图中红色的部分先不管,先配置一下域内的BGP
R2:
router bgp 10
no bgp default ipv4
nei 3.3.3.3 remote 10
nei 3.3.3.3 up lo 0
add ***v4
nei 3.3.3.3 ac
add ipv4 vrf abc
redistribute ospf 2 vrf abc
router ospf 2 vrf abc
net 12.12.12.2 0.0.0.0 a 0
redistribute bgp 10 su
Exit
R3:
router bgp 10
no bgp default ipv4
nei 2.2.2.2 remote 10
nei 2.2.2.2 up lo 0
nei 4.4.4.4 remote 10
nei 4.4.4.4 up lo 0
add ***v4
nei 2.2.2.2 ac
nei 2.2.2.2 route-reflector-c
nei 4.4.4.4 ac
nei 4.4.4.4 route-reflector-c
R4:
router bgp 10
no bgp defa ip
nei 3.3.3.3 remote 10
nei 3.3.3.3 up lo 0
add ***v4
nei 3.3.3.3 ac
同理R5,R6,R7,先把R2,R4之间的链路,R5,R7之间的链路shut掉。
背靠背的VRF是什么原理呢?
它在两个ASBR,R4,R5上创建一个或多个VRF,将BGP的路由导入VRF(redistribute),并且路由通过R4,R5之间的IGP传递,然后在对方的VRF表中导出入BGP。
也就是说R2,R3,R4之间传递的是×××V4的路由,而R4,R5之间传递的是IPV4的路由。
在这里提出一个问题,为什么R3上面有×××V4的路由,而R4上没有?难道没反射?
为了解决上面的问题,我在R4上创建VRF表:
R4(config)#ip vrf abc
R4(config-vrf)#rd 10:4
R4(config-vrf)#route-target export 10:4
R4(config-vrf)#route-target import 10:2
R4(config-vrf)#route-target import 20:5
然后将路由重分发进OSPF
R4(config)#int fa0/1
R4(config-if)#ip vrf forwarding abc
R4(config-if)#ip address 45.45.45.4 255.255.255.0
R4(config-if)#no shu
R4(config)#router ospf 2 vrf abc
R4(config-router)#net 45.45.45.4 0.0.0.0 a 0
R4(config-router)#redistribute bgp 10 su
在R5上创建VRF表并将BGP路由重分发进OSPF
R5(config)#ip vrf abc
R5(config-vrf)#rd 10:4
R5(config-vrf)#route-target export 20:5
R5(config-vrf)#route-target import 10:4
R5(config-vrf)#route-target import 20:7
然后将路由重分发进OSPF
R5(config)#int fa0/0
R5(config-if)#ip vrf forwarding abc
R5(config-if)#ip address 45.45.45.5 255.255.255.0
R5(config-if)#no shu
R5(config)#router ospf 2 vrf abc
R5(config-router)#net 45.45.45.50.0.0.0 a 0
R5(config-router)#redistribute bgp 10 su
现在查看一下R5的路由表:
R5#show ip route vrf abc
8.0.0.0/32 is subnetted, 1 subnets
B 8.8.8.8 [200/11] via 7.7.7.7, 00:00:12
78.0.0.0/24 is subnetted, 1 subnets
B 78.78.78.0 [200/0] via 7.7.7.7, 00:00:12
45.0.0.0/24 is subnetted, 1 subnets
C 45.45.45.0 is directly connected, FastEthernet0/0
?为什么没有从R4收到路由?
因为一个特性down bit位,所以要消除down bit的影响.
R5(config-router)#capability vrf-lite (注意我只在R5上配置)
此时再查看一下R5的VRF表
R5#show ip route vrf abc
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/21] via 45.45.45.4, 00:00:06, FastEthernet0/0
8.0.0.0/32 is subnetted, 1 subnets
B 8.8.8.8 [200/11] via 7.7.7.7, 00:01:27
78.0.0.0/24 is subnetted, 1 subnets
B 78.78.78.0 [200/0] via 7.7.7.7, 00:01:27
12.0.0.0/24 is subnetted, 1 subnets
O IA 12.12.12.0 [110/11] via 45.45.45.4, 00:00:06, FastEthernet0/0
45.0.0.0/24 is subnetted, 1 subnets
C 45.45.45.0 is directly connected, FastEthernet0/0
这里再查看一下R4的VRF表:
R4#show ip route vrf abc
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [200/11] via 2.2.2.2, 00:11:57
8.0.0.0/32 is subnetted, 1 subnets
O E2 8.8.8.8 [110/11] via 45.45.45.5, 00:00:00, FastEthernet0/1
78.0.0.0/24 is subnetted, 1 subnets
O E2 78.78.78.0 [110/1] via 45.45.45.5, 00:00:00, FastEthernet0/1
12.0.0.0/24 is subnetted, 1 subnets
B 12.12.12.0 [200/0] via 2.2.2.2, 00:11:57
45.0.0.0/24 is subnetted, 1 subnets
C 45.45.45.0 is directly connected, FastEthernet0/1
如果两边都配置命令capability vrf-lite ,那么两边都是E2,这是什么原因呢?
如果只在R5上配置,那么
R4#show ip route vrf abc 8.8.8.8
Routing entry for 8.8.8.8/32
Known via "ospf 2", distance 110, metric 11
Tag Complete, Path Length == 1, AS 20, , type extern 2, forward metric 10
Last update from 45.45.45.5 on FastEthernet0/1, 00:00:04 ago
Routing Descriptor Blocks:
* 45.45.45.5, from 45.45.45.5, 00:00:04 ago, via FastEthernet0/1
Route metric is 11, traffic share count is 1
Route tag 3489660948
R5#show ip route vrf abc 1.1.1.1
Routing entry for 1.1.1.1/32
Known via "ospf 2", distance 110, metric 21, type inter area
Last update from 45.45.45.4 on FastEthernet0/0, 00:00:04 ago
Routing Descriptor Blocks:
* 45.45.45.4, from 45.45.45.4, 00:00:04 ago, via FastEthernet0/0
Route metric is 21, traffic share count is 1
R5配置了关闭down bit检查,那么它发出的路由类型是E2,使用外部路由标记来检查是否发生了重复宣告进同一个AS的问题。而R4没有配置,则照常发送。
现在将OSPF路由重分发进BGP:
R4(config)#router bgp 10
R4(config-router)#address-family ipv4 vrf abc
R4(config-router-af)#redistribute ospf 2 vrf abcma in ex
(OSPF默认不将E的路由重分发进BGP)
R4(config-router-af)#exit
R5同理,但是要在R2和R7上添加导入。
最后以traceroute结束option1:
R1#traceroute 8.8.8.8
1 12.12.12.2 64 msec 60 msec 32 msec
2 23.23.23.3 [MPLS: Labels 301/404 Exp 0] 128 msec 120 msec 156 msec
3 45.45.45.4 [MPLS: Label 404 Exp 0] 124 msec 100 msec 96 msec
4 45.45.45.5 172 msec 124 msec 180 msec 中间是IPV4
5 56.56.56.6 [MPLS: Labels 601/703 Exp 0] 232 msec 252 msec 284 msec
6 78.78.78.7 [MPLS: Label 703 Exp 0] 292 msec 220 msec 192 msec
7 78.78.78.8 272 msec * 292 msec