OSPF在跨MPLS时,如果没有作特殊配置,经由BGP重分发的路由将以O E或者O N的形式进入OSPF domain。有时客户并不希望OSPF domain内出现这类路由,因此必须对跨MPLS ×××的OSPF进行相应设置。一是在PE的OSPF进程内添加domain-id,这样导入到对端OSPF时,对端OSPF进程将根据domain-id自动识别OSPF路由,但这种方法只能使从BGP获得的路由,以summary LSA的形式分发,对应路由为O IA;若MPLS ×××两端属于同一OSPF area,则可通过Sham-Link连接PE的OSPF进程,从而使得OSPF从BGP导入的路由以LSA 1的形式发布,对应路由条目为O。
一、拓扑
二、描述
图中R3、R4、R5、R7组成ISP骨干,Corp_A公司的两个站点R1(1.0.0.0/24)、R2(2.0.0.0/24)使用MPLS ×××进行互联。R1、R2共用一个OSPF area(area 12)。为区分Corp_A公司内部的路由,以及从其它合作伙伴导入的外部路由,Corp_A公司要求R1、R2站点之间的OSPF路由均为内部路由。这里介绍两种内部路由的生成原理,包括区域间路由(inter-area)和区域内路由(intra-area)。
三、原理
OSPF向BGP发送重分发的路由时,将生成一个Domain-ID字段。该字段将通过BGP的扩展团体属性(extend-community)转发到目的PE上。另一端PE的OSPF进程从BGP重分发过来的Domain-ID,并将其作为inter-area route处理;
另外,通过OSPF Sham-Link技术,可以在PE之间生成SuperBackBone。通过SuperBackBone,PE之间的OSPF进程为对端为同一区域的邻居,并认可以建立全毗邻关系,从而直接泛洪LSA type 1,此时生成的路由为intra-area route。
四、配置简介
Inter-area route:配置PE端OSPF进程的Domain-ID,使其一致(另外,若OSPF进程号一致,同样可以获得该效果,建议明文配置)
Intra-area route:首先在PE之间创建一个属于VRF内的Loopback地址,并将该地址通过MPBGP的VRF地址簇公布该接口;然后在该VRF的OSPF进程内配置sham-link,sham-link源地址为本PE的loopback,目的地址为对端PE的loopback地址。
五、配置
R3:
ip cef
!
ip vrf Corp_A
rd 65535:12
route-target export 65535:12
route-target import 65535:12
!
mpls label protocol ldp
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ip router isis
!
interface Loopback1
ip vrf forwarding Corp_A
ip address 192.168.34.3 255.255.255.255
!
interface FastEthernet0/0
description To Corp_A's Hub
ip vrf forwarding Corp_A
ip address 10.1.3.3 255.255.255.0
mpls ip
!
interface Serial0/0
description To CORE
ip address 10.3.5.3 255.255.255.0
ip router isis
mpls ip
clock rate 2000000
!
router ospf 100 vrf Corp_A
router-id 3.3.3.3
ip cef
!
ip vrf Corp_A
rd 65535:12
route-target export 65535:12
route-target import 65535:12
!
mpls label protocol ldp
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ip router isis
!
interface Loopback1
ip vrf forwarding Corp_A
ip address 192.168.34.3 255.255.255.255
!
interface FastEthernet0/0
description To Corp_A's Hub
ip vrf forwarding Corp_A
ip address 10.1.3.3 255.255.255.0
mpls ip
!
interface Serial0/0
description To CORE
ip address 10.3.5.3 255.255.255.0
ip router isis
mpls ip
clock rate 2000000
!
router ospf 100 vrf Corp_A
router-id 3.3.3.3
domain-id 0.0.0.12
area 12 sham-link 192.168.34.3 192.168.34.4 cost 10
redistribute bgp 345 subnets
network 10.1.3.3 0.0.0.0 area 12
!
router isis
net 46.3333.3333.3333.00
is-type level-2-only
!
router bgp 345
bgp router-id 3.3.3.3
no bgp default ipv4-unicast
neighbor LOCAL_AS peer-group
neighbor LOCAL_AS remote-as 345
neighbor LOCAL_AS update-source Loopback0
neighbor 5.5.5.5 peer-group LOCAL_AS
!
address-family ipv4
neighbor 5.5.5.5 activate
no auto-summary
no synchronization
exit-address-family
!
address-family ***v4
neighbor LOCAL_AS send-community extended
neighbor 5.5.5.5 activate
exit-address-family
!
address-family ipv4 vrf Corp_A
redistribute ospf 100 vrf Corp_A
no auto-summary
no synchronization
network 192.168.34.3 mask 255.255.255.255
area 12 sham-link 192.168.34.3 192.168.34.4 cost 10
redistribute bgp 345 subnets
network 10.1.3.3 0.0.0.0 area 12
!
router isis
net 46.3333.3333.3333.00
is-type level-2-only
!
router bgp 345
bgp router-id 3.3.3.3
no bgp default ipv4-unicast
neighbor LOCAL_AS peer-group
neighbor LOCAL_AS remote-as 345
neighbor LOCAL_AS update-source Loopback0
neighbor 5.5.5.5 peer-group LOCAL_AS
!
address-family ipv4
neighbor 5.5.5.5 activate
no auto-summary
no synchronization
exit-address-family
!
address-family ***v4
neighbor LOCAL_AS send-community extended
neighbor 5.5.5.5 activate
exit-address-family
!
address-family ipv4 vrf Corp_A
redistribute ospf 100 vrf Corp_A
no auto-summary
no synchronization
network 192.168.34.3 mask 255.255.255.255
exit-address-family
!
mpls ldp router-id Loopback0 force
!
!
mpls ldp router-id Loopback0 force
!
R4:
ip cef
!
ip vrf Corp_A
rd 65535:12
route-target export 65535:12
route-target import 65535:12
!
mpls label protocol ldp
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
ip router isis
!
interface Loopback1
ip vrf forwarding Corp_A
ip address 192.168.34.4 255.255.255.255
!
interface FastEthernet0/0
ip vrf forwarding Corp_A
ip address 10.2.4.4 255.255.255.0
mpls ip
!
interface Serial0/0
ip address 10.4.5.4 255.255.255.0
ip router isis
mpls ip
clock rate 2000000
!
router ospf 100 vrf Corp_A
router-id 4.4.4.4
ip cef
!
ip vrf Corp_A
rd 65535:12
route-target export 65535:12
route-target import 65535:12
!
mpls label protocol ldp
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
ip router isis
!
interface Loopback1
ip vrf forwarding Corp_A
ip address 192.168.34.4 255.255.255.255
!
interface FastEthernet0/0
ip vrf forwarding Corp_A
ip address 10.2.4.4 255.255.255.0
mpls ip
!
interface Serial0/0
ip address 10.4.5.4 255.255.255.0
ip router isis
mpls ip
clock rate 2000000
!
router ospf 100 vrf Corp_A
router-id 4.4.4.4
domain-id 0.0.0.12
area 12 sham-link 192.168.34.4 192.168.34.3 cost 10
redistribute bgp 345 subnets
network 10.2.4.4 0.0.0.0 area 12
!
router isis
net 46.4444.4444.4444.00
is-type level-2-only
!
router bgp 345
bgp router-id 4.4.4.4
no bgp default ipv4-unicast
neighbor LOCAL_AS peer-group
neighbor LOCAL_AS remote-as 345
neighbor LOCAL_AS update-source Loopback0
neighbor 5.5.5.5 peer-group LOCAL_AS
!
address-family ***v4
neighbor LOCAL_AS send-community extended
neighbor 5.5.5.5 activate
exit-address-family
!
address-family ipv4 vrf Corp_A
redistribute ospf 100 vrf Corp_A
no auto-summary
no synchronization
network 192.168.34.4 mask 255.255.255.255
exit-address-family
!
mpls ldp router-id Loopback0 force
network 10.2.4.4 0.0.0.0 area 12
!
router isis
net 46.4444.4444.4444.00
is-type level-2-only
!
router bgp 345
bgp router-id 4.4.4.4
no bgp default ipv4-unicast
neighbor LOCAL_AS peer-group
neighbor LOCAL_AS remote-as 345
neighbor LOCAL_AS update-source Loopback0
neighbor 5.5.5.5 peer-group LOCAL_AS
!
address-family ***v4
neighbor LOCAL_AS send-community extended
neighbor 5.5.5.5 activate
exit-address-family
!
address-family ipv4 vrf Corp_A
redistribute ospf 100 vrf Corp_A
no auto-summary
no synchronization
network 192.168.34.4 mask 255.255.255.255
exit-address-family
!
mpls ldp router-id Loopback0 force
使用黄底红字的语句时,在路由表中看到的路由为O IA;使用绿底黑字的语句时,在路由表中看到的路由为O。若两者都配齐,则按照sham-link优先,路由为O。
------------------------------------------------------------------
六、校验
Inter-area:
(一)检查PE的MPBGP是否有domain-id信息:
R3#show ip bgp ***v4 vrf Corp_A 2.0.0.0/24
BGP routing table entry for 65535:12:2.0.0.0/24, version 38
Paths: (1 available, best #1, table Corp_A)
Not advertised to any peer
Local
4.4.4.4 (metric 30) from 5.5.5.5 (5.5.5.5)
Origin incomplete, metric 11, localpref 100, valid, internal, best
Extended Community: RT:65535:12 OSPF DOMAIN ID:0x0005:0x0000000C0200
OSPF RT:0.0.0.12:2:0 OSPF ROUTER ID:4.4.4.4:512
Originator: 4.4.4.4, Cluster list: 5.5.5.5,
mpls labels in/out 29/21
BGP routing table entry for 65535:12:2.0.0.0/24, version 38
Paths: (1 available, best #1, table Corp_A)
Not advertised to any peer
Local
4.4.4.4 (metric 30) from 5.5.5.5 (5.5.5.5)
Origin incomplete, metric 11, localpref 100, valid, internal, best
Extended Community: RT:65535:12 OSPF DOMAIN ID:0x0005:0x0000000C0200
OSPF RT:0.0.0.12:2:0 OSPF ROUTER ID:4.4.4.4:512
Originator: 4.4.4.4, Cluster list: 5.5.5.5,
mpls labels in/out 29/21
(二)检查PE里是否被导入为LSA type 3:
R3#show ip ospf data sum
OSPF Router with ID (3.3.3.3) (Process ID 100)
Summary Net Link States (Area 12)
LS age: 164
Options: (No TOS-capability, DC, Downward)
LS Type: Summary Links(Network)
Link State ID: 2.0.0.0 (summary Network Number)
Advertising Router: 3.3.3.3
LS Seq Number: 80000001
Checksum: 0xFBA7
Length: 28
Network Mask: /24
TOS: 0 Metric: 11
OSPF Router with ID (3.3.3.3) (Process ID 100)
Summary Net Link States (Area 12)
LS age: 164
Options: (No TOS-capability, DC, Downward)
LS Type: Summary Links(Network)
Link State ID: 2.0.0.0 (summary Network Number)
Advertising Router: 3.3.3.3
LS Seq Number: 80000001
Checksum: 0xFBA7
Length: 28
Network Mask: /24
TOS: 0 Metric: 11
(三)检查CE路由表:
R1#show ip route ospf
2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
O IA 2.2.2.2/32 [110/21] via 10.1.3.3, 00:00:10, FastEthernet0/0
O IA 2.0.0.0/24 [110/21] via 10.1.3.3, 00:00:10, FastEthernet0/0
10.0.0.0/24 is subnetted, 2 subnets
O IA 10.2.4.0 [110/11] via 10.1.3.3, 00:00:10, FastEthernet0/0
2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
O IA 2.2.2.2/32 [110/21] via 10.1.3.3, 00:00:10, FastEthernet0/0
O IA 2.0.0.0/24 [110/21] via 10.1.3.3, 00:00:10, FastEthernet0/0
10.0.0.0/24 is subnetted, 2 subnets
O IA 10.2.4.0 [110/11] via 10.1.3.3, 00:00:10, FastEthernet0/0
-----------
Intra-area:
(一)检验Sham-link的建立情况
R3#show ip ospf sham
Sham Link OSPF_SL0 to address 192.168.34.4 is up
Area 12 source address 192.168.34.3
Run as demand circuit
DoNotAge LSA allowed. Cost of using 10 State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40,
Hello due in 00:00:00
Adjacency State FULL (Hello suppressed)
Index 2/2, retransmission queue length 0, number of retransmission 1
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 1, maximum is 1
Last retransmission scan time is 0 msec, maximum is 0 msec
Sham Link OSPF_SL0 to address 192.168.34.4 is up
Area 12 source address 192.168.34.3
Run as demand circuit
DoNotAge LSA allowed. Cost of using 10 State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40,
Hello due in 00:00:00
Adjacency State FULL (Hello suppressed)
Index 2/2, retransmission queue length 0, number of retransmission 1
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 1, maximum is 1
Last retransmission scan time is 0 msec, maximum is 0 msec
(二)检查是否与对端PE建立全毗邻关系:
R3#show ip ospf nei
Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 1 FULL/BDR 00:00:38 10.1.3.1 FastEthernet0/0
4.4.4.4 0 FULL/ - - 192.168.34.4 OSPF_SL0
Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 1 FULL/BDR 00:00:38 10.1.3.1 FastEthernet0/0
4.4.4.4 0 FULL/ - - 192.168.34.4 OSPF_SL0
检查LSDB的LSA是否为LSA type 1
R3#show ip ospf data
OSPF Router with ID (3.3.3.3) (Process ID 100)
Router Link States (Area 12)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 335 0x80000002 0x0034A5 3
2.2.2.2 2.2.2.2 46 (DNA) 0x80000002 0x009B2B 3
3.3.3.3 3.3.3.3 289 0x80000003 0x001F95 2
4.4.4.4 4.4.4.4 5 (DNA) 0x80000003 0x00C2E7 2
OSPF Router with ID (3.3.3.3) (Process ID 100)
Router Link States (Area 12)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 335 0x80000002 0x0034A5 3
2.2.2.2 2.2.2.2 46 (DNA) 0x80000002 0x009B2B 3
3.3.3.3 3.3.3.3 289 0x80000003 0x001F95 2
4.4.4.4 4.4.4.4 5 (DNA) 0x80000003 0x00C2E7 2
output omittd
(三)检查CE路由表:
R1#show ip route ospf
2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
O 2.2.2.2/32 [110/31] via 10.1.3.3, 00:01:06, FastEthernet0/0
O 2.0.0.0/24 [110/31] via 10.1.3.3, 00:01:06, FastEthernet0/0
10.0.0.0/24 is subnetted, 2 subnets
O 10.2.4.0 [110/30] via 10.1.3.3, 00:01:06, FastEthernet0/0
2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
O 2.2.2.2/32 [110/31] via 10.1.3.3, 00:01:06, FastEthernet0/0
O 2.0.0.0/24 [110/31] via 10.1.3.3, 00:01:06, FastEthernet0/0
10.0.0.0/24 is subnetted, 2 subnets
O 10.2.4.0 [110/30] via 10.1.3.3, 00:01:06, FastEthernet0/0