当前位置:网站首页>MPLS VPN 跨域-optionB

MPLS VPN 跨域-optionB

2022-07-22 21:36:00 GRQ。

通过optionB方案 把CE1的私网路由192.168.1.1 传到CE2
网络拓扑图如下:

配置思路:
1.在AS100 跟 AS200 里运行RIPv2协议
2.在AS100 跟 AS200 里跑MPLS LDP
3.R2跟R1 R2跟R3 建立bgp,这里R2充当反射器
4.R1上创建VPN实例,运行ospf绑定VPN实例跟CE1建立邻居关系
5.在R1上从BGP协议里引入ospf协议(此时R3上会有192.168.1.1的路由)
6.R3跟R4建立EBGP邻居关系
7.在R6上创建VPN实例,运行ospf绑定VPN实例跟CE2建立邻居关系
8.在R6上从ospf协议里引入bgp协议(此时CE2上已经有192.168.1.1的路由)
9.然后调反方向R6引入ospf,R1引入bgp(此时CE1上有了CE2的192.168.2.1的路由)
10.ping -a 192.168.1.1 192.168.2.1 通

CE1

interface GigabitEthernet0/0/0
ip address 10.1.11.2 255.255.255.0
#
interface LoopBack0
ip address 192.168.1.1 255.255.255.0
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 10.1.11.2 0.0.0.0
network 192.168.1.1 0.0.0.0

R1

ip vpn-instance A1 (创建VPN实例A1)
ipv4-family
route-distinguisher 1:1
vpn-target 1:100 export-extcommunity
vpn-target 1:100 import-extcommunity(RD配置为1:1 RT配置为1:100 both)
#
mpls lsr-id 1.1.1.1
mpls
#
mpls ldp (配置MPLS LDP协议)
#
interface GigabitEthernet0/0/0
ip binding vpn-instance A1
ip address 10.1.11.1 255.255.255.0(在g0/0/0口上绑定VPN实例A1)
#
interface GigabitEthernet0/0/1
ip address 10.1.12.1 255.255.255.0
mpls
mpls ldp(每个接口开启MPLS LDP 协议 后续一样)
#

interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#

bgp 100
peer 2.2.2.2 as-number 100
peer 2.2.2.2 connect-interface LoopBack0
#
ipv4-family unicast
undo synchronization
peer 2.2.2.2 enable
#
ipv4-family vpnv4
policy vpn-target
peer 2.2.2.2 enable(BGP 默认不开启 vpnv4地址族,需要打开)
#
ipv4-family vpn-instance A1
import-route ospf 1(在BGP协议里引入ospf1里的路由)
#
ospf 1 vpn-instance A1(创建ospf的时候记得绑定实例A1)
import-route bgp(在ospf1 里面引入BGP的路由)
area 0.0.0.0
network 10.1.11.1 0.0.0.0
#
rip 1
version 2(记得使用ripv2 )
network 1.0.0.0
network 10.0.0.0

R2

mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/0
ip address 10.1.12.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
ip address 10.1.23.2 255.255.255.0
mpls
mpls ldp
#

interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
bgp 100(这里R2需要跟R1 R3 建立BGP邻居关系 ,充当反射器)
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
#
ipv4-family unicastu
ndo synchronization
peer 1.1.1.1 enable
peer 3.3.3.3 enable
#

ipv4-family vpnv4
undo policy vpn-target(这里需要关闭标签过滤)
peer 1.1.1.1 enable
peer 1.1.1.1 reflect-client(通告给R1作为R2的客户机)
peer 3.3.3.3 enable
peer 3.3.3.3 reflect-client(通告给R3作为R2的客户机)
#
rip 1
version 2
network 10.0.0.0
network 2.0.0.0

R3

mpls lsr-id 3.3.3.3
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/0
ip address 10.1.23.3 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/1
ip address 10.1.34.3 255.255.255.0
 mpls(这里要开启mpls 把标签通告给对端)
#
interface LoopBack0
 ip address 3.3.3.3 255.255.255.255
#

bgp 100
 peer 2.2.2.2 as-number 100
 peer 2.2.2.2 connect-interface LoopBack0
 peer 10.1.34.4 as-number 200
 #
 ipv4-family unicast
  undo synchronization
  peer 2.2.2.2 enable
  peer 10.1.34.4 enable
 #
 ipv4-family vpnv4
  undo policy vpn-target(注意undo)
  peer 2.2.2.2 enable
  peer 10.1.34.4 enable
#
rip 1
 version 2
 network 3.0.0.0
 network 10.0.0.0

R4

mpls lsr-id 4.4.4.4
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/0
 ip address 10.1.34.4 255.255.255.0
 mpls(注意跟R3相连的这个接口开启mpls)
#
interface GigabitEthernet0/0/1
 ip address 10.1.45.4 255.255.255.0
 mpls
 mpls ldp
#
interface LoopBack0
 ip address 4.4.4.4 255.255.255.255
#

bgp 200
 peer 6.6.6.6 as-number 200
 peer 6.6.6.6 connect-interface LoopBack0
 peer 10.1.34.3 as-number 100
 #
 ipv4-family unicast
  undo synchronization
  peer 6.6.6.6 enable
  peer 10.1.34.3 enable
 #
 ipv4-family vpnv4
  undo policy vpn-target
  peer 6.6.6.6 enable
  peer 10.1.34.3 enable
#
rip 1
 version 2
 network 10.0.0.0
 network 4.0.0.0

R5

(因为R5不充当反射器,这里只需要建立邻居关系即可)
mpls lsr-id 5.5.5.5
mpls
#
mpls ldp
#
interface GigabitEthernet0/0/0
 ip address 10.1.45.5 255.255.255.0
 mpls
 mpls ldp
#
interface GigabitEthernet0/0/1
ip address 10.1.56.5 255.255.255.0
 mpls
 mpls ldp
#
interface LoopBack0
 ip address 5.5.5.5 255.255.255.255
#
rip 1
 version 2
 network 10.0.0.0
 network 5.0.0.0

R6

ip vpn-instance B2
 ipv4-family
  route-distinguisher 1:2 (要保证RD的唯一)
  vpn-target 1:100 export-extcommunity
  vpn-target 1:100 import-extcommunity
#
mpls lsr-id 6.6.6.6
mpls
#
mpls ldp
#

interface GigabitEthernet0/0/0
 ip address 10.1.56.6 255.255.255.0
 mpls
 mpls ldp
#
interface GigabitEthernet0/0/1(VPN实例B2绑定g0/0/1)
 ip binding vpn-instance B2
 ip address 10.1.26.6 255.255.255.0
#
interface LoopBack0
 ip address 6.6.6.6 255.255.255.255
#
bgp 200
 peer 4.4.4.4 as-number 200
 peer 4.4.4.4 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 4.4.4.4 enable
 #
 ipv4-family vpnv4
  policy vpn-target
  peer 4.4.4.4 enable
 #
 ipv4-family vpn-instance B2
  import-route ospf 1(BGP引入ospf)

#
ospf 1 vpn-instance B2
 import-route bgp(ospf 引入bgp)
 area 0.0.0.0
  network 10.1.26.6 0.0.0.0
#
rip 1
 version 2
 network 6.0.0.0
 network 10.0.0.0

CE2

interface GigabitEthernet0/0/0
 ip address 10.1.26.2 255.255.255.0
#
interface LoopBack0
 ip address 192.168.3.1 255.255.255.0
#
ospf 1 router-id 2.2.2.2
 area 0.0.0.0
  network 10.1.26.2 0.0.0.0
  network 192.168.3.1 0.0.0.0

原网站

版权声明
本文为[GRQ。]所创,转载请带上原文链接,感谢
https://blog.csdn.net/WLxiaobaicai/article/details/125910471

边栏推荐

猜你喜欢

随机推荐