DISCLAIMER:
1. As used herein, the software from the Internet, the authors use the software only for the purpose of learning, without any software distribution behavior.
2. The configuration shown herein apply only to the experimental environment is not recommended to use exactly the same configuration in a production environment; any resulting problems, the author assumes no responsibility.
Lab topology
IP address planning
| device | Loopback 0 | Loopback 1 | G1 | G2 |
|---|---|---|---|---|
| CSR1 | 11.1.1.1/32 | 11.1.1.2/32 | 172.16.0.1/30 | 14.1.1.1/30 |
| CSS2 | 22.1.1.1/32 | -- | 172.16.0.2/30 | 172.16.0.6/30 |
| xrv | 33.1.1.1/32 | 33.1.1.2/32 | G0/0/0/2 172.16.0.5/30 | G0/0/0/0 35.1.1.1/30 |
| vIOS4 | 44.1.1.1/32 | -- | G0/0 14.1.1.2/30 | G0/1 45.1.1.1/30 |
| vIOS5 | 55.1.1.1/32 | -- | G0/0 35.1.1.2/30 | G0/1 45.1.1.2/30 |
Device model and software version
| device | platform | Software version |
|---|---|---|
| vIOS4, vIOS5 | VIOS-ADVENTERPRISEK9-M | 15.6(2)T |
| CSR1, CSR2 | X86_64_LINUX_IOSD-UNIVERSALK9-M | 16.6.2 |
| XRv | ASR9000 IOS-XR | 6.0.1 |
aims
1. CSR1, CSR2 and xrv arranged as a primer IS-IS protocol IGP, arranged segment-routing on this basis.
2. CSR1 and xrv as PE device configured ××× v4 BGP neighbor, the AS number 64512.
3. CSR1 and arranged vIOS4 OSPFv2 single region, the process ID 2019; xrv single region arranged with vIOS5 OSPFv2, the process ID 2019; PE device configuration and MP-BGP OSPFv2 bidirectional redistribution.
4. CSR1 and xrv arranged loopback 1 interfaces, the interfaces partitioned into the VRF customers, and declare the host MP-BGP routing process, the customer VRF.
5. CSR1 and xrv sham-link configuration of OSPFv2
Configuration Steps
MPLS ××× basic configuration steps:
1. Configure IGP,
2.配置MPLS(segment-routing),
3.配置MP-BGP,
4.配置VRF,
5.配置PE-CE路由协议,
6.PE 配置MP-BGP和VRF路由重分布。
IOS-XE和IOS-XR配置IGP(IS-IS)
设备接口IP地址配置(略)
- XEv3
router isis igp
is-type level-2-only !---配置ISIS为骨干区域
net 49.2019.0519.0001.00
log-adjacency-changes !---记录邻接log信息
metric-style wide !---使能isis宽度量
exit
interface Loopback0
ip router isis igp
interface GigabitEthernet1
ip router isis igp
isis circuit-type level-2-only !---修改链路为level-2
isis network point-to-point !---修改ISIS网络类型
- XRv4
router isis igp
is-type level-2-only
net 49.2019.0519.0003.00
log adjacency changes
address-family ipv4 unicast
metric-style wide
interface Loopback0
address-family ipv4 unicast
interface GigabitEthernet0/0/0/0
address-family ipv4 unicast
circuit-type level-2-only
point-to-point
commit
2 验证IS-IS
CSR2#show ip route isis | b bn
11.0.0.0/32 is subnetted, 1 subnets
i L2 11.1.1.1 [115/20] via 172.16.0.1, 1d00h, GigabitEthernet1
33.0.0.0/32 is subnetted, 1 subnets
i L2 33.1.1.1 [115/20] via 172.16.0.5,19:06:28, GigabitEthernet2
RP/0/0/CPU0:xrv#show route ipv4 isis
i L2 11.1.1.1/32 [115/30] via 172.16.0.6, 19:11:15, GigabitEthernet0/0/0/2
i L2 22.1.1.1/32 [115/20] via 172.16.0.6, 19:11:15, GigabitEthernet0/0/0/2
i L2 172.16.0.0/30 [115/20] via 172.16.0.6, 19:11:15, GigabitEthernet0/0/0/2
3 配置MPLS(segment-routing)
-
XEv3
segment-routing mpls
connected-prefix-sid-map
address-family ipv4
11.1.1.1/32 index 1 range 1
exit-address-family
router isis igp
segment-routing mpls - XRv4
segment-routing
router isis igp
address-family ipv4 unicast
metric-style wide
segment-routing mpls
interface Loopback0
address-family ipv4 unicast
prefix-sid index 33
commit
4 验证MPLS
CSR1#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 172.16.0.2-A 0 Gi1 172.16.0.2
21 Pop Label 11.1.1.2/32[V] 0 aggregate/ospf
16022 Pop Label 22.1.1.1/32 0 Gi1 172.16.0.2
16033 16033 33.1.1.1/32 0 Gi1 172.16.0.2RP/0/0/CPU0:xrv#show mpls forwarding
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
16011 16011 SR Pfx (idx 11) Gi0/0/0/2 172.16.0.6 208166
16022 Pop SR Pfx (idx 22) Gi0/0/0/2 172.16.0.6 0
24006 Pop SR Adj (idx 1) Gi0/0/0/2 172.16.0.6 0
24007 Pop SR Adj (idx 3) Gi0/0/0/2 172.16.0.6 0
5 配置MP-BGP
-
CSR1
router bgp 64512
bgp router-id 11.1.1.1
no bgp default ipv4-unicast
neighbor 33.1.1.1 remote-as 64512
neighbor 33.1.1.1 update-source Loopback0
address-family ***v4
neighbor 33.1.1.1 activate -
xrv
router bgp 64512
bgp router-id 33.1.1.1
address-family v4 unicast
neighbor 11.1.1.1
remote-as 64512
update-source Loopback0
address-family v4 unicast
commit - 验证如下:
CSR1#show bgp ***v4 unicast all sum | b gh
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
33.1.1.1 4 64512 1254 1429 315 0 0 20:17:43 4RP/0/0/CPU0:xrv#show bgp ***v4 unicast summary | b gh
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
11.1.1.1 0 64512 1890 1674 249 0 0 20:18:04 4
6 配置VRF and PE-CE routing protocol
6.1定义VRF
-
CSR1
vrf definition AAA
rd 64512:4
address-family ipv4
route-target export 64512:45
route-target import 64512:45
exit-address-family - xrv
vrf AAA
address-family ipv4 unicast
import route-target
64512:45
export route-target
64512:45
6.2 PE to CE Interface config
-
CSR1
interface GigabitEthernet2
vrf forwarding AAA
ip address 14.1.1.1 255.255.255.252
no shutdown - xrv
interface GigabitEthernet0/0/0/0
vrf AAA
ipv4 address 35.1.1.1 255.255.255.252
no shutdown
6.3 PE OSPFv2 config
-
CSR1
router ospf 2019 vrf AAA
router-id 14.1.1.1
interface GigabitEthernet2
ip ospf network point-to-point
ip ospf 14 area 0 - xrv
router ospf 35
address-family ipv4 unicast
vrf AAA
router-id 35.1.1.1
address-family ipv4 unicast
area 0
interface GigabitEthernet0/0/0/0
network point-to-point
6.4 CE OSPFv2 config
-
vIOS4
interface GigabitEthernet0/0
ip address 14.1.1.2 255.255.255.252
no shutdown
ip ospf 2019 area 0
ip ospf network point-to-point
router ospf 2019
router-id 44.1.1.1 - vIOS5
interface GigabitEthernet0/0
ipv4 address 35.1.1.2 255.255.255.252
no shutdown
ip ospf 2019 area 0
ip ospf network point-to-point
router ospf 2019
router-id 55.1.1.1
6.5 PE OSPFv2 and MP-BGP redistribute
-
CSR1
router ospf 14 vrf AAA
redistribute bgp 64512 metric-type 1 subnets
interface GigabitEthernet2
router bgp 64512
address-family ipv4 vrf AAA
redistribute ospf 14 match internal external 1 external 2 - xrv
router ospf 35
vrf AAA
redistribute bgp 64512 metric-type 1
router bgp 64512
vrf AAA
rd 64512:5
address-family ipv4 unicast
redistribute ospf 35 match internal external
6.6 验证PE-CE OSPFv2配置
CSR1#show ip route vrf AAA ospf | b bn
35.0.0.0/30 is subnetted, 1 subnets
O 35.1.1.0 [110/2] via 33.1.1.1, 00:00:32
44.0.0.0/32 is subnetted, 1 subnets
O 44.1.1.1 [110/2] via 14.1.1.2, 00:00:34, GigabitEthernet2
45.0.0.0/29 is subnetted, 1 subnets
O IA 45.1.1.0 [110/20001] via 14.1.1.2, 00:00:34, GigabitEthernet2vIOS4#sho ip route ospf | b bn
35.0.0.0/30 is subnetted, 1 subnets
O E1 35.1.1.0 [110/2] via 14.1.1.1, 00:23:54, GigabitEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
O E1 55.1.1.1 [110/3] via 14.1.1.1, 00:23:54, GigabitEthernet0/0vIOS4#ping 55.1.1.1 sour lo 0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 55.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 44.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 11/15/33 ms
vIOS4#traceroute 55.1.1.1 sour lo 0
Type escape sequence to abort.
Tracing the route to 55.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 14.1.1.1 8 msec 5 msec 3 msec
2 172.16.0.2 [MPLS: Labels 16033/24003 Exp 0] 19 msec 25 msec 10 msec
3 172.16.0.5 [MPLS: Label 24003 Exp 0] 13 msec 12 msec 8 msec
4 35.1.1.2 12 msec 19 msec *
vIOS4#CSR1#sho bgp *v4 uni all 44.1.1.1
BGP routing table entry for 64512:4:44.1.1.1/32, version 383
Paths: (1 available, best #1, table AAA)
Advertised to update-groups:
5
Refresh Epoch 1
Local
14.1.1.2 (via vrf ospf) from 0.0.0.0 (11.1.1.1)
Origin incomplete, metric 2, localpref 100, weight 32768, valid, sourced, best
Extended Community: RT:64512:45 OSPF DOMAIN ID:0x0005:0x0000000E0200
OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:14.1.1.1:0
mpls labels in/out 23/nolabel
rx pathid: 0, tx pathid: 0x0
!--- DOMAIN ID:0x0005:0x0000000E0200 16进制E=10进制14**(CSR1 ospfv2 进程ID)
6.7 修改/添加ospfv2 DOMAIN ID
-
IOS-XR默认不携带DOMAIN ID值
RP/0/0/CPU0:xrv#show bgp ***v4 uni vrf ospf 55.1.1.1/32
BGP routing table entry for 55.1.1.1/32, Route Distinguisher: 64512:5
Versions:
Process bRIB/RIB SendTblVer
Speaker 345 345
Local Label: 24003
Last Modified: May 22 02:21:42.463 for 06:05:44
Paths: (1 available, best #1)
Advertised to peers (in unique update groups):
11.1.1.1
Path #1: Received by speaker 0
Advertised to peers (in unique update groups):
11.1.1.1
Local
35.1.1.2 from 0.0.0.0 (33.1.1.1)
Origin incomplete, metric 2, localpref 100, weight 32768, valid, redistributed, best, group-best, import-candidate
Received Path ID 0, Local Path ID 1, version 345
Extended community: OSPF route-type:0:1:0x0 OSPF router-id:35.1.1.1 RT:64512:45CSR1#show bgp ***v4 uni vrf AAA 55.1.1.1/32
BGP routing table entry for 64512:4:55.1.1.1/32, version 417
Paths: (1 available, best #1, table ospf, RIB-failure(17))
Not advertised to any peer
Refresh Epoch 1
Local, imported path from 64512:5:55.1.1.1/32 (global)
33.1.1.1 (metric 30) (via default) from 33.1.1.1 (33.1.1.1)
Origin incomplete, metric 2, localpref 100, valid, internal, best
Extended Community: RT:64512:45 OSPF RT:0.0.0.0:1:0
OSPF ROUTER ID:35.1.1.1:0
mpls labels in/out nolabel/24003
rx pathid: 0, tx pathid: 0x0 - 在IOS-XR设备添加DOMAIN ID
RP/0/0/CPU0:xrv#conf
RP/0/0/CPU0:xrv(config)#router ospf 35
RP/0/0/CPU0:xrv(config-ospf)#vrf AAA
RP/0/0/CPU0:xrv(config-ospf-vrf)#domain-id type 0005 value 000000230200
RP/0/0/CPU0:xrv(config-ospf-vrf)#commit
!--- 23(hex)=35(dec)
RP/0/0/CPU0:xrv(config-ospf-vrf)#do show bgp ***v4 uni vrf ospf 55.1.1.1/32 | in community
Wed May 22 09:38:03.422 UTC
Extended community: OSPF domain-id:0x5:0x000000230200 OSPF route-type:0:1:0x0 OSPF router-id:35.1.1.1 RT:64512:45CSR1#show bgp ***v4 uni vrf ospf 55.1.1.1/32 | i unity
Extended Community: RT:64512:45 OSPF DOMAIN ID:0x0005:0x000000230200
6.8 配置CE之间的backdoor link
- vIOS5
interface GigabitEthernet0/1
ip address 45.1.1.5 255.255.255.248
ip ospf network point-to-point
ip ospf 2019 area 45
ip ospf cost 20000
!---模拟×××链路故障,在vIOS5上手工shutdown链路
vIOS5(config-if)#int g0/0
vIOS5(config-if)#shu
May 20 10:17:09.190: %OSPF-5-ADJCHG: Process 2019, Nbr 35.1.1.1 on GigabitEthernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
May 20 10:17:11.136: %LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to administratively down
May 20 10:17:12.137: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to down
vIOS5(config-if)#
vIOS5(config-if)#do sho ip route ospf | b bn
14.0.0.0/30 is subnetted, 1 subnets
O IA 14.1.1.0 [110/20001] via 45.1.1.4, 00:00:33, GigabitEthernet0/1
35.0.0.0/30 is subnetted, 1 subnets
O 35.1.1.0 [110/20003] via 45.1.1.4, 00:00:33, GigabitEthernet0/1
44.0.0.0/32 is subnetted, 1 subnets
O IA 44.1.1.1 [110/20001] via 45.1.1.4, 00:00:33, GigabitEthernet0/1
vIOS5(config-if)#
!---在vIOS4上查看ospf路由
vIOS4#sho ip route ospf | b bn
35.0.0.0/30 is subnetted, 1 subnets
O IA 35.1.1.0 [110/3] via 14.1.1.1, 00:09:31, GigabitEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
O IA 55.1.1.1 [110/4] via 14.1.1.1, 00:09:31, GigabitEthernet0/0
vIOS4#sho ip route ospf | b bn
35.0.0.0/30 is subnetted, 1 subnets
O IA 35.1.1.0 [110/3] via 14.1.1.1, 00:11:41, GigabitEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
O IA 55.1.1.1 [110/20001] via 45.1.1.5, 00:00:05, GigabitEthernet0/1
!---恢复链路
vIOS5(config-if)#no shu
May 20 10:18:48.972: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to up
May 20 10:18:49.971: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up
May 20 10:19:04.220: %OSPF-5-ADJCHG: Process 2019, Nbr 35.1.1.1 on GigabitEthernet0/0 from LOADING to FULL, Loading DonevIOS4#sho ip route ospf | b bn
35.0.0.0/30 is subnetted, 1 subnets
O IA 35.1.1.0 [110/3] via 14.1.1.1, 00:14:48, GigabitEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
O IA 55.1.1.1 [110/4] via 14.1.1.1, 00:01:18, GigabitEthernet0/0
6.9 配置OSPFv2 sham-link
6.9.1 Config loopback 1 and propaganda into BGP VRF address-family IPv4
- CSR1
interface Loopback1
vrf forwarding ospf
ipv4 address 11.1.1.2 255.255.255.255
router bgp 64512
address-family ipv4 vrf AAA
network 11.1.1.2 mask 255.255.255.255
- xrv
interface Loopback1
vrf AAA
ipv4 address 33.1.1.2 255.255.255.255
router bgp 64512
vrf AAA
address-family ipv4 unicast
network 33.1.1.2/32
6.9.2 Under OSPFv2 process config sham-link
-
CSR1
router ospf 14 vrf AAA
area 0 sham-link 11.1.1.2 33.1.1.2 cost 200 - xrv
router ospf 35
vrf AAA
address-family ipv4 unicast
area 0
sham-link 33.1.1.2 11.1.1.2
cost 200
6.10 验证sham-ink
CSR1(config-router)#area 0 sham-link 11.1.1.2 33.1.1.2 cost 200
CSR1(config-router)#do sho ip ospf neig
*May 22 08:45:02.593: %OSPF-5-ADJCHG: Process 14, Nbr 35.1.1.1 on OSPF_SL3 from LOADING to FULL, Loading Done
Neighbor ID Pri State Dead Time Address Interface
35.1.1.1 0 FULL/ - 00:00:37 33.1.1.2 OSPF_SL3
44.1.1.1 0 FULL/ - 00:00:34 14.1.1.2 GigabitEthernet2CSR1#show ip route vrf AAA ospf | b bn
35.0.0.0/30 is subnetted, 1 subnets
O 35.1.1.0 [110/201] via 33.1.1.1, 01:04:13
44.0.0.0/32 is subnetted, 1 subnets
O 44.1.1.1 [110/2] via 14.1.1.2, 01:05:46, GigabitEthernet2
45.0.0.0/29 is subnetted, 1 subnets
O IA 45.1.1.0 [110/20001] via 14.1.1.2, 01:05:46, GigabitEthernet2
55.0.0.0/32 is subnetted, 1 subnets
O 55.1.1.1 [110/202] via 33.1.1.1, 01:04:13
vIOS4#sho ip route ospf | b bn
11.0.0.0/32 is subnetted, 1 subnets
O E1 11.1.1.2 [110/2] via 14.1.1.1, 01:06:20, GigabitEthernet0/0
33.0.0.0/32 is subnetted, 1 subnets
O E1 33.1.1.2 [110/2] via 14.1.1.1, 01:06:20, GigabitEthernet0/0
35.0.0.0/30 is subnetted, 1 subnets
O 35.1.1.0 [110/202] via 14.1.1.1, 01:04:42, GigabitEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
O 55.1.1.1 [110/203] via 14.1.1.1, 01:04:42, GigabitEthernet0/0
6.11 隐藏sham-link地址
-
CSR1:
ip prefix-list conn seq 5 permit 11.1.1.2/32
ip prefix-list conn seq 10 permit 33.1.1.2/32
route-map deny-conn deny 10
match ip address prefix-list conn
route-map deny-conn permit 20
CSR1(config-router-af)#router ospf 14 vrf ospf
CSR1(config-router)#redis bgp 64512 subnets route-map deny-conn - xrv:
prefix-set conn
11.1.1.2/32,
33.1.1.2/32
end-setroute-policy deny-conn
if destination in conn then
drop
else
pass
endif
end-policyRP/0/0/CPU0:xrv(config)#router ospf 35
RP/0/0/CPU0:xrv(config-ospf)#vrf ospf
RP/0/0/CPU0:xrv(config-ospf-vrf)#redist bgp 64512 route-policy deny-conn
RP/0/0/CPU0:xrv(config-ospf-vrf)#commitSHO IP OSPF route # vIOS5 | B BN
14.0.0.0/30 IS subnetted, the subnets. 1
O 14.1.1.0 [110/202] Via 35.1.1.1, 00:07:05, the GigabitEthernet0 / 0
44.0.0.0/32 IS subnetted, the subnets. 1
O 44.1.1.1 [110/203] Via 35.1.1.1, 00:07:05, the GigabitEthernet0 / 0
the CE device does not receive sham-link address