BGP/MPLS *** Option B 跨域研究实验
1、实验环境
以华为模拟器eNSP为实验环境,结合wireshark抓包进行BGP/MPLS ××× OptionA 控制层面、数据层面以及日常排错三个方面进行研究;如下图所示:
2、配置流程
1)配置IGP与公网MPLS LDP隧道:
① ISP1
PE1:
router id 1.1.1.1
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 12.12.12.0 0.0.0.255
mpls lsr-id 1.1.1.1
mpls
mpls ldp
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
mpls
mpls ldp
interface GigabitEthernet0/0/0
ip address 12.12.12.1 255.255.255.0
mpls
mpls ldp
P1:
router id 2.2.2.2
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 12.12.12.0 0.0.0.255
network 23.23.23.0 0.0.0.255
mpls lsr-id 2.2.2.2
mpls
mpls ldp
ip address 2.2.2.2 255.255.255.255
mpls
mpls ldp
interface GigabitEthernet0/0/0
ip address 12.12.12.2 255.255.255.0
mpls
mpls ldp
interface GigabitEthernet0/0/1
ip address 23.23.23.2 255.255.255.0
mpls
mpls ldp
ASBR1:
router id 3.3.3.3
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 23.23.23.0 0.0.0.255
mpls lsr-id 3.3.3.3
mpls
mpls ldp
ip address 3.3.3.3 255.255.255.255
mpls
mpls ldp
interface GigabitEthernet0/0/1
ip address 23.23.23.3 255.255.255.0
mpls
mpls ldp
查看公网路有:
<ASBR1>dis ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
Public routing table : OSPF
Destinations : 3 Routes : 3
OSPF routing table status : <Active>
Destinations : 3 Routes : 3
Destination/Mask Proto Pre Cost Flags NextHop Interface
1.1.1.1/32 OSPF 10 2 D 23.23.23.2 GigabitEthernet0/0/1
2.2.2.2/32 OSPF 10 1 D 23.23.23.2 GigabitEthernet
0/0/1
12.12.12.0/24 OSPF 10 2 D 23.23.23.2 GigabitEthernet
0/0/1
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
查看MPLS LDP session:
<ASBR1>dis mpls ldp session
LDP Session(s) in Public Network
Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
A '*' before a session means the session is being deleted.
PeerID Status LAM SsnRole SsnAge KASent/Rcv
2.2.2.2:0 Operational DU Active 0000:00:18 75/75
TOTAL: 1 session(s) Found.
查看MPLS LSP:
<ASBR1>dis mpls lsp
LSP Information: LDP LSPFEC In/Out Label In/Out IF Vrf Name
1.1.1.1/32 NULL/1024 -/GE0/0/1
1.1.1.1/32 1024/1024 -/GE0/0/1
2.2.2.2/32 NULL/3 -/GE0/0/1
2.2.2.2/32 1025/3 -/GE0/0/1
3.3.3.3/32 3/NULL -/-
②ISP2
PE2:
router id 6.6.6.6
ospf 2
area 0.0.0.0
network 6.6.6.6 0.0.0.0
network 56.56.56.0 0.0.0.255
mpls lsr-id 6.6.6.6
mpls
mpls ldp
interface LoopBack0
ip address 6.6.6.6 255.255.255.255
mpls
mpls ldp
interface GigabitEthernet0/0/0
ip address 56.56.56.6 255.255.255.0
mpls
mpls ldp
P2:
router id 5.5.5.5
ospf 2
area 0.0.0.0
network 5.5.5.5 0.0.0.0
network 56.56.56.0 0.0.0.255
network 45.45.45.0 0.0.0.255
mpls lsr-id 5.5.5.5
mpls
mpls ldp
ip address 5.5.5.5 255.255.255.255
mpls
mpls ldp
interface GigabitEthernet0/0/0
ip address 56.56.56.5 255.255.255.0
mpls
mpls ldp
interface GigabitEthernet0/0/1
ip address 45.45.45.5 255.255.255.0
mpls
mpls ldp
ASBR2:
router id 4.4.4.4
ospf 2
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 45.45.45.0 0.0.0.255
mpls lsr-id 4.4.4.4
mpls
mpls ldp
ip address 4.4.4.4 255.255.255.255
mpls
mpls ldp
interface GigabitEthernet0/0/1
ip address 45.45.45.4 255.255.255.0
mpls
mpls ldp
查看公网路有:
<ASBR2>dis ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
Public routing table : OSPF
Destinations : 3 Routes : 3
OSPF routing table status : <Active>
Destinations : 3 Routes : 3
Destination/Mask Proto Pre Cost Flags NextHop Interface
5.5.5.5/32 OSPF 10 1 D 45.45.45.5 GigabitEthernet0/0/1
6.6.6.6/32 OSPF 10 2 D 45.45.45.5 GigabitEthernet
0/0/1
56.56.56.0/24 OSPF 10 2 D 45.45.45.5 GigabitEthernet
0/0/1
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
查看MPLS LDP session:
<ASBR2>dis mpls ldp session
LDP Session(s) in Public Network
Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
A '*' before a session means the session is being deleted.
PeerID Status LAM SsnRole SsnAge KASent/Rcv
5.5.5.5:0 Operational DU Passive 0000:00:24 100/100
TOTAL: 1 session(s) Found.
查看MPLS LSP:
<ASBR2>dis mpls lsp
LSP Information: LDP LSPFEC In/Out Label In/Out IF Vrf Name
4.4.4.4/32 3/NULL -/-
5.5.5.5/32 NULL/3 -/GE0/0/1
5.5.5.5/32 1024/3 -/GE0/0/1
6.6.6.6/32 NULL/1025 -/GE0/0/1
6.6.6.6/32 1025/1025 -/GE0/0/1
2)配置各个站点CE与PE的×××实例:
①ISP1:
PE1:
ip ***-instance spi
ipv4-family
route-distinguisher 100:1
***-target 100:1 export-extcommunity
***-target 100:1 import-extcommunity
interface GigabitEthernet0/0/1
ip binding ***-instance spi
ip address 192.168.1.254 255.255.255.0
ip ***-instance spd
ipv4-family
route-distinguisher 200:1
***-target 200:1 export-extcommunity
***-target 200:1 import-extcommunity
interface GigabitEthernet0/0/2
ip binding ***-instance spd
ip address 10.10.1.254 255.255.255.0
ping测试站点到网关
②ISP2
PE2:
ip ***-instance spi
ipv4-family
route-distinguisher 100:1
***-target 100:1 export-extcommunity
***-target 100:1 import-extcommunity
interface GigabitEthernet0/0/1
ip binding ***-instance spi
ip address 192.168.2.254 255.255.255.0
ip ***-instance spd
ipv4-family
route-distinguisher 200:1
***-target 200:1 export-extcommunity
***-target 200:1 import-extcommunity
interface GigabitEthernet0/0/2
ip binding ***-instance spd
ip address 10.10.2.254 255.255.255.0
ping测试站点到网关
3)配置MP-BGP在PE与ASBR之间传递×××V4站点×××V4私网路由:
①ISP1
建立MP-BGP连接:
PE1:
bgp 100
undo default ipv4-unicast
peer 3.3.3.3 as-number 100
peer 3.3.3.3 connect-interface LoopBack0
ipv4-family unicast
undo synchronization
peer 3.3.3.3 enable
ipv4-family ***v4
policy ***-target
peer 3.3.3.3 enable
ASBR1:
bgp 100
undo default ipv4-unicast
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
ipv4-family unicast
undo synchronization
peer 1.1.1.1 enable
ipv4-family ***v4
policy ***-target
peer 1.1.1.1 enable
查看MP-BGP建立连接情况:
[ASBR1]dis bgp ***v4 all peer
BGP local router ID : 3.3.3.3
Local AS number : 100
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv
1.1.1.1 4 100 9 9 0 00:07:51 Established 0
宣告×××路有到MP-BGP:
PE1:
ipv4-family ***-instance spd
network 10.10.1.0 255.255.255.0
ipv4-family ***-instance spi
network 192.168.1.0
查看***v4私网路由路有从PE1传递到ASBR1情况:
<ASBR1>dis bgp ***v4 all routing-table
BGP Local router ID is 3.3.3.3
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 2
Route Distinguisher: 100:1
Network NextHop MED LocPrf PrefVal Path/Ogn*>i 192.168.1.0 1.1.1.1 0 100 0 i
Route Distinguisher: 200:1
Network NextHop MED LocPrf PrefVal Path/Ogn*>i 10.10.1.0/24 1.1.1.1 0 100 0 i
×××-Instance spd, Router ID 3.3.3.3:
Total Number of Routes: 1
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 10.10.1.0/24 1.1.1.1 0 100 0 i
×××-Instance spi, Router ID 3.3.3.3:
Total Number of Routes: 1
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 192.168.1.0 1.1.1.1 0 100 0 i
①ISP2
建立MP-BGP连接:
PE2:
bgp 200
undo default ipv4-unicast
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
ipv4-family unicast
undo synchronization
peer 4.4.4.4 enable
ipv4-family ***v4
policy ***-target
peer 4.4.4.4 enable
ASBR2:
bgp 200
undo default ipv4-unicast
peer 6.6.6.6 as-number 200
peer 6.6.6.6 connect-interface LoopBack0
ipv4-family unicast
undo synchronization
peer 6.6.6.6 enable
ipv4-family ***v4
policy ***-target
peer 6.6.6.6 enable
<ASBR2>dis bgp ***v4 all peer
BGP local router ID : 4.4.4.4
Local AS number : 200
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State Pre
fRcv
6.6.6.6 4 200 3 3 0 00:01:55 Established 0
宣告×××路有到MP-BGP:
PE2
ipv4-family ***-instance spd
network 10.10.2.0 255.255.255.0
ipv4-family ***-instance spi
network 192.168.2.0
查看***v4私网路由路有从PE2传递到ASBR2情况:
<ASBR2>dis bgp ***v4 all routing-table
BGP Local router ID is 4.4.4.4
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 2
Route Distinguisher: 100:1
Network NextHop MED LocPrf PrefVal Path/Ogn*>i 192.168.2.0 6.6.6.6 0 100 0 i
Route Distinguisher: 200:1
Network NextHop MED LocPrf PrefVal Path/Ogn*>i 10.10.2.0/24 6.6.6.6 0 100 0 i
×××-Instance spd, Router ID 4.4.4.4:
Total Number of Routes: 1
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 10.10.2.0/24 6.6.6.6 0 100 0 i
×××-Instance spi, Router ID 4.4.4.4:
Total Number of Routes: 1
Network NextHop MED LocPrf PrefVal Path/Ogn
*>i 192.168.2.0 6.6.6.6 0 100 0 i
4)进行ASBR1与ASBR2 的OPTION B跨域配置:
①ISP1
ASBR1:
interface GigabitEthernet0/0/0
ip address 34.34.34.3 255.255.255.0
Ping 测对端接口地址
②ISP2
ASBR2:
interface GigabitEthernet0/0/0
ip address 34.34.34.4 255.255.255.0
Ping 测对端接口地址
ASBR1与ASBR2建立MP-EBGP传递各自PE MP-IBGP传来的路由:
ASBR1:
bgp 100
undo default ipv4-unicast
peer 34.34.34.4 as-number 200
ipv4-family unicast
undo peer 34.34.34.4 enable
ipv4-family ***v4
policy ***-target
peer 34.34.34.4 enable
ASBR2:
bgp 200
undo default ipv4-unicast
peer 34.34.34.3 as-number 100
ipv4-family unicast
undo synchronization
undo peer 34.34.34.3 enable
ipv4-family ***v4
policy ***-target
peer 34.34.34.3 enable
配置完成后发现ASBR1与ASBR2收不到任何×××V4的路由,但是各自的PE1与PE2都已经发送×××V4路由如下图:
由于ASBR1与ASBR2上已经没有××× 实例,在控制层面MP-IBGP接收路由需要BGP的×××V4地址簇中对RT值进行过滤;所以在ASBR1与ASBR2上MP-BGP的×××V4地址簇中把policy ***-target undo掉。
但是发现PE1上接收不到ASBR1发送过来的192.168.2.0的路由如图:
排查发现ASBR1没有收到ASBR2上发来的路由:
在ASBR1上排查发现:
192.168.2.0/24的路由只有出去的标签,只有ASBR2给分发的标签,没有ASBR1分发的标签,所以它不转发给PE1;
注意:如果通过PE MP-BGP把私网路由传给ASBR或其它设备,如果该设备上没有起任何对应×××实例,该设备无法接收对应该实例×××V4路由,要想接收把***-target过滤关掉,如果采用Option B跨域注意两个ASBR互联接口使能MPLS,否则ASBR完不成标签交换不会把×××V4路由发出!
所以在ASBR1与ASBR2上使能MPLS,注意只需要使能MPLS,使得ASBR1 MP-IBGP与MP-EBGP能够交换标签,那么ASBR1会给发给PE1的192.168.2.0打上标签;
ASBR1:
PE1:
Destination: 192.168.2.0/24
Protocol: IBGP Process ID: 0
Preference: 255 Cost: 0
NextHop: 3.3.3.3 Neighbour: 3.3.3.3
State: Active Adv Relied Age: 00h03m24s
Tag: 0 Priority: low
Label: 1029 QoSInfo: 0x0
IndirectID: 0x4
RelayNextHop: 12.12.12.2 Interface: GigabitEthernet0/0/0
TunnelID: 0x3 Flags: RD
3、控制层面分析
1)CE3的路由192.168.2.0/24传递给CE1过程:
①PE2上连接CE3直连路由:
<PE2>dis ip routing-table ***-instance spi protocol direct
Route Flags: R - relay, D - download to fib
spi routing table : Direct
Destinations : 4 Routes : 4
Direct routing table status : <Active>
Destinations : 4 Routes : 4
Destination/Mask Proto Pre Cost Flags NextHop Interface
192.168.2.0/24 Direct 0 0 D 192.168.2.254 GigabitEthernet0/0/1
192.168.2.254/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
192.168.2.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Direct routing table status : <Inactive>
Destinations : 0 Routes : 0
<PE2>dis ip routing-table ***-instance spi verbose
Destination: 192.168.2.0/24
Protocol: Direct Process ID: 0
Preference: 0 Cost: 0
NextHop: 192.168.2.254 Neighbour: 0.0.0.0
State: Active Adv Age: 03h29m00s
Tag: 0 Priority: high
Label: NULL QoSInfo: 0x0
IndirectID: 0x0
RelayNextHop: 0.0.0.0 Interface: GigabitEthernet0/0/1
TunnelID: 0x0 Flags: D
②把*** spi中192.168.2.0直连路由导入MP-BGP中:
<PE2>dis current-configuration configuration bgp
[V200R003C00]
bgp 200
undo default ipv4-unicast
peer 4.4.4.4 as-number 200
peer 4.4.4.4 connect-interface LoopBack0
ipv4-family unicast
undo synchronization
peer 4.4.4.4 enable
ipv4-family ***v4
policy ***-target
peer 4.4.4.4 enable
ipv4-family ***-instance spi
network 192.168.2.0
③PE2 在MP-BGP中192.168.2.0/24路由情况:
<PE2>dis bgp ***v4 ***-instance spi routing-table label
BGP Local router ID is 6.6.6.6
Status codes: - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 5
Route Distinguisher: 100:1
Network NextHop In/Out Label
> 192.168.2.0 192.168.2.254 1026/NULL
<PE2>dis bgp ***v4 ***-instance spi routing-table 192.168.2.0
BGP local router ID : 6.6.6.6
Local AS number : 200
×××-Instance spi, Router ID 6.6.6.6:
Paths: 1 available, 1 best, 1 select
BGP routing table entry information of 192.168.2.0/24:
Network route.
From: 0.0.0.0 (0.0.0.0)
Route Duration: 02h05m43s
Direct Out-interface: GigabitEthernet0/0/1
Original nexthop: 192.168.2.254
Qos information : 0x0
AS-path Nil, origin igp, MED 0, pref-val 0, valid, local, best, select, pre 0
Not advertised to any peer yet
PE2上的MP-BGP给192.168.2.0的×××v4路由分配的私网标签:
<PE2>dis bgp ***v4 all routing-table label
BGP Local router ID is 6.6.6.6
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 4
Route Distinguisher: 100:1
Network NextHop In/Out Label
>i 192.168.1.0 4.4.4.4 NULL/1029
> 192.168.2.0 192.168.2.254 1026/NULL
④ASBR2 在MP-BGP中收到192.168.2.0/24路由情况:
ASBR2上收到PE2 MP-IBGP 192.168.2.0 的×××V4路由分的标签1026
ASBR 2上与ASBR1的 MP-EBGP给192.168.2.0 的×××V4路由分的1026
<ASBR2>dis bgp ***v4 all routing-table label
BGP Local router ID is 4.4.4.4
Status codes: - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 4
Route Distinguisher: 100:1
Network NextHop In/Out Label
> 192.168.1.0 34.34.34.3 1029/1027
*>i 192.168.2.0 6.6.6.6 1026/1026
ASBR2到6.6.6.6的公网MPLS标签:
<ASBR2>dis mpls lsp
LSP Information: L3××× LSPFEC In/Out Label In/Out IF Vrf Name
192.168.2.0/24 1026/1026 -/- ASBR LSP
10.10.2.0/24 1027/1027 -/- ASBR LSP
10.10.1.0/24 1028/1026 -/- ASBR LSP
192.168.1.0/24 1029/1027 -/- ASBR LSP
LSP Information: LDP LSPFEC In/Out Label In/Out IF Vrf Name
4.4.4.4/32 3/NULL -/-
5.5.5.5/32 NULL/3 -/GE0/0/1
5.5.5.5/32 1024/3 -/GE0/0/1
6.6.6.6/32 NULL/1025 -/GE0/0/1
6.6.6.6/32 1025/1025 -/GE0/0/1
<P2>dis mpls lsp
LSP Information: LDP LSPFEC In/Out Label In/Out IF Vrf Name
4.4.4.4/32 NULL/3 -/GE0/0/1
4.4.4.4/32 1024/3 -/GE0/0/1
5.5.5.5/32 3/NULL -/-
6.6.6.6/32 NULL/3 -/GE0/0/0
6.6.6.6/32 1025/3 -/GE0/0/0
⑤ 在ASBR1上进行查收192.168.2.0/24路由情况:
ASBR 2上与ASBR1的 MP-EBGP给192.168.2.0 的×××V4路由分的1026
ASBR1上与PE1 的MP-IBGP给192.168.2.0 的×××V4路由分的标签1029
<ASBR1>dis bgp ***v4 all routing-table label
BGP Local router ID is 3.3.3.3
Status codes: - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 4
Route Distinguisher: 100:1
Network NextHop In/Out Label
>i 192.168.1.0 1.1.1.1 1027/1027
> 192.168.2.0 34.34.34.4 1029/1026
⑥ 在PE1上进行查收192.168.2.0/24路由情况:
<PE1>dis bgp ***v4 all routing-table label
ASBR1上与PE1 的MP-IBGP给192.168.2.0 的×××V4路由分的标签1029
BGP Local router ID is 1.1.1.1
Status codes: - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 4
Route Distinguisher: 100:1
Network NextHop In/Out Label
> 192.168.1.0 192.168.1.254 1027/NULL
>i 192.168.2.0 3.3.3.3 NULL/1029
PE1上到3.3.3.3的FIB表:
<PE1>dis fib 3.3.3.3
Route Entry Count: 1
Destination/Mask Nexthop Flag TimeStamp Interface TunnelID
3.3.3.3/32 12.12.12.2 DGHU t[99] GE0/0/0 0x3
PE1到3.3.3.3的公网标签:
<PE1>dis mpls lsp
LSP Information: BGP LSPFEC In/Out Label In/Out IF Vrf Name
10.10.1.0/24 1026/NULL -/- spd
192.168.1.0/24 1027/NULL -/- spi
LSP Information: LDP LSPFEC In/Out Label In/Out IF Vrf Name
2.2.2.2/32 NULL/3 -/GE0/0/0
2.2.2.2/32 1024/3 -/GE0/0/0
1.1.1.1/32 3/NULL -/-
3.3.3.3/32 NULL/1025 -/GE0/0/0
3.3.3.3/32 1025/1025 -/GE0/0/0
4、数据层面分析
1)CE1到CE3的192.168.2.1数据转发分析:
① PC1 192.168.1.1 到网关PE1上的192.168.1.254;
② 在PE1上查询spi ***实例的路由表查到到192.168.2.0 下一跳为3.3.3.3;私网标签为1028;
③ 路由迭代,查找到路由如下:
<PE1>dis ip routing-table 3.3.3.3
Route Flags: R - relay, D - download to fib
Routing Table : Public
Summary Count : 1
Destination/Mask Proto Pre Cost Flags NextHop Interface
3.3.3.3/32 OSPF 10 2 D 12.12.12.2 GigabitEthernet0/0/0
<PE1>dis fib 3.3.3.3
Route Entry Count: 1
Destination/Mask Nexthop Flag TimeStamp Interface TunnelID
3.3.3.3/32 12.12.12.2 DGHU t[1597] GE0/0/0 0x3
④MPLS ldp 为 3.3.3.3/32路由分配的公网标签为1025:
<PE1>dis mpls lsp
LSP Information: BGP LSPFEC In/Out Label In/Out IF Vrf Name
192.168.1.0/24 1026/NULL -/- spi
10.10.1.0/24 1027/NULL -/- spd
LSP Information: LDP LSPFEC In/Out Label In/Out IF Vrf Name
2.2.2.2/32 NULL/3 -/GE0/0/0
2.2.2.2/32 1024/3 -/GE0/0/0
1.1.1.1/32 3/NULL -/-
3.3.3.3/32 NULL/1025 -/GE0/0/0
3.3.3.3/32 1025/1025 -/GE0/0/0
⑤ 在PE1上进行查收192.168.2.0/24私网路由与标签情况:
<PE1>dis bgp ***v4 all routing-table label
ASBR1上与PE1 的MP-IBGP给192.168.2.0 的×××V4路由分的标签1029
BGP Local router ID is 1.1.1.1
Status codes: - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 4
Route Distinguisher: 100:1
Network NextHop In/Out Label
> 192.168.1.0 192.168.1.254 1027/NULL
*>i 192.168.2.0 3.3.3.3 NULL/1029
④ 去往192.168.2.1的数据包在PE1上G0/0/0封装如图所示
;
PE1的G0/0/0上使能了MPLS,所以进行MPLS2.5层标签转发;
⑤ 在P1上查看标签路径:
<P1>dis fib 3.3.3.3
Route Entry Count: 1
Destination/Mask Nexthop Flag TimeStamp Interface TunnelID
3.3.3.3/32 23.23.23.3 DGHU t[1589] GE0/0/1 0x3
<P1>dis mpls lsp
LSP Information: LDP LSPFEC In/Out Label In/Out IF Vrf Name
2.2.2.2/32 3/NULL -/-
1.1.1.1/32 NULL/3 -/GE0/0/0
1.1.1.1/32 1024/3 -/GE0/0/0
3.3.3.3/32 NULL/3 -/GE0/0/1
3.3.3.3/32 1025/3 -/GE0/0/1
把公网标签1025换为3
发现一个3这个特殊标签,在离开P1时发生第二跳标签弹出,把3的标签也弹出;
在P1离开接口G0/0/1上抓包发现只留私网标签1029:
⑥ 在ASBR1上BGP路由中发现标签为:
ASBR2上收到ASBR2 MP-EBGP 192.168.2.0 的×××V4路由分的标签1026
ASBR1上与PE1 的MP-IBGP给192.168.2.0 的×××V4路由分的标签1029
<ASBR1>dis bgp ***v4 all routing-table label
BGP Local router ID is 3.3.3.3
Status codes: - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 4
Route Distinguisher: 100:1
Network NextHop In/Out Label
>i 192.168.1.0 1.1.1.1 1027/1027
*> 192.168.2.0 34.34.34.4 1029/1026
通过1029的标签发现哪个×××实例(MP-BGP分发的是私网标签,用于在PE上指导私网数据从BGP ×××V4的标签表剥离标签后转移至对应的vrf);
⑦去往192.168.2.1报文进入spi VRF路由表并从G0/0/1上出去到ASBR2:
只剩下ASBR2与ASBR1分的MP-EBGP给192.168.2.0 的×××V4路由分的标签1026
⑧去往192.168.2.1报文进入ASBR2:
ASBR2上收到PE2 MP-IBGP 192.168.2.0 的×××V4路由分的标签1026
ASBR 2上与ASBR1的 MP-EBGP给192.168.2.0 的×××V4路由分的1026
<ASBR2>dis bgp ***v4 all routing-table label
BGP Local router ID is 4.4.4.4
Status codes: - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 4
Route Distinguisher: 100:1
Network NextHop In/Out Label
> 192.168.1.0 34.34.34.3 1029/1027
*>i 192.168.2.0 6.6.6.6 1026/1026
ASBR2到6.6.6.6的公网MPLS标签:
<ASBR2>dis mpls lsp
LSP Information: L3××× LSPFEC In/Out Label In/Out IF Vrf Name
192.168.2.0/24 1026/1026 -/- ASBR LSP
10.10.2.0/24 1027/1027 -/- ASBR LSP
10.10.1.0/24 1028/1026 -/- ASBR LSP
192.168.1.0/24 1029/1027 -/- ASBR LSP
LSP Information: LDP LSPFEC In/Out Label In/Out IF Vrf Name
4.4.4.4/32 3/NULL -/-
5.5.5.5/32 NULL/3 -/GE0/0/1
5.5.5.5/32 1024/3 -/GE0/0/1
6.6.6.6/32 NULL/1025 -/GE0/0/1
6.6.6.6/32 1025/1025 -/GE0/0/1
<P2>dis mpls lsp
LSP Information: LDP LSPFEC In/Out Label In/Out IF Vrf Name
4.4.4.4/32 NULL/3 -/GE0/0/1
4.4.4.4/32 1024/3 -/GE0/0/1
5.5.5.5/32 3/NULL -/-
6.6.6.6/32 NULL/3 -/GE0/0/0
6.6.6.6/32 1025/3 -/GE0/0/0
⑨ 去往192.168.2.1的数据包在ASBR1上G0/0/1封装如图所示;
⑩ 在P2上查看标签路径:
<P2>dis fib 6.6.6.6
Route Entry Count: 1
Destination/Mask Nexthop Flag TimeStamp Interface TunnelID
6.6.6.6/32 56.56.56.6 DGHU t[1633] GE0/0/0 0x3
<P2>dis mpls lsp
LSP Information: LDP LSPFEC In/Out Label In/Out IF Vrf Name
4.4.4.4/32 NULL/3 -/GE0/0/1
4.4.4.4/32 1024/3 -/GE0/0/1
5.5.5.5/32 3/NULL -/-
6.6.6.6/32 NULL/3 -/GE0/0/0
6.6.6.6/32 1025/3 -/GE0/0/0
把公网标签1025换为3
发现一个3这个特殊标签,在离开P2时发生第二跳标签弹出,把3的标签也弹出;
在P2离开接口G0/0/1上抓包发现只留私网标签1026:
11、去往192.168.2.1数据包进入PE2:
<PE2>dis bgp ***v4 all routing-table label
BGP Local router ID is 6.6.6.6
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Total number of routes from all PE: 5
Route Distinguisher: 100:1
Network NextHop In/Out Label>i 34.34.34.0 4.4.4.4 NULL/1027
>i 192.168.1.0 4.4.4.4 NULL/1028
*> 192.168.2.0 192.168.2.254 1026/NULL
通过1026的标签发现哪个×××实例(MP-BGP分发的是私网标签,用于在PE上指导私网数据从BGP ×××V4的标签表剥离标签后转移至对应的vrf);
12、去往192.168.2.1报文进入spi VRF路由表:
<PE2>dis ip routing-table ***-instance spi verbose
Destination: 192.168.2.0/24
Protocol: Direct Process ID: 0
Preference: 0 Cost: 0
NextHop: 192.168.2.254 Neighbour: 0.0.0.0
State: Active Adv Age: 05h28m11s
Tag: 0 Priority: high
Label: NULL QoSInfo: 0x0
IndirectID: 0x0
RelayNextHop: 0.0.0.0 Interface: GigabitEthernet0/0/1
TunnelID: 0x0 Flags: D
13、通过路由表到PC3主机:
Ping的截图:
转载于:https://blog.51cto.com/baoer0717/2088887
BGP/MPLS *** Option B 跨域研究实验相关推荐
- 华为数通笔记-MPLS BGP跨域
简介 一般MPLS VPN体系结构都是在一个自治系统内运行,任何VPN信息只是在一个AS内按需扩散.因此为了支持不同运营商之间的VPN路由交换,就需要扩展现有的协议和修改体系框架,提供一个不同与基本的 ...
- BGP/MPLS IP VPF(N) 实验(ensp)
实验拓扑图 如图1所示,本次实验使用了6台路由器(R1-R6),其中R3.R4.R5作为运营商网络中的P或PE路由器,R1.R2作为VPN客户端(CE)路由器,R6作为VPN客户端要访问的目标路由器. ...
- 新蜂商城(newbee-mall-api)部分接口实验,跨域处理(同源策略,跨域访问,CORS),系统安全问题(Session,Cookie,Token,OAuth)(软件工程综合实践课程第十三周)
文章目录 一.要求 二.知识总结 跨域处理 1.同源策略 1.1 浏览器的同源策略 1.2 跨域请求实验 2 跨域访问 2.1 添加响应头来处理跨域 2.1.1 CORS 跨域资源共享 2.1.2 设 ...
- HCIE 面试资料-BGP/MPLS V`PN
MPLS V·PN 为了实现两个站点之间跨越公网通信有了[Virtual Private Network]虚拟私有网络技术 专线的特点 1.线路专有,安全性高,不同用户之间物理隔离 2.价格昂贵 3. ...
- 跨域BGP/MPLS IP VPN实验(OptionA方式)
目录 一.概述 二.组网需求 三.实验拓扑 四.实验目的 五.实验编址表 六.实验步骤 1.基本配置 2.配置运营商网络的OSPF路由协议 3.配置运营商网络的MPLS协议与LDP 4.配置PE与AS ...
- MPLS ×××跨域实现之OPTION B配置讲解
MPLS ××× OPTION B配置讲解<?xml:namespace prefix = v ns = "urn:schemas-microsoft-com:vml" /& ...
- 跨域MPLS Option B(RR)
实验需求 本实验使用Option B完成跨域的MPLS-VPN,R9/10是CE,R1/7是PE,R3/5是ASBR,R2/6是P设备,R4/8是反射器RR. 所有涉及到Router-id的协议,全部 ...
- BGP MPLS VPN(OPTION A)实验笔记
1.实验说明 (1) 实验目的 配置BGP MPLS VPN OPTION A,使得总部与分公司私网互通,分公司与总部之间可互访,但分公司之间不能互访. (2) 实验拓扑 (3) 地址说明 业务地址段 ...
- BGP MPLS VPN(OPTION B)实验笔记
1.实验说明 (1) 实验目的 配置BGP MPLS VPN OPTION A,使得总部与分公司私网互通,分公司与总部之间可互访,但分公司之间不能互访. (2) 实验拓扑 (3) 地址说明 业务地址段 ...
最新文章
- VBA【遍历每个工作表并将工作表表名赋予B2单元格】
- .NET设计模式(2):单件模式(Singleton Pattern)
- 统计substr在母串中出现次数/删除字符串中所有空格
- 分布式计算框架Gearman原理详解
- HTML基础(我的复习和学习过程)day-01
- linux mysql5.6.27源码安装和错误解决
- NS2相关学习——完成一个新协议(3)
- java string是final_关于java:String和Final
- python 数据分析 电信_实例 | 教你用Python写一个电信客户流失预测模型
- Unity3D常用知识点总结
- chinapub读书会第10期:机器学习与人工智能 6月25日相约阿里云+优客工场
- 福布斯发布区块链50强 这5家中国公司上榜
- python图表制作方法_python图表制作
- 注册码生成器及加密程序
- 应用Dubbo框架打造仿猫眼项目 理解微服务核心思想
- 学计算机每天应该吃什么,一日三餐教电脑族缓解眼痛
- 快速美化多页PPT的3个技巧
- 病房计算机管理制度,全套协和医院管理制度大全【148个文件】
- Python游戏开发,pygame模块,Python实现记忆翻牌小游戏
- NVD软件漏洞数据处理及分类方法总结