BGP MPLS 单域实验及排错思路
拓扑
MPLS部分:
PE1:mpls lsr-id 1.1.1.1mpls ldpinterface g0/0mpls enablempls ldp enableip add 100.1.12.1 24interface loopback 0ip add 1.1.1.1 32
P:mpls lsr-id 2.2.2.2mpls ldpinterface g0/0mpls enablempls ldp enableip add 100.1.12.2 24interface g0/1mpls enablempls ldp enableip add 100.1.23.2 24interface loopback 0ip add 2.2.2.2 32
PE3:mpls lsr-id 3.3.3.3mpls ldpinterface g0/0mpls enablempls ldp enableip add 100.1.23.3 24interface loopback 0ip add 3.3.3.3 32
公网ISP:
[PE1]ospf 1 router-id 1.1.1.1
[PE1-ospf-1]area 0
[PE1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
[PE1-ospf-1-area-0.0.0.0]network 100.1.12.1 0.0.0.0[p]ospf 1 router-id 2.2.2.2
[p-ospf-1]area 0
[p-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[p-ospf-1-area-0.0.0.0]network 100.1.12.2 0.0.0.0
[p-ospf-1-area-0.0.0.0]network 100.1.23.2 0.0.0.0[PE3]ospf 1 router-id 3.3.3.3
[PE3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0
[PE3-ospf-1-area-0.0.0.0]network 100.1.23.3 0.0.0.0
排查第一个阶段:首先排查公网连通性问题:
[PE1]ping -a 1.1.1.1 3.3.3.3
Ping 3.3.3.3 (3.3.3.3) from 1.1.1.1: 56 data bytes, press CTRL+C to break
56 bytes from 3.3.3.3: icmp_seq=0 ttl=254 time=2.000 ms
56 bytes from 3.3.3.3: icmp_seq=1 ttl=254 time=3.000 ms
56 bytes from 3.3.3.3: icmp_seq=2 ttl=254 time=2.000 ms
56 bytes from 3.3.3.3: icmp_seq=3 ttl=254 time=1.000 ms
56 bytes from 3.3.3.3: icmp_seq=4 ttl=254 time=2.000 ms--- Ping statistics for 3.3.3.3 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss查看MPLS LDP 邻居状态,Operational为最终正常状态,并且IP地址大的一方为 Active状态
[PE1]display mpls ldp peer
Total number of peers: 1
Peer LDP ID State Role GR MD5 KA Sent/Rcvd
2.2.2.2:0 Operational Passive Off Off 7/7在中间设备P上应该存在与PE1、PE3建立LDP邻居
[p]dis mpls ldp peer
Total number of peers: 2
Peer LDP ID State Role GR MD5 KA Sent/Rcvd
1.1.1.1:0 Operational Active Off Off 19/19
3.3.3.3:0 Operational Passive Off Off 16/15如果LDP邻居建立正常的话,需要进一步查看PE之间的LSP是否存在,
分别在PE1和PE3上查看是否存在到达对端的LSP
[PE1]dis mpls ldp lsp
Status Flags: * - stale, L - liberal, B - backup, N/A - unavailable
FECs: 3 Ingress: 2 Transit: 2 Egress: 1FEC In/Out Label Nexthop OutInterface/LSINDEX
1.1.1.1/32 3/--/24128(L)
2.2.2.2/32 -/3 100.1.12.2 GE0/024128/3 100.1.12.2 GE0/0
3.3.3.3/32 -/24127 100.1.12.2 GE0/024127/24127 100.1.12.2 GE0/0
MPLS默认只会分配32位非物理直连的主机路由对应MPLS标签,大家可以实验一下,可以在PE3上另起一个Loopback 口
根据规划所实现的效果分别是CE4与CE6去通信,CE5与CE7去通信,并解决私网地址冲突问题
配置本地VPNPE1:
[PE1]ip vpn-instance vpn10
[PE1-vpn-instance-vpn10]route-distinguisher 100:1
[PE1-vpn-instance-vpn10]vpn-target 100:1 both [PE1]ip vpn-instance vpn20
[PE1-vpn-instance-vpn20]route-distinguisher 200:1
[PE1-vpn-instance-vpn20]vpn-target 200:1 ?STRING<3-21> VPN target in the format ASN:nn or IP_address:nnboth Use the VPN targets as both export and import targetsexport-extcommunity Use the VPN targets as export targetsimport-extcommunity Use the VPN targets as import targets<cr>
[PE1-vpn-instance-vpn20]vpn-target 200:1 export-extcommunity
[PE1-vpn-instance-vpn20]vpn-target 200:1 import-extcommunity查看两种配置方式均可:
[PE1]dis current-configuration conf vpn-instance
#
ip vpn-instance vpn10route-distinguisher 100:1vpn-target 100:1 import-extcommunityvpn-target 100:1 export-extcommunity
#
ip vpn-instance vpn20route-distinguisher 200:1vpn-target 200:1 import-extcommunityvpn-target 200:1 export-extcommunity
#
return
私网接口与VPN绑定
[PE1]int g0/1
[PE1-GigabitEthernet0/1]ip binding vpn-instance vpn10
Some configurations on the interface are removed.
[PE1-GigabitEthernet0/1]ip add 172.16.100.1 24
[PE1]int g0/2
[PE1-GigabitEthernet0/2]ip binding vpn-instance vpn20
Some configurations on the interface are removed.
[PE1-GigabitEthernet0/2]ip add 172.16.100.1 24查看IP地址表:
[PE1]dis ip int brief
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP address/Mask VPN instance Description
GE0/0 up up 100.1.12.1/24 -- --
GE0/1 up up 172.16.100.1/24 vpn10 --
GE0/2 up up 172.16.100.1/24 vpn20 --
PE3配置与PE1配置相当如下:
[PE3]ip vpn-instance vpn10
[PE3-vpn-instance-vpn10] route-distinguisher 100:1
[PE3-vpn-instance-vpn10] vpn-target 100:1 import-extcommunity
[PE3-vpn-instance-vpn10] vpn-target 100:1 export-extcommunity
[PE3-vpn-instance-vpn10]ip vpn-instance vpn20
[PE3-vpn-instance-vpn20] route-distinguisher 200:1
[PE3-vpn-instance-vpn20] vpn-target 200:1 import-extcommunity
[PE3-vpn-instance-vpn20] vpn-target 200:1 export-extcommunity
[PE3]
[PE3]int g0/1
[PE3-GigabitEthernet0/1]ip binding vpn-instance vpn10
[PE3-GigabitEthernet0/1]ip add 172.16.200.1 24
[PE3-GigabitEthernet0/1]int g0/2
[PE3-GigabitEthernet0/2]ip binding vpn-instance vpn20
[PE3-GigabitEthernet0/2]ip add 172.16.200.1 24
配置PE与CE之间的路由协议,这里我们使用OSPF示例:
PE1 PE3:
[PE1]ospf 10 vpn-instance vpn10
[PE1-ospf-10] area 0.0.0.0
[PE1-ospf-10-area-0.0.0.0]network 172.16.100.1 0.0.0.0
[PE1-ospf-10-area-0.0.0.0]ospf 20 vpn-instance vpn20
[PE1-ospf-20] area 0.0.0.0
[PE1-ospf-20-area-0.0.0.0]network 172.16.100.1 0.0.0.0[PE3]ospf 10 vpn-instance vpn10
[PE3-ospf-10]area 0.0.0.0
[PE3-ospf-10-area-0.0.0.0]network 172.16.200.1 0.0.0.0
[PE3-ospf-10-area-0.0.0.0]ospf 20 vpn-instance vpn20
[PE3-ospf-20] area 0.0.0.0
[PE3-ospf-20-area-0.0.0.0]network 172.16.200.1 0.0.0.0
CE:
[CE4]int LoopBack 0
[CE4-LoopBack0]ip add 4.4.4.4 32
[CE4-LoopBack0]int g0/0
[CE4-GigabitEthernet0/0]ip add 172.16.100.4 24
[CE4]ospf 10
[CE4-ospf-10]area 0
[CE4-ospf-10-area-0.0.0.0]network 4.4.4.4 0.0.0.0
[CE4-ospf-10-area-0.0.0.0]network 172.16.100.4 0.0.0.0[CE5]int LoopBack 0
[CE5-LoopBack0]ip add 5.5.5.5 32
[CE5-LoopBack0]int g0/0
[CE5-GigabitEthernet0/0]ip add 172.16.100.5 24
[CE5]ospf 20
[CE5-ospf-20]area 0
[CE5-ospf-20-area-0.0.0.0]network 5.5.5.5 0.0.00.0
[CE5-ospf-20-area-0.0.0.0]network 172.16.100.5 0.0.0.0[CE6]int LoopBack 0
[CE6-LoopBack0]ip add 6.6.6.6 32
[CE6-LoopBack0]int g0/0
[CE6-GigabitEthernet0/0]ip add 172.16.200.6 24
[CE6]ospf 10
[CE6-ospf-10]area 0
[CE6-ospf-10-area-0.0.0.0]network 6.6.6.6 0.0.0.0
[CE6-ospf-10-area-0.0.0.0]network 172.16.200.6 0.0.0.0[CE7]int LoopBack 0
[CE7-LoopBack0]ip add 7.7.7.7 32
[CE7-LoopBack0]int g0/0
[CE7-GigabitEthernet0/0]ip add 172.16.200.7 24
[CE7]ospf 20
[CE7-ospf-20]area 0
[CE7-ospf-20-area-0.0.0.0]network 7.7.7.7 0.0.0.0
[CE7-ospf-20-area-0.0.0.0]network 172.16.200.7 0.0.0.0
PE与CE之间应该建立起OSPF邻居关系并学习相应路由,此处以PE1为例:
[PE1]dis ospf peer OSPF Process 1 with Router ID 1.1.1.1Neighbor Brief InformationArea: 0.0.0.0 Router ID Address Pri Dead-Time State Interface2.2.2.2 100.1.12.2 1 36 Full/BDR GE0/0OSPF Process 10 with Router ID 172.16.100.1Neighbor Brief InformationArea: 0.0.0.0 Router ID Address Pri Dead-Time State Interface4.4.4.4 172.16.100.4 1 34 Full/BDR GE0/1OSPF Process 20 with Router ID 172.16.100.1Neighbor Brief InformationArea: 0.0.0.0 Router ID Address Pri Dead-Time State Interface5.5.5.5 172.16.100.5 1 40 Full/BDR GE0/2[PE1]dis ospf routing //查看OSPF协议学到的路由OSPF Process 1 with Router ID 1.1.1.1Routing TableRouting for networkDestination Cost Type NextHop AdvRouter Area3.3.3.3/32 2 Stub 100.1.12.2 3.3.3.3 0.0.0.01.1.1.1/32 0 Stub 0.0.0.0 1.1.1.1 0.0.0.0100.1.12.0/24 1 Transit 0.0.0.0 1.1.1.1 0.0.0.02.2.2.2/32 1 Stub 100.1.12.2 2.2.2.2 0.0.0.0100.1.23.0/24 2 Transit 100.1.12.2 2.2.2.2 0.0.0.0OSPF Process 10 with Router ID 172.16.100.1Routing TableRouting for networkDestination Cost Type NextHop AdvRouter Area172.16.100.0/24 1 Transit 0.0.0.0 172.16.100.1 0.0.0.04.4.4.4/32 1 Stub 172.16.100.4 4.4.4.4 0.0.0.0OSPF Process 20 with Router ID 172.16.100.1Routing TableRouting for networkDestination Cost Type NextHop AdvRouter Area172.16.100.0/24 1 Transit 0.0.0.0 172.16.100.1 0.0.0.05.5.5.5/32 1 Stub 172.16.100.5 5.5.5.5 0.0.0.0
配置MP-BGP:
PE之间需要建立MP-BGP邻居来交互私网路由:
PE1:
[PE1]BGP 1000
[PE1-bgp-default]peer 3.3.3.3 as-number 1000
[PE1-bgp-default]peer 3.3.3.3 connect-interface LoopBack 0
[PE1-bgp-default]address-family vpnv4 //注意此处是BGP下的VPNV4地址族视图
[PE1-bgp-default-vpnv4]peer 3.3.3.3 enable
[PE1-bgp-default]ip vpn-instance vpn10
[PE1-bgp-default-vpn10]address-family ipv4 //注意此处是VPNV10下的IPV4地址族视图
[PE1-bgp-default-ipv4-vpn10]import-route ospf 10
[PE1-bgp-default]ip vpn-instance vpn20
[PE1-bgp-default-vpn20]address-family ipv4
[PE1-bgp-default-ipv4-vpn20]import-route ospf 20 [PE1]ospf 10 vpn-instance vpn10
[PE1-ospf-10]import-route bgp
[PE1]ospf 20 vpn-instance vpn20
[PE1-ospf-20]import-route bgp此处PE与CE之间采用OSPF互相交互路由,PE学到后之后只会加到自己的VPN路由表中,不会自动的通过MP-BGP 发送给对端PE,需要在相应的地址族视图下引入才可以同理PE1通过MP-BGP从PE3学到的私网路由,不会自动的发送给CE,所以需要在OSPF实例中去引入BGP [PE3]bgp 1000
[PE3-bgp-default]peer 1.1.1.1 as-number 1000
[PE3-bgp-default]peer 1.1.1.1 connect-interface LoopBack 0
[PE3-bgp-default]address-family vpnv4
[PE3-bgp-default-vpnv4]peer 1.1.1.1 enable
[PE3-bgp-default]ip vpn-instance vpn10i
[PE3-bgp-default-vpn10]address-family ipv4
[PE3-bgp-default-ipv4-vpn10]import-route ospf 10
[PE3-bgp-default]ip vpn-instance vpn20
[PE3-bgp-default-vpn20]address-family ipv4
[PE3-bgp-default-ipv4-vpn20]import-route ospf 20
[PE3]ospf 10 vpn-instance 10
[PE3-ospf-10]import-route bgp
[PE3]ospf 20 vpn-instance vpn20
[PE3-ospf-20]import-route bgp
查看BGP VPNV4邻居状态
[PE3]dis bgp peer vpnv4BGP local router ID: 3.3.3.3Local AS number: 1000Total number of peers: 1 Peers in established state: 1* - Dynamically created peerPeer AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State1.1.1.1 1000 9 9 0 2 00:03:31 Established查看是否通过BGP VPNV4学到路由
[PE3]dis bgp routing-table vpnv4BGP local router ID is 3.3.3.3 Status codes: * - valid, > - best, d - dampened, h - history,s - suppressed, S - stale, i - internal, e - externalOrigin: i - IGP, e - EGP, ? - incompleteTotal number of routes from all PEs: 2Route distinguisher: 100:1(vpn10)Total number of routes: 2Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 4.4.4.4/32 1.1.1.1 2 100 0 ?
* > 6.6.6.6/32 172.16.200.6 2 32768 ?Route distinguisher: 200:1(vpn20)Total number of routes: 2Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 5.5.5.5/32 1.1.1.1 2 100 0 ?
* > 7.7.7.7/32 172.16.200.7 2 32768 ?
测试:
[CE7]ping -a 7.7.7.7 5.5.5.5
Ping 5.5.5.5 (5.5.5.5) from 7.7.7.7: 56 data bytes, press CTRL+C to break
56 bytes from 5.5.5.5: icmp_seq=0 ttl=253 time=3.000 ms
56 bytes from 5.5.5.5: icmp_seq=1 ttl=253 time=3.000 ms
56 bytes from 5.5.5.5: icmp_seq=2 ttl=253 time=3.000 ms
56 bytes from 5.5.5.5: icmp_seq=3 ttl=253 time=3.000 ms
56 bytes from 5.5.5.5: icmp_seq=4 ttl=253 time=3.000 ms
--- Ping statistics for 5.5.5.5 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss[CE7]ping -a 7.7.7.7 4.4.4.4
Ping 4.4.4.4 (4.4.4.4) from 7.7.7.7: 56 data bytes, press CTRL+C to break
Request time out
Request time out
Request time out
BGP MPLS 单域实验及排错思路相关推荐
- 跨域BGP/MPLS IP VPN实验(OptionA方式)
目录 一.概述 二.组网需求 三.实验拓扑 四.实验目的 五.实验编址表 六.实验步骤 1.基本配置 2.配置运营商网络的OSPF路由协议 3.配置运营商网络的MPLS协议与LDP 4.配置PE与AS ...
- 【高级】思科设备实现城域网ISIS+BGP+MPLS ***多域互通实战
实验拓扑: GNS3 0.8.6 + c3725-adventerprisek9-mz.124-15.T5.image 实验要求: 1. IGP使用ISIS协议,用来承载城域网的直连和环回口路由. ...
- OSPF单域实验报告
1.1 实验任务<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /> ...
- 【实战】MPLS单域通信过程详解
一.背景说明 本文专门从路由传输与数据传输两个维度详细讲解传输的过程,上文实验拓扑如下图所示,为了简单起见,只已客户A为例(紫色)进行描述 二.路由传输层面 R5与R1之间通过ospf 1学习到5.5 ...
- MPLS隧道——单域基础理论讲解
目录 基本概念 MPLS隧道基本概念 涉及的相关概念 MPLS 隧道模型 私网互通所遇到的问题及解决方法 PE本地私网路由冲突问题 BGP对引入的路由无法区分的问题 PE无法区分将Vpnv4路由引入到 ...
- 华为MPLS跨域A、B方案实验配置
目录 MPLS域内配置 MPLS-AS100域内配置 MPLS-AS200域内配置 域间方式A配置 ASBR4和ASBR5配置实例 ASBR之间建立基于实例的EBGP邻居关系 域间方式B配置 ASBR ...
- BGP/MPLS *** Option B 跨域研究实验
1.实验环境 以华为模拟器eNSP为实验环境,结合wireshark抓包进行BGP/MPLS ××× OptionA 控制层面.数据层面以及日常排错三个方面进行研究:如下图所示: 2.配置流程 1)配 ...
- BGP MPLS VPN(OPTION A)实验笔记
1.实验说明 (1) 实验目的 配置BGP MPLS VPN OPTION A,使得总部与分公司私网互通,分公司与总部之间可互访,但分公司之间不能互访. (2) 实验拓扑 (3) 地址说明 业务地址段 ...
- BGP MPLS VPN(OPTION B)实验笔记
1.实验说明 (1) 实验目的 配置BGP MPLS VPN OPTION A,使得总部与分公司私网互通,分公司与总部之间可互访,但分公司之间不能互访. (2) 实验拓扑 (3) 地址说明 业务地址段 ...
最新文章
- Python案例:使用BeautifuSoup4的爬虫
- 【点云论文速读】点云高质量3D表面重建
- 正则表达式测试工具 Regex Tester 的使用方法
- 【262】pscp命令 实现windows与linux互传文件
- Android之倍数提高工作效率的 Android Studio 奇技
- webflux 对url参数的接收处理
- C语言根据日期(年,月,日)判断星期几(使用基姆拉尔森计算公式)
- 基于JAVA+SpringMVC+Mybatis+MYSQL的在线论坛管理系统
- 同学孩子上985大学,每月生活费5000元,大家认为合适吗?
- 从 VMWare 到阿里神龙,虚拟化技术 40 年演进史
- wordpress去掉index.php,wordpress去掉url中index.php 创建分类目录404如何解决
- 你们要得SpringBoot版的停车管理系统(含小程序)已经找到了,改改就能卖钱(附源码)...
- reactbootstrap php,什么是React-Bootstrap
- zabbix监控nginx的状态
- 抖音快手直播如何快速粘粉涨粉,直播话术新人必备【干货】
- Java web项目中使用C#配合开发,实现双屏显示功能
- 如何锻炼提高自己的逻辑思维?这里给你7个方法!
- 阿里云服务器docker安装网心云容器魔方
- Docker指定网桥和指定网桥IP
- 萌新python爬虫初学
热门文章
- 一名UI设计师眼中的用户体验
- matplotlib 绘制曲线的线型,颜色,形状
- 浅谈面向对象与女娲造人
- Android 摄像头调用(不含拍照),kotlin开源
- 用scala语言实现并行堆排序(top k)
- AI视频融合平台EasyCVR现已支持华为宇视等四种SDK接入
- Codeforces - Delivery Club
- Vue整合ElementUI,组件使用教程,适合新手
- LANMT架构搭建jspxcms
- html 多个插件,webpack中html-webpack-plugin插件的使用(生成多个html页面,引入不同的js文件)...