3.3.3.3 0.0.0.0 3. 完成R1-R3的IBGP配置
R1 bgp 100 peer 3.3.3.3 as-number 100 peer 3.3.3.3 connect-interface LoopBack0 # ipv4-family unicast undo synchronization peer 3.3.3.3 enable R3 bgp 100 peer 1.1.1.1 as-number 100 peer 1.1.1.1 connect-interface LoopBack0 # ipv4-family unicast undo synchronization peer 1.1.1.1 enable 注解:由于这里BGP承载的业务为MPLS VPN业务,R1-R3之间不必要建立IBGP邻居,只是为了方便大家类似学习配置BGP VPNV4 PEER,所以我们开始配置BGP VPN PEER R1: ipv4-family vpnv4
policy vpn-target peer 3.3.3.3 enable R3: ipv4-family vpnv4 policy vpn-target peer 1.1.1.1 enable 配置完成后要查看BGP VPNV4 PEER的建立情况,查看的命令如下: [R1-bgp]display bgp vpnv4 all peer BGP local router ID : 192.168.1.1 Local AS number : 100 Total number of peers : 1
Peers in established state : 1 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
3.3.3.3 4 100 200 201 0 03:18:14 Established 4. 完成PE与CE(R1-R5)之间的VPN配置; 在R1上创建VPN实例(VRF)
ip vpn-instance site-a ipv4-family route-distinguisher 20:20 vpn-target 10:10 export-extcommunity vpn-target 10:10 import-extcommunity # ip vpn-instance site-b ipv4-family route-distinguisher 30:30 vpn-target 40:40 export-extcommunity vpn-target 40:40 import-extcommunity 在端口进行绑定VPN实例:
interface GigabitEthernet0/0/0 ip binding vpn-instance site-b ip address 192.168.4.1 255.255.255.252 注意事项一:
当配置上IP地址绑定VPN实例后, interface GigabitEthernet0/0/0 ip binding vpn-instance site-b Info: All IPv4 related configurations on this interface are removed! 提示IPV4地址全部清除,这时我们需要重新配置,删除后也是,切记! interface GigabitEthernet0/0/0 ip binding vpn-instance site-b ip address 192.168.4.1 255.255.255.252 注意事项二:
在VPN里我们做ping测试的时候,需要带上vpn实例名字才能ping通,不带的话ping不通的;
[R1]ping 192.168.4.2
PING 192.168.4.2: 56 data bytes, press CTRL_C to break Request time out Request time out Request time out 正确的PING测试为:
[R1]ping -vpn-instance site-b 192.168.4.2 PING 192.168.4.2: 56 data bytes, press CTRL_C to break Reply from 192.168.4.2: bytes=56 Sequence=1 ttl=255 time=80 ms Reply from 192.168.4.2: bytes=56 Sequence=2 ttl=255 time=40 ms Reply from 192.168.4.2: bytes=56 Sequence=3 ttl=255 time=30 ms Reply from 192.168.4.2: bytes=56 Sequence=4 ttl=255 time=40 ms 5. 完成PE与CE(R1-R5)之间的EBGP配置;
R1: bgp 100 ipv4-family vpn-instance site-b peer 192.168.4.2 as-number 500
R5 bgp 500 peer 192.168.4.1 as-number 100 # ipv4-family unicast undo synchronization peer 192.168.4.1 enable 查看BGP VPNV4 PEER建立成功与否: [R1-bgp]display bgp vpnv4 all peer
BGP local router ID : 192.168.1.1 Local AS number : 100 Total number of peers : 2 Peers in established state : 2
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv 3.3.3.3 4 100 260 261 0 04:18:38 Established 0
Peer of IPv4-family for vpn instance : VPN-Instance site-b, Router ID 192.168.1.1: 192.168.4.2 4 500 3 2 0 00:00:03 Established 1 或者直接带上VPN实例名字查看
[R1-bgp]display bgp vpnv4 vpn-instance site-b peer BGP local router ID : 192.168.1.1 Local AS number : 100 VPN-Instance site-b, Router ID 192.168.1.1: Total number of peers : 1
Peers in established state : 1 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
192.168.4.2 4 500 10 9 0 00:07:08 Established 1
现在我们将R5的loopback地址给宣告出去,不采用import的方式;
R5 bgp 500 network 5.5.5.5 255.255.255.255 宣告后我们在R1上进行查看是否学习到:
[R1-bgp]display bgp vpnv4 all routing-table BGP Local router ID is 192.168.1.1 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Total number of routes from all PE: 1 Route Distinguisher: 30:30 Network NextHop MED LocPrf PrefVal Path/Ogn *> 5.5.5.5/32 192.168.4.2 0 0 500i
VPN-Instance site-b, Router ID 192.168.1.1: Total Number of Routes: 1 Network NextHop MED LocPrf PrefVal Path/Ogn *> 5.5.5.5/32 192.168.4.2 0 0 500i 我们在R3上看看能不能学习到:
display bgp vpnv4 all routing-table 通过查看发现R3学习不到关于5.5.5.5这条BGP VPN路由; 在思科设备里这时就应该能够学习到此条路由,但在华为设备里,必须要开启MPLS后才能学到,大家可以做个不带VPN的实验看看;
6. 开启R1--R2 --R3 MPLS域;
R1 mpls lsr-id 1.1.1.1 mpls mpls ldp # interface Ethernet0/0/0 ip address 192.168.1.1 255.255.255.252 mpls mpls ldp R2: mpls lsr-id 2.2.2.2 mpls mpls ldp # interface Ethernet0/0/0
mpls mpls ldp # interface Ethernet0/0/1 mpls mpls ldp R3: MPLS LSR 3.3.3.3 MPLS MPLS LDP # [R3]interface Ethernet0/0/0 [R3-Ethernet0/0/0]mpls [R3-Ethernet0/0/0]mpls ldp
然后在R3上查看关于5.5.5.5这条路由信息:
[R3]display bgp vpnv4 all routing-table BGP Local router ID is 192.168.2.2 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Total number of routes from all PE: 1 Route Distinguisher: 30:30 Network NextHop MED LocPrf PrefVal Path/Ogn *>i 5.5.5.5/32 1.1.1.1 0 100 0 500i
VPN-Instance site-b, Router ID 192.168.2.2: Total Number of Routes: 1 Network NextHop MED LocPrf PrefVal Path/Ogn *>i 5.5.5.5/32 1.1.1.1 0 100 0 500i 7.完成R3—R7之间的配置(略)