目录
MPLS VPN 实验
拓扑图
实验目的
站点1与站点2需要通过MPLS VPN搭建到一起
R2、R4--- PE
R3 --- P
R1、R5 --- CE
基础配置
R2
[R2]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 3
The number of interface that is DOWN in Protocol is 2
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 unassigned up down
GigabitEthernet0/0/1 23.0.0.1/24 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 2.2.2.2/24 up up(s)
NULL0 unassigned up up(s)
[R2]R3
[R3]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 1
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 23.0.0.2/24 up up
GigabitEthernet0/0/1 24.0.0.1/24 up up
GigabitEthernet0/0/2 unassigned down down
LoopBack0 3.3.3.3/24 up up(s)
NULL0 unassigned up up(s)
[R3]R4
[R4]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 3
The number of interface that is DOWN in Protocol is 2
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 34.0.0.2/24 up up
GigabitEthernet0/0/1 unassigned up down
GigabitEthernet0/0/2 unassigned down down
LoopBack0 4.4.4.4/24 up up(s)
NULL0 unassigned up up(s)
[R4]公网部分配置IGP(ospf)
R2
[R2]ospf router-id 2.2.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 23.0.0.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0R3
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 23.0.0.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 34.0.0.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0R4
[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 34.0.0.0 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0激活MPLS
R2
[R2]mpls lsr-id 2.2.2.2
[R2]mpls
Info: Mpls starting, please wait... OK!
[R2-mpls]mpls ld
[R2-mpls-ldp] int g 0/0/01
[R2-GigabitEthernet0/0/1]mpls
[R2-GigabitEthernet0/0/1]mpls ldR3
[R3]mpls lsr-id 3.3.3.3
[R3]mpls
Info: Mpls starting, please wait... OK!
[R3-mpls]mpls ldp
[R3-mpls-ldp]int g 0/0/0
[R3-GigabitEthernet0/0/0]mpls
[R3-GigabitEthernet0/0/0]mpls ldp
[R3-GigabitEthernet0/0/0]int g 0/0/1
[R3-GigabitEthernet0/0/1]mpls
[R3-GigabitEthernet0/0/1]mpls ldp
[R3-GigabitEthernet0/0/1]R4
[R4]mpls lsr-id 4.4.4.4
[R4]mpls
Info: Mpls starting, please wait... OK!
[R4-mpls]mpls ldp
[R4-mpls-ldp]int g 0/0/0
[R4-GigabitEthernet0/0/0]mpls
[R4-GigabitEthernet0/0/0]mpls ldp
[R4-GigabitEthernet0/0/0]VRF创建
R2
[R2]ip vpn-instance a --- VRF空间命名时大小写敏感
[R2-vpn-instance-a]
[R2-vpn-instance-a]route-distinguisher 100:1 --- 配置RD值
[R2-vpn-instance-a-af-ipv4]
[R2-vpn-instance-a-af-ipv4]vpn-target 100:1 export-extcommunity --- 配置出站RT
EVT Assignment result:
Info: VPN-Target assignment is successful.
[R2-vpn-instance-a-af-ipv4]vpn-target 100:2 import-extcommunity --- 配置入站RT
IVT Assignment result:
Info: VPN-Target assignment is successful.R4
[R4]ip vpn-instance b
[R4-vpn-instance-b]
Apr 19 2023 11:44:15-08:00 R4 %%01LDP/4/SSNHOLDTMREXP(l)[1]:Sessions were delete
d because the session hold timer expired and the notification of the expiry was
sent to the peer 3.3.3.3.
[R4-vpn-instance-b]route-distinguisher 200:1
[R4-vpn-instance-b-af-ipv4]vpn-target 100:2 export-extcommunity
EVT Assignment result:
Info: VPN-Target assignment is successful.
[R4-vpn-instance-b-af-ipv4]vpn-target 100:1 import-extcommunity
IVT Assignment result:
Info: VPN-Target assignment is successful.
[R4-vpn-instance-b-af-ipv4]将接口画入VRF空间
R2
[R2-GigabitEthernet0/0/0]ip binding vpn-instance a
Info: All IPv4 related configurations on this interface are removed!
Info: All IPv6 related configurations on this interface are removed!
[R2-GigabitEthernet0/0/0]R4
[R4-GigabitEthernet0/0/1]ip binding vpn-instance b
Apr 19 2023 11:46:19-08:00 R4 %%01IFNET/4/LINK_STATE(l)[5]:The line protocol IP
on the interface GigabitEthernet0/0/1 has entered the DOWN state.
Info: All IPv4 related configurations on this interface are removed!
Info: All IPv6 related configurations on this interface are removed!
[R4-GigabitEthernet0/0/1]注意:
画入后会清除之前配置的所有IPV4、IPV6
配置接口IP地址
R2
[R2-GigabitEthernet0/0/0]ip address 192.168.2.2 24R4
[R4]int g 0/0/1
[R4-GigabitEthernet0/0/1]ip address 192.168.3.1 24站点1基本配置
[R1]int g 0/0/0
[R1-GigabitEthernet0/0/0]ip ad
[R1-GigabitEthernet0/0/0]ip address 192.168.2.1 24
[R1]int l 0
[R1-LoopBack0]ip address 192.168.1.1 24
站点2基本配置
[R5]int g 0/0/0
[R5-GigabitEthernet0/0/0]ip address 192.168.3.2 24
[R5-LoopBack0]ip address 192.168.4.1 24通过静态路由在CE和PE上配置
[R1]ip route-static 192.168.3.0 24 192.168.2.2
[R1]ip route-static 192.168.4.0 24 192.168.2.2
[R2]ip route-static vpn-instance a 192.168.1.0 24 192.168.2.1
[R5]ip route-static 192.168.2.0 24 192.168.3.1
[R5]ip route-static 192.168.1.0 24 192.168.3.1
[R4]ip route-static vpn-instance b 192.168.4.0 24 192.168.3.2启动BGP
使用IBGP即可
[R2]bgp 1
[R2-bgp]router-id 2.2.2.2
[R2-bgp]peer 4.4.4.4 as 1
[R2-bgp]peer 4.4.4.4 connect-interface LoopBack 0
[R4]bgp 1
[R4-bgp]router-id 4.4.4.4
[R4-bgp]peer 2.2.2.2 as 1
[R4-bgp]peer 2.2.2.2 connect-interface LoopBack 0建立MP-BGP邻居
在BGPV4邻居关系建立好之后进入到VPNV4
[R2-bgp]ipv4-family vpnv4
[R2-bgp-af-vpnv4]
[R2-bgp-af-vpnv4]peer 4.4.4.4 enable --- 因为PE设备之间需要传递VPNV4路由 ,所以,在普通的BGPV4邻居关系建立的基础上,需要在VPNV4地址族中激活邻居关系
[R4-bgp]ipv4-family vpnv4
[R4-bgp-af-vpnv4]peer 2.2.2.2 enable发布站点1信息
[R2-bgp]ipv4-family vpn-instance a --- 在VRF空间中发布路由信息发布直连路由以及静态路由
[R2-bgp-a]import-route direct
[R2-bgp-a]import-route static测试
发布站点2的路由信息
[R4-bgp]ipv4-family vpn-instance b发布路由(neetwork发布)
[R4-bgp-b]network 192.168.3.0 24
[R4-bgp-b]network 192.168.4.0 24测试
连通性测试
