Inter-Provider MPLS Solutions 之 option C-CSC
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Inter-Provider MPLS Solutions 之 option C-CSC相关的知识,希望对你有一定的参考价值。
Option C也叫作Multi-Hop eBGP方案,这种方案是在不同AS的PE之间直接建立MP-eBGP连接,以交换v4路由。与前两种方案不同的是,ASBR不再需要维护和交换v4路由了,减轻ASBR设备负担的同时也增强了网络的扩展性。为提高可扩展性,也可以在每个AS中指定一个路由反射器阻,由RR保存所有v4 路由与本AS内的PE交换v4 路由信息。两个AS的RR之间建立MP-eBGP连接,通告v4路由。从转发层面看,这种方案需要在不同的PE之间直接建立公网隧道,这就要求PE必须具有对方PE的Loopback地址的路由及标签,一种方法是在ASBR处,将BGP学习到的对方PE的Loopback地址路由引入到本地的IGP ,使得LDP能为其分配标签。另外,由于ASBR 之间运行的是BGP,LDP协议通过IGP路由而建立的LSP会在ASBR之间中断,需要在ASBR之间利用eBGP来传递IPv4路由的标签,使得针对PE的Loopback地址的LSP得以贯通。此时,针对某个特定 ,从PE 发出的数据包通常带有三层标签,最里面的标签是对方AS 的PE为特定分配的标签(也叫私网标签),中间的标签是本ASBR为对方AS的PE 路由器分配的标签,最外面的标签是本AS为IGP路由分配的LDP 标签。
- 优点
这种方案应该说是最容易被接受的,因为它符合MPLS的体系结构的要求,只有PE知道路由信息,而P路由器只负责报文转发。这样就使得中间域的设备可以不支持MPLS***业务。尤其是在跨越多个域时优势更加明显,而且这个方案支持负载分担等功能。 - 缺点
要对BGP 做扩展(利用了BGP 的一个新特性--RFC3107 ,这个特性可以让BGP传递公网路由的时候携带标签),而且隧道的生成也是有别于普通的MPLS ***结构,因此维护和理解起来难度比较大,不适合用于企业网的环境。
实验拓扑(customer carrier supports MPLS ***s)
需求:
1)网段以及IP地址如拓扑所示
2)各AS执行的动态路由协议如拓扑所示
3)各AS细节
-- AS456
PE1和Y-ASBR1 之间
VRP:Y
rd 456:123
route-target export 456:1011
route-target import 456:1011
PE2和B-ASBR1之间
VRF:B
rd 456:789
route-target export 456:1011
route-target import 456:1011
-- AS123
Y-PE1和CE1之间
VRF:CustA
rd 123:11
import route-target
1111:1111
export route-target
1111:1111
-- AS789
B-PE1和CE2之间
VRF:CustB
rd 789:10
route-target export 1010:1010
route-target import 1010:1010
4)配置CsC,保障CE1和CE2之间的通讯
配置:
1)配置CustA(AS123)VRF以及*v4
****Y-PE1***
!
hostname Y-PE1
!
vrf CustA
address-family ipv4 unicast
import route-target
1111:1111
!
export route-target
1111:1111
!
!
!
interface Loopback0
ipv4 address 1.1.1.1 255.255.255.255
!
interface GigabitEthernet0/0/0/0 --Link-to-CE1
vrf CustA
ipv4 address 110.1.1.1 255.255.255.0
!
interface GigabitEthernet0/0/0/1
ipv4 address 10.1.12.1 255.255.255.0
!
router ospf 123
router-id 1.1.1.1
address-family ipv4 unicast
area 0
interface Loopback0
!
interface GigabitEthernet0/0/0/1
!
!
!
router bgp 123
bgp router-id 1.1.1.1
address-family ipv4 unicast
!
address-family v4 unicast
!
neighbor 2.2.2.2
remote-as 123
update-source Loopback0
address-family v4 unicast
!
!
vrf CustA
rd 123:11
address-family ipv4 unicast
redistribute rip
!
!
!
mpls ldp
router-id 1.1.1.1
address-family ipv4
!
interface GigabitEthernet0/0/0/1
!
!
mpls label range table 0 16100 16199
!
router rip
vrf CustA
interface GigabitEthernet0/0/0/0
!
redistribute bgp 123
default-metric 1
!
!
****Y-RR1***
!
hostname Y-RR1
!
mpls label range 200 299
mpls label protocol ldp
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Ethernet0/0
ip address 10.1.12.2 255.255.255.0
mpls ip
!
interface Ethernet0/1
ip address 10.1.23.2 255.255.255.0
mpls ip
!
router ospf 123
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 10.1.12.0 0.0.0.255 area 0
network 10.1.23.0 0.0.0.255 area 0
!
router bgp 123
bgp router-id 2.2.2.2
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 123
neighbor 1.1.1.1 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family *v4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 1.1.1.1 route-reflector-client
exit-address-family
!
****Y-ASBR1*****
!
hostname Y-ASBR1
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface Ethernet0/0
ip address 10.1.34.3 255.255.255.0
!
interface Ethernet0/1
ip address 10.1.23.3 255.255.255.0
!
router ospf 123
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 10.1.23.0 0.0.0.255 area 0
!
****CE1*****
!
hostname CE1
!
interface Loopback0
ip address 11.11.11.11 255.255.255.255
!
interface Ethernet0/0
ip address 110.1.1.10 255.255.255.0
!
router rip
version 2
network 11.0.0.0
network 110.0.0.0
no auto-summary
!
2)配置CustB(AS789)VRF以及*v4
****B-ASBR1***
!
hostname B-ASBR1
!
interface Loopback0
ip address 7.7.7.7 255.255.255.255
!
interface Ethernet0/0
ip address 10.1.78.7 255.255.255.0
!
interface Ethernet0/1
ip address 10.1.67.7 255.255.255.0
!
router ospf 789
router-id 7.7.7.7
network 7.7.7.7 0.0.0.0 area 0
network 10.1.78.0 0.0.0.255 area 0
!
****B-RR1***
!
hostname B-RR1
!
interface Loopback0
ipv4 address 8.8.8.8 255.255.255.255
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.1.78.8 255.255.255.0
!
interface GigabitEthernet0/0/0/1
ipv4 address 10.1.89.8 255.255.255.0
!
router ospf 789
router-id 8.8.8.8
address-family ipv4 unicast
area 0
interface Loopback0
!
interface GigabitEthernet0/0/0/0
!
interface GigabitEthernet0/0/0/1
!
!
router bgp 789
bgp router-id 8.8.8.8
address-family ipv4 unicast
!
address-family *v4 unicast
!
neighbor 9.9.9.9
remote-as 789
update-source Loopback0
address-family ***v4 unicast
route-reflector-client
!
!
!
mpls ldp
router-id 8.8.8.8
address-family ipv4
!
interface GigabitEthernet0/0/0/0
!
interface GigabitEthernet0/0/0/1
!
!
mpls label range table 0 16800 16899
!
****B-PE1***
!
hostname B-PE1
!
ip vrf CustB
rd 789:10
route-target export 1010:1010
route-target import 1010:1010
!
mpls label range 900 999
mpls label protocol ldp
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 9.9.9.9 255.255.255.255
!
interface Ethernet0/0
ip address 10.1.89.9 255.255.255.0
mpls ip
!
interface Ethernet0/1 --Link-to-CE2
ip vrf forwarding CustB
ip address 10.1.90.9 255.255.255.0
!
router ospf 90 vrf CustB
router-id 99.99.99.99
redistribute bgp 789 subnets
network 10.1.90.0 0.0.0.255 area 0
!
router ospf 789
router-id 9.9.9.9
network 9.9.9.9 0.0.0.0 area 0
network 10.1.89.0 0.0.0.255 area 0
!
router bgp 789
bgp router-id 9.9.9.9
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 8.8.8.8 remote-as 789
neighbor 8.8.8.8 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family *v4
neighbor 8.8.8.8 activate
neighbor 8.8.8.8 send-community extended
exit-address-family
!
address-family ipv4 vrf CustB
redistribute ospf 90 match internal external 1 external 2
exit-address-family
!
****CE2*****
!
hostname CE2
!
interface Loopback0
ip address 10.10.10.10 255.255.255.255
!
interface Ethernet0/1
ip address 10.1.90.10 255.255.255.0
!
router ospf 90
router-id 10.10.10.10
network 10.1.90.0 0.0.0.255 area 0
network 10.10.10.10 0.0.0.0 area 0
!
3)配置Core-ISP(PE1/P1/PE2)的VRF以及*v4
****PE1***
!
hostname PE1
!
ip vrf Y
rd 456:123
route-target export 456:1011
route-target import 456:1011
!
mpls label range 400 499
mpls label protocol ldp
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface Ethernet0/0 ---Link-to-Y-ASBR1
ip vrf forwarding Y
ip address 10.1.34.4 255.255.255.0
!
interface Ethernet0/1
ip address 10.1.45.4 255.255.255.0
mpls ip
!
router ospf 654 vrf Y
router-id 44.44.44.44
redistribute bgp 456 subnets
network 10.1.34.0 0.0.0.255 area 0
!
router ospf 456
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 10.1.45.0 0.0.0.255 area 0
!
router bgp 456
bgp router-id 4.4.4.4
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 6.6.6.6 remote-as 456
neighbor 6.6.6.6 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family v4
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-community extended
exit-address-family
!
address-family ipv4 vrf Y
redistribute ospf 654 match internal external 1 external 2 route-map Y
exit-address-family
!
!使用ACL匹配Y-PE1和Y-RR1的Loopback0接口IP地址
access-list 1 permit 1.1.1.1
access-list 1 permit 2.2.2.2
!
!使用route-map调用ACL---过滤AS123其他OSPF路由进入v4
route-map Y permit 10
match ip address 1
!
****P1*****
!
hostname P1
!
mpls label range 500 599
mpls label protocol ldp
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 5.5.5.5 255.255.255.255
!
interface Ethernet0/0
ip address 10.1.56.5 255.255.255.0
mpls ip
!
interface Ethernet0/1
ip address 10.1.45.5 255.255.255.0
mpls ip
!
router ospf 456
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 10.1.45.0 0.0.0.255 area 0
network 10.1.56.0 0.0.0.255 area 0
!
****PE2***
!
hostname PE2
!
ip vrf B
rd 456:789
route-target export 456:1011
route-target import 456:1011
!
mpls label range 600 699
mpls label protocol ldp
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
!
interface Ethernet0/0
ip address 10.1.56.6 255.255.255.0
mpls ip
!
interface Ethernet0/1 --Link-to-B-ASBR1
ip vrf forwarding B
ip address 10.1.67.6 255.255.255.0
!
router ospf 654 vrf B
router-id 66.66.66.66
redistribute bgp 456 subnets
network 10.1.67.0 0.0.0.255 area 0
!
router ospf 456
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 10.1.56.0 0.0.0.255 area 0
!
router bgp 456
bgp router-id 6.6.6.6
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 456
neighbor 4.4.4.4 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family *v4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
exit-address-family
!
address-family ipv4 vrf B
redistribute ospf 654 match internal external 1 external 2 route-map B
exit-address-family
!
!使用ACL匹配B-RR1和B-PE1的loopback0接口IP
access-list 1 permit 8.8.8.8
access-list 1 permit 9.9.9.9
!
!使用route-map调用ACL--过滤AS789其他OSPF的路由进入***v4
route-map B permit 10
match ip address 1
!
****Y-ASBR1*****
!
hostname Y-ASBR1
!
router ospf 123
router-id 3.3.3.3
network 10.1.34.0 0.0.0.255 area 0
!
****B-ASBR1*****
!
hostname B-ASBR1
!
router ospf 789
router-id 7.7.7.7
network 10.1.67.0 0.0.0.255 area 0
!
4)RR之间建立eBGP的*v4
****Y-RR1***
!
hostname Y-RR1
!
router bgp 123
bgp router-id 2.2.2.2
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 123
neighbor 1.1.1.1 update-source Loopback0
neighbor 8.8.8.8 remote-as 789
neighbor 8.8.8.8 ebgp-multihop 255
neighbor 8.8.8.8 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family ***v4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 1.1.1.1 route-reflector-client
neighbor 8.8.8.8 activate
neighbor 8.8.8.8 send-community extended
neighbor 8.8.8.8 next-hop-unchanged ---保持标签的一致性
exit-address-family
!
****B-RR1***
!
hostname B-RR1
!
route-policy PASS --eBGP传递策略
pass
end-policy
!
router bgp 789
bgp router-id 8.8.8.8
address-family ipv4 unicast
!
address-family *v4 unicast
!
neighbor 2.2.2.2
remote-as 123
ebgp-multihop 255
update-source Loopback0
address-family v4 unicast
route-policy PASS in
route-policy PASS out
next-hop-unchanged ---保持标签的一致性
!
!
neighbor 9.9.9.9
remote-as 789
update-source Loopback0
address-family v4 unicast
route-reflector-client
!
!
!
5)为保障PE可以接收到不同AS间的*v4路由,PE端分别做RT的导入
****Y-PE1***
!
hostname Y-PE1
!
vrf CustA
address-family ipv4 unicast
import route-target
1010:1010
1111:1111
!
export route-target
1111:1111
!
!
****B-PE1*****
!
hostname B-PE1
!
ip vrf CustB
rd 789:10
route-target export 1010:1010
route-target import 1010:1010
route-target import 1111:1111
!
6)为保障CE两端能够通过标签传递数据,在Y-ASBR1、PE1、PE2、B-ASBR1之间建立LDP邻居
****Y-ASBR1*****
!
hostname Y-ASBR1
!
mpls label range 300 399
mpls label protocol ldp
mpls ldp router-id Loopback0 force
!
interface Ethernet0/0
ip address 10.1.34.3 255.255.255.0
mpls ip
!
interface Ethernet0/1
ip address 10.1.23.3 255.255.255.0
mpls ip
!
****PE1*****
!
hostname PE1
!
interface Ethernet0/0
ip vrf forwarding Y
ip address 10.1.34.4 255.255.255.0
mpls ip
!
****PE2*****
!
hostname PE1
!
interface Ethernet0/1
ip vrf forwarding B
ip address 10.1.67.6 255.255.255.0
mpls ip
!
****B-ASBR1*****
!
hostname B-ASBR1
!
mpls label range 700 799
mpls label protocol ldp
mpls ldp router-id Loopback0 force
!
interface Ethernet0/0
ip address 10.1.78.7 255.255.255.0
mpls ip
!
interface Ethernet0/1
ip address 10.1.67.7 255.255.255.0
mpls ip
!
以上是关于Inter-Provider MPLS Solutions 之 option C-CSC的主要内容,如果未能解决你的问题,请参考以下文章