MPLS 单域
Posted 害怕网络暴力
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了MPLS 单域相关的知识,希望对你有一定的参考价值。
拓扑
配置思路:
1.公网igp保证公网设备环回口可达(ospf isis 等路由协议都可以)
2.部署mpls ldp标签纷发协议
3.两端公网设备R2和R5建立ibgp邻居关系(vpnv4地址族)
4.划分vpn实例
5.连接私网的设备和接口绑定vpn实例
6.配置连接用户侧的路由协议,注意如果和公网是相同的协议,要在不同进程
7.路由相互引入
地址配置忽略
公网IGP
R2
[H3C]ospf 1
[H3C-ospf-1]area 0
[H3C-ospf-1-area-0.0.0.0]network 202.1.34.1 0.0.0.0
[H3C-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
R4
[H3C]ospf 1
[H3C-ospf-1]area 0
[H3C-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[H3C-ospf-1-area-0.0.0.0]network 202.1.34.2 0.0.0.0
[H3C-ospf-1-area-0.0.0.0]network 202.1.45.1 0.0.0.0
R5
[H3C]ospf 1
[H3C-ospf-1]area 0
[H3C-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[H3C-ospf-1-area-0.0.0.0]network 202.1.45.2 0.0.0.0
配置mpls以及ldp
R2
[H3C]mpls lsr-id 1.1.1.1 #mpls配置
[H3C]mpls ldp #全局开启ldp
[H3C-ldp]qu
[H3C]interface g0/0
[H3C-GigabitEthernet0/0]mpls enable
[H3C-GigabitEthernet0/0]mpls ldp enable #接口开启ldp
R4
[H3C]mpls lsr-id 2.2.2.2
[H3C]mpls ldp
[H3C-ldp]qu
[H3C]interface range g0/0 g0/1
[H3C-if-range]mpls enable
[H3C-if-range]mpls ldp enable
R5
[H3C]mpls lsr-id 3.3.3.3
[H3C]in
[H3C]interface g0/1
[H3C-GigabitEthernet0/1mpls enable
[H3C-GigabitEthernet0/1]mpls ldp enable
R2与R5建立bgp vpnv4邻居关系
R2
[H3C]bgp 100
[H3C-bgp-default]router-id 1.1.1.1
[H3C-bgp-default]peer 3.3.3.3 as-number 100
[H3C-bgp-default]peer 3.3.3.3 connect-interface LoopBack 0
[H3C-bgp-default]address-family vpnv4
[H3C-bgp-default-ipv4]peer 3.3.3.3 enable
R5
[H3C]bgp 100
[H3C-bgp-default]router-id 3.3.3.3
[H3C-bgp-default]peer 1.1.1.1 as-number 100
[H3C-bgp-default]peer 1.1.1.1 connect-interface LoopBack 0
[H3C-bgp-default]address-family vpnv4
[H3C-bgp-default-ipv4]peer 1.1.1.1 enable
划分vpn实例并绑定
R2
[H3C]ip vpn-instance 1
[H3C-vpn-instance-1]route-distinguisher 1:1 #RD值
[H3C-vpn-instance-1]vpn-target 1:1 #RT值
[H3C]interface g0/1
[H3C-GigabitEthernet0/1]ip binding vpn-instance 1 #接口绑定vpn实例
Some configurations on the interface are removed.
[H3C-GigabitEthernet0/1]ip address 10.1.13.2 255.255.255.252
#绑定之后接口的配置会清空 要先保存接口的配置
[H3C]ip vpn-instance 2
[H3C-vpn-instance-2]route-distinguisher 2:2
[H3C-vpn-instance-2]vpn-target 2:2
[H3C-vpn-instance-2]in g0/2
[H3C-GigabitEthernet0/2]ip binding vpn-instance 2
Some configurations on the interface are removed.
[H3C-GigabitEthernet0/2]ip address 10.1.23.2 255.255.255.252
R4
[H3C]ip vpn-instance 1
[H3C-vpn-instance-1] route-distinguisher 1:1
[H3C-vpn-instance-1] vpn-target 1:1 import-extcommunity
[H3C-vpn-instance-1] vpn-target 1:1 export-extcommunity
[H3C-vpn-instance-1]
[H3C-vpn-instance-1]qu
[H3C]ip vpn-instance 2
[H3C-vpn-instance-2] route-distinguisher 2:2
[H3C-vpn-instance-2] vpn-target 2:2 import-extcommunity
[H3C-vpn-instance-2] vpn-target 2:2 export-extcommunity
R5
[H3C]ip vpn-instance 1
[H3C-vpn-instance-1] route-distinguisher 1:1
[H3C-vpn-instance-1] vpn-target 1:1 import-extcommunity
[H3C-vpn-instance-1] vpn-target 1:1 export-extcommunity
[H3C-vpn-instance-1]ip vpn-instance 2
[H3C-vpn-instance-2] route-distinguisher 2:2
[H3C-vpn-instance-2] vpn-target 2:2 import-extcommunity
[H3C-vpn-instance-2] vpn-target 2:2 export-extcommunity
[H3C-vpn-instance-2]in g0/0
[H3C-GigabitEthernet0/0]dis th
[H3C-GigabitEthernet0/0]ip binding vpn-instance 1
Some configurations on the interface are removed.
[H3C-GigabitEthernet0/0]ip address 10.1.56.2 255.255.255.252
[H3C-GigabitEthernet0/0]in g0/2
[H3C-GigabitEthernet0/2]ip binding vpn-instance 2
Some configurations on the interface are removed.
[H3C-GigabitEthernet0/2]ip address 10.1.57.2 255.255.255.252
PE与CE之间路由协议
R1
[H3C]ospf 2
[H3C-ospf-2]area 0
[H3C-ospf-2-area-0.0.0.0]network 172.16.255.1 0.0.0.0
[H3C-ospf-2-area-0.0.0.0]network 10.1.13.1 0.0.0.0
R2
[H3C]ospf 2 vpn-instance 1
[H3C-ospf-2]area 0
[H3C-ospf-2-area-0.0.0.0]network 10.1.13.2 0.0.0.0
R6
[H3C]ospf 2
[H3C-ospf-2]area 0
[H3C-ospf-2-area-0.0.0.0]network 172.16.255.6 0.0.0.0
[H3C-ospf-2-area-0.0.0.0]network 10.1.56.1 0.0.0.0
R5
[H3C]ospf 2 vpn-instance 1
[H3C-ospf-2]area 0
[H3C-ospf-2-area-0.0.0.0]network 10.1.56.2 0.0.0.0
互相引入
R2
[H3C]ospf 2
[H3C-ospf-2]import-route bgp
[H3C]bgp 100
[H3C-bgp-default]ip vpn-instance 1 #进入实例
[H3C-bgp-default-1]address-family ipv4 #与CE之间依然是普通的ipv4关系
[H3C-bgp-default-ipv4-1]import-route ospf 2
R5
[H3C]ospf 2
[H3C-ospf-2]import-route bgp
[H3C-ospf-2]qu
[H3C]bgp 100
[H3C-bgp-default]ip vpn-instance 1
[H3C-bgp-default-1]address-family ipv4
[H3C-bgp-default-ipv4-1]import-route ospf 2
以上是关于MPLS 单域的主要内容,如果未能解决你的问题,请参考以下文章