首页
学习
活动
专区
工具
TVP
发布
社区首页 >专栏 >MPLS L3 ××× 实验一(配置)

MPLS L3 ××× 实验一(配置)

作者头像
py3study
发布2020-01-12 23:25:22
4750
发布2020-01-12 23:25:22
举报
文章被收录于专栏:python3python3

MPLS L3 ××× 实验一(配置)

实验拓扑:

瀹為獙涓€鎷撴墤
瀹為獙涓€鎷撴墤

实验一说明:

实验使用了6台路由器,R1、R2、R3、R4、R5、R6、R7(其中R4作为FR-SW)

在上一基础上增加了:

1、R4模拟帧中继交换机,在R2(P)、R1(PE1)、R3(PE2)上各使用了一个多点子接口在逻辑上互联骨干网,骨干ospf在R2的多点子接口下类型为点到多点,在R1和R3的多点子接口下用的均为点到点类型;

2、为了模拟PE到CE端采用不同路由协议的运行情况,将riv2、eigrp、ospf、bgp均配置在了R5(CE1)和R1(PE1)上,因为是实验环境,故在R2(PE1)与R5(CE1)之间,启用了另一条以太网链路(拓扑中实 际上每个连接点均为两条链路,为了实验的方便一条用的是串行链路,一条是以太链路)通过在R5(CE1)和R1(PE1)上的以太口上各划分出三个子接口来建立三条逻辑链路,分别运行ripv2、eigrp、ebgp,以测试在PE到CE之间使用不同路由协议的功能及可能出现的问题;下一次会增加一个站点同时连接2个PE(使用ospf)时观察downbit位的设置,并加入跨域的情况,可能以后会总有[待续],因为实验的乐趣和对知识的理解是永久的.

一、实验一路由器(5台)配置:

      (配置后附有操作vrf时常用的几个命令. R7(CE2)配置很简单,未附上)

R4_FR-SW

!

frame-relay switching               //帧中继交换机配置

!

interface Serial1/1

no ip address

encapsulation frame-relay IETF

serial restart-delay 0

no frame-relay inverse-arp

frame-relay lmi-type q933a

frame-relay intf-type dce

frame-relay route 102 interface Serial1/2 201

!

interface Serial1/2

no ip address

encapsulation frame-relay IETF

serial restart-delay 0

no frame-relay inverse-arp

frame-relay lmi-type q933a

frame-relay intf-type dce

frame-relay route 201 interface Serial1/1 102

frame-relay route 203 interface Serial1/3 302

!

interface Serial1/3

no ip address

encapsulation frame-relay IETF

serial restart-delay 0

no frame-relay inverse-arp

frame-relay lmi-type q933a

frame-relay intf-type dce

frame-relay route 302 interface Serial1/2 203

!

R1_PE1 配置:

!

ip cef

no ip domain lookup

!

!

ip vrf smcat_***01 //在R1(PE1)和R3(PE2)上建立×××的路由转发表

rd 10:100

route-target export 10:100

route-target import 11:100

route-target import 12:100

route-target import 13:100

!

ip vrf smcat_***05

rd 5:100

route-target export 5:100

route-target import 12:100

!

ip vrf smcat_***06

rd 6:100

route-target export 6:100

route-target import 13:100

!

ip vrf smcat_***07

rd 7:100

route-target export 7:100

route-target import 12:100

route-target import 13:100

!

mpls label protocol ldp

no mpls ip propagate-ttl 

//关闭PE上的TTL传播,对ping、tracert等应用时隐藏骨干区域的核心P路由器

!

key chain pe-ce_auth

key 10

key-string pe-ce_ripv2

key 20

key-string pe-ce_eigrp

!

interface Loopback0

ip address 1.1.1.1 255.255.255.255

ip ospf network point-to-point

!

interface Loopback1

ip vrf forwarding smcat_***01 //绑定vrf后,即改变了接口的从属关系,原有IP 地址会被清除,需要重新配置

ip address 1.1.1.10 255.255.255.255

ip ospf network point-to-point

!

interface Loopback7

ip vrf forwarding smcat_***07

ip address 1.1.1.7 255.255.255.255

!

interface Ethernet0/3.1

encapsulation dot1Q 5

ip vrf forwarding smcat_***05

ip address 191.168.1.2 255.255.255.252

!

interface Ethernet0/3.2

encapsulation dot1Q 6

ip vrf forwarding smcat_***06

ip address 191.168.1.6 255.255.255.252

!

interface Ethernet0/3.3

encapsulation dot1Q 7

ip vrf forwarding smcat_***07

ip address 191.168.1.10 255.255.255.252

!

interface Serial1/0

ip address 172.16.1.1 255.255.255.252

ip ospf authentication message-digest

ip ospf message-digest-key 10 md5 superbackbone

mpls label protocol ldp //PE上只须在连接核心的端口启用mpls ip

mpls ip

serial restart-delay 0

!

interface Serial1/1

no ip address

encapsulation frame-relay IETF

serial restart-delay 0

no frame-relay inverse-arp

frame-relay lmi-type q933a

!

interface Serial1/1.1 multipoint

ip address 171.16.1.1 255.255.255.248

ip ospf authentication message-digest

ip ospf message-digest-key 10 md5 super_backbone

ip ospf network point-to-point

ip ospf hello-interval 30

mpls label protocol ldp

mpls ip

frame-relay map ip 171.16.1.2 102 broadcast

!

interface Serial1/2

no ip address

shutdown

serial restart-delay 0

!

interface Serial1/3 //s1/3口连接R5(CE1)的 ××× 客户

ip vrf forwarding smcat_***01

ip address 192.168.1.2 255.255.255.252

serial restart-delay 0

!

router eigrp 100 //在PE1和CE1 的*** smcat_***06之间运行eigrp

no auto-summary

!

address-family ipv4 vrf smcat_***06

redistribute bgp 100 metric 10000 100 1 255 1500

network 191.168.1.4 0.0.0.3

no auto-summary

autonomous-system 15

neighbor 191.168.1.5 Ethernet0/3.2

exit-address-family

!

router ospf 10 vrf smcat_***01 //在PE1和CE1 的*** smcat_***01之间运行ospf

router-id 1.1.1.10

log-adjacency-changes

area 0 authentication message-digest //为PE1和CE1之间的OSPF做区域认证

area 0 sham-link 1.1.1.10 3.3.3.10 cost 5

redistribute bgp 100 metric 10 subnets //在特定 vrf与MP-BGP之间做双向重发布

network 192.168.1.0 0.0.0.3 area 0

!

router ospf 100   //实际城域网中,骨干IGP用IS-IS协议可使核心网具有更好的扩展性

router-id 1.1.1.1

log-adjacency-changes

area 0 authentication message-digest

network 1.1.1.1 0.0.0.0 area 0

network 171.16.1.0 0.0.0.7 area 0

network 172.16.1.0 0.0.0.3 area 0

!

router rip //在PE1和CE1 的*** smcat_***05之间运行ripv2

version 2

no auto-summary

!

address-family ipv4 vrf smcat_***05

redistribute bgp 100 metric 2

network 191.168.0.0

neighbor 191.168.1.1 //用单播穿透被动接口

no auto-summary

version 2

exit-address-family

!

router bgp 100

bgp router-id 1.1.1.1

no bgp default ipv4-unicast

//BGP默认只支持IPV4地址,关闭后启用多协议功能,使其支持×××V4 地址族

bgp log-neighbor-changes

neighbor nei-R3 peer-group

//虽然只有一个PE邻居,但使用了BGP对等体组配置, 更新源用环回口loop0

neighbor nei-R3 remote-as 100

neighbor nei-R3 password bgp100

//为\PE上bgp之间的tcp连接做认证,是MD5的

neighbor nei-R3 update-source Loopback0

neighbor 3.3.3.3 peer-group nei-R3

!

address-family ipv4

neighbor 3.3.3.3 activate

no auto-summary

no synchronization

exit-address-family

!

address-family ***v4

neighbor nei-R3 send-community extended

neighbor 3.3.3.3 activate

exit-address-family

!

address-family ipv4 vrf smcat_***07

//在PE1和CE1 的*** smcat_***07之间运行ebgp

neighbor 5.5.5.5 remote-as 65001

neighbor 5.5.5.5 ebgp-multihop 255

//用环回口作ebgp的更新源时必须用多跳配置,此处设置为了最大值255

neighbor 5.5.5.5 update-source Loopback7

neighbor 5.5.5.5 activate

no synchronization

exit-address-family

!

address-family ipv4 vrf smcat_***06

redistribute eigrp 15 metric 60

//在特定vrf与MP-BGP里的ipv4地址族下对应的vrf之间做双向重发布

no synchronization

exit-address-family

!

address-family ipv4 vrf smcat_***05

redistribute rip metric 2

no synchronization

exit-address-family

!

address-family ipv4 vrf smcat_***01

redistribute ospf 10 vrf smcat_***01 metric 10

no synchronization

network 1.1.1.10 mask 255.255.255.255

exit-address-family

!

ip http server

no ip http secure-server

ip route vrf smcat_***07 5.5.5.5 255.255.255.255 191.168.1.9

!

mpls ldp router-id Loopback0

!

R2_P配置:

!

ip cef

no ip domain lookup

!

mpls label protocol ldp

!

interface Loopback0

ip address 2.2.2.2 255.255.255.255

!

interface Serial1/0

ip address 172.16.1.2 255.255.255.252

ip ospf authentication message-digest

ip ospf message-digest-key 10 md5 superbackbone

shutdown

mpls label protocol ldp

mpls ip

serial restart-delay 0

!

interface Serial1/1

ip address 172.16.1.6 255.255.255.252

ip ospf authentication message-digest

ip ospf message-digest-key 10 md5 superbackbone

shutdown

mpls label protocol ldp

mpls ip

serial restart-delay 0

!

interface Serial1/2

no ip address

encapsulation frame-relay IETF

serial restart-delay 0

no frame-relay inverse-arp

frame-relay lmi-type q933a

!

interface Serial1/2.1 multipoint

ip address 171.16.1.2 255.255.255.248

ip ospf authentication message-digest

ip ospf message-digest-key 10 md5 super_backbone

ip ospf network point-to-multipoint

mpls label protocol ldp

mpls ip

frame-relay map ip 171.16.1.1 201 broadcast

frame-relay map ip 171.16.1.3 203 broadcast

no frame-relay inverse-arp

!

interface Serial1/3

no ip address

shutdown

serial restart-delay 0

!

router ospf 100

router-id 2.2.2.2

log-adjacency-changes

area 0 authentication message-digest

network 2.2.2.2 0.0.0.0 area 0

network 171.16.1.0 0.0.0.7 area 0

network 172.16.1.0 0.0.0.3 area 0

network 172.16.1.4 0.0.0.3 area 0

!

ip http server

no ip http secure-server

!

mpls ldp router-id Loopback0

!

R3_PE2 配置

!

ip cef

no ip domain lookup

!

ip vrf smcat_***01

rd 11:100

route-target export 11:100

route-target import 10:100

route-target import 13:100

!

ip vrf smcat_***02

rd 12:100

route-target export 12:100

route-target import 10:100

!

ip vrf smcat_***03

rd 13:100

route-target export 13:100

route-target import 10:100

route-target import 11:100

!

mpls label protocol ldp

no mpls ip propagate-ttl

!

interface Loopback0

ip address 3.3.3.3 255.255.255.255

ip ospf network point-to-point

!

interface Loopback1

ip vrf forwarding smcat_***01

ip address 3.3.3.10 255.255.255.255

ip ospf network point-to-point

!

interface Loopback12

ip vrf forwarding smcat_***02

ip address 12.1.1.1 255.255.255.0

ip ospf network point-to-point

!

interface Loopback13

ip vrf forwarding smcat_***03

ip address 13.1.1.1 255.255.255.0

ip ospf network point-to-point

!

interface Serial1/0

ip vrf forwarding smcat_***01

ip address 192.168.1.6 255.255.255.252

serial restart-delay 0

!

interface Serial1/1

ip address 172.16.1.5 255.255.255.252

ip ospf authentication message-digest

ip ospf message-digest-key 10 md5 superbackbone

mpls label protocol ldp

mpls ip

serial restart-delay 0

!

interface Serial1/3

no ip address

encapsulation frame-relay IETF

serial restart-delay 0

no frame-relay inverse-arp

frame-relay lmi-type q933a

!

interface Serial1/3.1 multipoint

ip address 171.16.1.3 255.255.255.248

ip ospf authentication message-digest

ip ospf message-digest-key 10 md5 super_backbone

ip ospf network point-to-point

ip ospf hello-interval 30

mpls label protocol ldp

mpls ip

frame-relay map ip 171.16.1.2 302 broadcast

!

router ospf 10 vrf smcat_***01

router-id 3.3.3.10

log-adjacency-changes

area 0 authentication message-digest

area 0 sham-link 3.3.3.10 1.1.1.10 cost 5

redistribute bgp 100 metric 1010 subnets

network 192.168.1.4 0.0.0.3 area 0

!

router ospf 12 vrf smcat_***02

log-adjacency-changes

redistribute connected subnets

redistribute bgp 100 metric 1012 subnets

network 12.1.1.0 0.0.0.255 area 0

!

router ospf 13 vrf smcat_***03

log-adjacency-changes

redistribute bgp 100 metric 1013 subnets

network 13.1.1.0 0.0.0.255 area 0

!

router ospf 100

router-id 3.3.3.3

log-adjacency-changes

area 0 authentication message-digest

network 3.3.3.3 0.0.0.0 area 0

network 171.16.1.0 0.0.0.7 area 0

network 172.16.1.4 0.0.0.3 area 0

!

router bgp 100

bgp router-id 3.3.3.3

no bgp default ipv4-unicast

bgp log-neighbor-changes

neighbor nei-R1 peer-group

neighbor nei-R1 remote-as 100

neighbor nei-R1 password bgp100

neighbor nei-R1 update-source Loopback0

neighbor 1.1.1.1 peer-group nei-R1

!

address-family ipv4

neighbor 1.1.1.1 activate

no auto-summary

no synchronization

exit-address-family

!

address-family ***v4

neighbor nei-R1 send-community extended

neighbor 1.1.1.1 activate

exit-address-family

!

address-family ipv4 vrf smcat_***03

redistribute ospf 13 vrf smcat_***03 metric 1310

no synchronization

exit-address-family

!

address-family ipv4 vrf smcat_***02

redistribute ospf 12 vrf smcat_***02 metric 1210

no synchronization

exit-address-family

!

address-family ipv4 vrf smcat_***01

redistribute ospf 10 vrf smcat_***01 metric 1110

no synchronization

network 3.3.3.10 mask 255.255.255.255

exit-address-family

!

mpls ldp router-id Loopback0

!

R5_CE1

!

hostname R5_CE1

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$27vC$umGqRRRDIgJQlUFv5qnE.0

!

no aaa new-model

memory-size iomem 5

!

ip cef

no ip domain lookup

!

key chain ce-pe_auth

key 10

key-string pe-ce_ripv2

key 20

key-string pe-ce_eigrp

!

interface Loopback0

ip address 5.5.5.5 255.255.255.255

!

interface Loopback1

ip address 10.1.1.1 255.255.255.0

ip ospf network point-to-point

!

interface Loopback5

ip address 10.50.1.1 255.255.255.0

!

interface Loopback6

ip address 10.60.1.1 255.255.255.0

!

interface Loopback7

ip address 10.70.1.1 255.255.255.0

!

interface Ethernet0/3.1

encapsulation dot1Q 5

ip address 191.168.1.1 255.255.255.252

!

interface Ethernet0/3.2

encapsulation dot1Q 6

ip address 191.168.1.5 255.255.255.252

!

interface Ethernet0/3.3

encapsulation dot1Q 7

ip address 191.168.1.9 255.255.255.252

!

interface Serial1/2

ip address 192.168.1.9 255.255.255.252

ip ospf cost 1600

serial restart-delay 0

!

interface Serial1/3

ip address 192.168.1.1 255.255.255.252

serial restart-delay 0

!

router eigrp 15

network 10.60.1.0 0.0.0.255

network 191.168.1.4 0.0.0.3

no auto-summary

neighbor 191.168.1.6 Ethernet0/3.2

!

router ospf 10

router-id 5.5.5.5

log-adjacency-changes

area 0 authentication message-digest

network 10.10.1.0 0.0.0.255 area 5

network 192.168.1.0 0.0.0.3 area 0

network 192.168.1.8 0.0.0.3 area 0

!

router rip

version 2

passive-interface default //被动状态可以隔离广播和组播,不隔离单播

network 10.0.0.0

network 191.168.0.0

neighbor 191.168.1.2 //用单播穿透被动接口

distribute-list prefix 50 out Ethernet0/3.1

no auto-summary

!

router bgp 65001

no synchronization

bgp router-id 5.5.5.5

bgp log-neighbor-changes

redistribute connected metric 70 route-map dis_list

//使用路由图方式重分发直连路由进bgp

neighbor 1.1.1.7 remote-as 100

neighbor 1.1.1.7 ebgp-multihop 255

neighbor 1.1.1.7 update-source Loopback0

no auto-summary

!

ip http server

no ip http secure-server

ip route 1.1.1.7 255.255.255.255 191.168.1.10

!

ip prefix-list 50 seq 5 permit 10.50.0.0/16 le 32

ip prefix-list 50 seq 10 deny 0.0.0.0/0 le 32

!

ip access-list extended dis_list

permit ip 10.70.1.0 0.0.0.255 any

!

route-map dis_list permit 10

//using a route-map and a extended name ACL for redistri

match ip address dis_list

set tag 7

!

二、操作vrf时常用的几个命令:

R1_PE1#sh ip vrf brief

R1_PE1#sh ip vrf det

R1_PE1#sh ip vrf det smcat_***05

R1_PE1#clear ip route vrf smcat_***05 *

R1_PE1#sh ip route vrf smcat_***05

R1_PE1#sh ip rip da vrf smcat_***05

R1_PE1#sh ip eigrp vrf smcat_***06 nei

R1_PE1#clear ip bgp *

R1_PE1#sh ip bgp ***v4 vrf smcat_***07

R1_PE1#sh ip bgp ***v4 vrf smcat_***07 nei

R1_PE1#sh ip route vrf smcat_***05              //过滤前 Routing Table: smcat_***05 Gateway of last resort is not set      191.168.0.0/30 is subnetted, 3 subnets R       191.168.1.4 [120/1] via 191.168.1.1, 00:00:52, Ethernet0/3.1 C       191.168.1.0 is directly connected, Ethernet0/3.1 R       191.168.1.8 [120/1] via 191.168.1.1, 00:00:52, Ethernet0/3.1 10.0.0.0/24 is subnetted, 4 subnets R       10.1.1.0 [120/1] via 191.168.1.1, 00:00:52, Ethernet0/3.1 R       10.60.1.0 [120/1] via 191.168.1.1, 00:00:52, Ethernet0/3.1 R       10.50.1.0 [120/1] via 191.168.1.1, 00:00:25, Ethernet0/3.1 R       10.70.1.0 [120/1] via 191.168.1.1, 00:00:52, Ethernet0/3.1 R1_PE1#

R1_PE1#sh ip route vrf smcat_***05      //过滤后 Routing Table: smcat_***05 Gateway of last resort is not set      191.168.0.0/30 is subnetted, 1 subnets C       191.168.1.0 is directly connected, Ethernet0/3.1 10.0.0.0/24 is subnetted, 1 subnets R       10.50.1.0 [120/1] via 191.168.1.1, 00:00:17, Ethernet0/3.1 R1_PE1#

R1_PE1#sh ip rip da vrf smcat_***05 10.0.0.0/8    auto-summary 10.50.1.0/24     [1] via 191.168.1.1, 00:00:20, Ethernet0/3.1 191.168.0.0/16    auto-summary 191.168.1.0/30    directly connected, Ethernet0/3.1 R1_PE1# R1_PE1#sh ip eigrp vrf smcat_***06 nei IP-EIGRP neighbors for process 15 H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq                                             (sec)         (ms)       Cnt Num 0   191.168.2.1             Et0/3.2           11 00:00:49  319  1914  0  3 R1_PE1# R1_PE1#sh ip eigrp vrf smcat_***06 nei det IP-EIGRP neighbors for process 15 H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq                                             (sec)         (ms)       Cnt Num 0   191.168.2.1             Et0/3.2           13 00:01:11  319  1914  0  3    Static neighbor    Version 12.4/1.2, Retrans: 0, Retries: 0 R1_PE1#

R1_PE1#sh ip bgp ***v4 vrf smcat_***07 su BGP router identifier 1.1.1.1, local AS number 100 BGP table version is 38, main routing table version 38 1 network entries using 137 bytes of memory 1 path entries using 68 bytes of memory 10/8 BGP path/bestpath attribute entries using 1240 bytes of memory 1 BGP AS-PATH entries using 24 bytes of memory 7 BGP extended community entries using 272 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 1741 total bytes of memory BGP activity 19/6 prefixes, 19/6 paths, scan interval 15 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down State/PfxRcd 5.5.5.5         4 65001     6       5       38    0    0   00:01:47      1

R1_PE1#

R1_PE1#sh ip bgp ***v4 vrf smcat_***07 nei BGP neighbor is 5.5.5.5,  vrf smcat_***07,  remote AS 65001, external link   BGP version 4, remote router ID 5.5.5.5   BGP state = Established, up for 00:01:51   Last read 00:00:51, last write 00:00:51, hold time is 180, keepalive interval is 60 seconds   Neighbor capabilities:     Route refresh: advertised and received(old & new)     Address family IPv4 Unicast: advertised and received

本文参与 腾讯云自媒体分享计划,分享自作者个人站点/博客。
原始发表:2019-09-06 ,如有侵权请联系 cloudcommunity@tencent.com 删除

本文分享自 作者个人站点/博客 前往查看

如有侵权,请联系 cloudcommunity@tencent.com 删除。

本文参与 腾讯云自媒体分享计划  ,欢迎热爱写作的你一起参与!

评论
登录后参与评论
0 条评论
热度
最新
推荐阅读
领券
问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档