MPLS 虚拟专用网 实验配置和抓包

其他 2021-03-03 10:12:22 阅读次数: 0

MPLS VPN实验配置和抓包

文章目录

实验需求:

R1,R3为IBGP关系;R2不配BGP。(MPLS)
R6可以与R4相通;R7可以与R5相通。

实验拓扑图:

在这里插入图片描述

配置思路:

1.配置公网地址
2.公网启用ospf
3.配置MPLS域
4.配置 配置PE与PE间MP-BPG邻居关系
5.配置用户网络
6.配置MPLS VPN
7.将BGP和OSPF进行双向重发布

配置公网地址、公网启用ospf,配置MPLS域

R1上配置:


#
interface GigabitEthernet0/0/2
 ip address 10.1.12.1 255.255.255.0 
 mpls
 mpls ldp
#
interface NULL0
#
interface LoopBack0
 ip address 10.1.1.1 255.255.255.0 
#
#
ospf 1 router-id 1.1.1.1 
 area 0.0.0.0 
  network 10.1.1.1 0.0.0.0 
  network 10.1.12.0 0.0.0.255 
#
mpls lsr-id 10.1.1.1
mpls
#
mpls ldp
#

R2配置


#
interface GigabitEthernet0/0/0
 ip address 10.1.12.2 255.255.255.0 
 mpls
 mpls ldp
#
interface GigabitEthernet0/0/1
 ip address 10.1.23.1 255.255.255.0 
 mpls
 mpls ldp
#

interface LoopBack0
 ip address 10.2.2.2 255.255.255.0 
#
ospf 1 router-id 2.2.2.2 
 area 0.0.0.0 
  network 10.1.12.0 0.0.0.255 
  network 10.1.23.0 0.0.0.255 
  network 10.2.2.2 0.0.0.0 
#
#
mpls lsr-id 10.2.2.2
mpls
#
mpls ldp
#

R3配置与R1配置类似

配置PE与PE间MP-BPG邻居关系(MG-BGP用于传递RT值)

R1配置:

#
bgp 1
 router-id 1.1.1.1
 peer 10.3.3.3 as-number 1 
 peer 10.3.3.3 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 10.3.3.3 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 10.3.3.3 enable
  peer 10.3.3.3 advertise-community
 #

R3与R1类似

配置MPLS VPN

用户端正常启用OSPF进程
PE端使用VRF技术
R1配置:

#
ip vpn-instance a
 ipv4-family
  route-distinguisher 1:1
  vpn-target 100:1 export-extcommunity
  vpn-target 100:1 import-extcommunity
#
ip vpn-instance b
 ipv4-family
  route-distinguisher 2:2
  vpn-target 200:2 export-extcommunity
  vpn-target 200:2 import-extcommunity
#
#
interface GigabitEthernet0/0/0
 ip binding vpn-instance a
 ip address 10.1.14.2 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip binding vpn-instance b
 ip address 10.1.15.2 255.255.255.0 
#
#
ospf 2 router-id 1.1.1.1 vpn-instance a
 import-route bgp
 area 0.0.0.0 
  network 10.1.14.0 0.0.0.255 
#
ospf 3 router-id 1.1.1.1 vpn-instance b
 import-route bgp
 area 0.0.0.0 
  network 10.1.15.0 0.0.0.255 
#

将BGP和OSPF进行双向重发布

R1配置:

#
 ipv4-family vpn-instance a 
  import-route ospf 2
 #
 ipv4-family vpn-instance b 
  import-route ospf 3
#
#
ospf 2 router-id 1.1.1.1 vpn-instance a
 import-route bgp

#
ospf 3 router-id 1.1.1.1 vpn-instance b
 import-route bgp

测试:
在这里插入图片描述

在这里插入图片描述
在这里插入图片描述
附:
R1全部配置:

<R1>dis current-configuration 
[V200R003C00]
#
 sysname R1
#
 snmp-agent local-engineid 800007DB03000000000000
 snmp-agent 
#
 clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
 drop illegal-mac alarm
#
 wlan ac-global carrier id other ac id 0
#
 set cpu-usage threshold 80 restore 75
#
ip vpn-instance a
 ipv4-family
  route-distinguisher 1:1
  vpn-target 100:1 export-extcommunity
  vpn-target 100:1 import-extcommunity
#
ip vpn-instance b
 ipv4-family
  route-distinguisher 2:2
  vpn-target 200:2 export-extcommunity
  vpn-target 200:2 import-extcommunity
#
mpls lsr-id 10.1.1.1
mpls
#
mpls ldp
#
#
aaa 
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default 
 domain default_admin 
 local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
 local-user admin service-type http
#
firewall zone Local
 priority 15
#
interface GigabitEthernet0/0/0
 ip binding vpn-instance a
 ip address 10.1.14.2 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip binding vpn-instance b
 ip address 10.1.15.2 255.255.255.0 
#
interface GigabitEthernet0/0/2
 ip address 10.1.12.1 255.255.255.0 
 mpls
 mpls ldp
#
interface NULL0
#
interface LoopBack0
 ip address 10.1.1.1 255.255.255.0 
#
bgp 1
 router-id 1.1.1.1
 peer 10.3.3.3 as-number 1 
 peer 10.3.3.3 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 10.3.3.3 enable
 # 
 ipv4-family vpnv4
  policy vpn-target
  peer 10.3.3.3 enable
  peer 10.3.3.3 advertise-community
 #
 ipv4-family vpn-instance a 
  import-route ospf 2
 #
 ipv4-family vpn-instance b 
  import-route ospf 3
#
ospf 1 router-id 1.1.1.1 
 area 0.0.0.0 
  network 10.1.1.1 0.0.0.0 
  network 10.1.12.0 0.0.0.255 
#
ospf 2 router-id 1.1.1.1 vpn-instance a
 import-route bgp
 area 0.0.0.0 
  network 10.1.14.0 0.0.0.255 
#
ospf 3 router-id 1.1.1.1 vpn-instance b
 import-route bgp
 area 0.0.0.0 
  network 10.1.15.0 0.0.0.255 
#
user-interface con 0
 authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return

猜你喜欢

转载自blog.csdn.net/qq_43710889/article/details/113897662
今日推荐
面壁智能发布 Eurux-8x22B 开源大模型 —— 堪称「理科状元」
开源日报 | 谷歌扶持鸿蒙上位;开源Rabbit R1;Docker加持的安卓手机;微软的焦虑和野心;海尔电器把开放平台关了
中国码农的“35岁魔咒”
蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版,免费下载
Arc Browser for Windows 1.0 正式 GA
90后程序员开发视频搬运软件、不到一年获利超 700 万,结局很刑!
周排行
【转】spring中对控制反转和依赖注入的理解
tms webcore 安装和使用
java程序员进阶相关书籍
SpringMVC接受请求参数、
如何保存训练好的机器学习模型
MyEclipse、Eclipse设置项目JDK的三个地方
商超行业微信小程序开发定制一般多少钱 (行业技术人员解读)
Markdown编辑器语言——30分钟入门到到精通
Linux系统下MongoDB的简单安装与基本操作
Power Strings
每日归档
更多
2024-05-07(14)
2024-05-06(40)
2024-05-05(0)
2024-05-04(7)
2024-05-03(19)
2024-05-02(0)
2024-05-01(4)
2024-04-30(1)
2024-04-29(40)
2024-04-28(0)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022