全网最细华为路由器mpls 虚拟专用网络intranet 组网配置

关注我,后续将发布更多干货内容。(需要学习华为数通认证培训以及认证题库的私)

1.实验环境: CE1和CE2属于1、CE3和CE4属于2。要求1的RD值配置为100:1,RT值配置为100:1 both。2的RD值配置为200:1,RT值配置为200:1both。最终要求CE1能访问CE2、CE3能访问CE4。

(1)配置互联ip地址如图所示,每个设备配置对应的环回口。

(2)CE1、CE2与PE设备之间运行ospf协议。CE3和CE4与PE设备之间运行BGP协议。

(3)isp内部的IGP协议选择ospf,并且运行MPLS-ldp,建立lsp隧道。PE1和PE2建立MP-BGP邻居关系,传递私网路由。

2.实验目的:

①掌握mpls 的基本配置

②掌握mpls 中v4路由传递过程

③掌握mpls 中数据的传递过程

3.实验拓扑:

配置MPLS VPN基本组网-intranet实验拓扑如图所示。

全网最细华为路由器mpls 虚拟专用网络intranet 组网配置_第1张图片

4.实验步骤:

1)配置ip地址,ip地址规划见表。(接口属于实例的ip地址步骤4再配置)

mpls 基本组网-intranet ip地址规划表

设备名称

接口编号

Ip地址

所属Vpn实例

PE1

G0/0/1

12.1.1.1/24

PE1

G0/0/0

192.168.1.1/24

1

PE1

G0/0/2

192.168.1.1/24

2

PE1

Loopback 0

1.1.1.1/32

P

G0/0/0

12.1.1.2/24

P

G0/0/1

23.1.1.1/24

P

Loopback0

2.2.2.2/32

PE2

G0/0/0

23.1.1.2/24

PE2

G0/0/1

172.16.1.1/24

1

PE2

G0/0/2

172.16.1.1/24

2

PE2

Loopback0

3.3.3.3/32

CE1

G0/0/0

192.168.1.2/24

CE1

Loopback0

10.10.10.10/32

CE3

G0/0/0

192.168.1.2/24

CE3

Loopback0

30.30.30.30/32

CE2

G0/0/0

172.16.1.2/24

CE2

Loopback0

20.20.20.20/32

CE4

G0/0/0

172.16.1.2/24

CE4

Loopback0

40.40.40.40/32

2)配置ISP内部的ospf协议

PE1的配置:

[PE1]ospf 
[PE1-ospf-1]area 0
[PE1-ospf-1-area-0.0.0.0]network 12.1.1.0 0.0.0.255
[PE1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0

P的配置:

[P]ospf
[P-ospf-1]area 0 
[P-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0
[P-ospf-1-area-0.0.0.0]network 12.1.1.0 0.0.0.255
[P-ospf-1-area-0.0.0.0]network 23.1.1.0 0.0.0.255

PE2的配置:

[PE2]ospf
[PE2-ospf-1]area 0
[PE2-ospf-1-area-0.0.0.0]network 23.1.1.0 0.0.0.255
[PE2-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0

查看PE1是否有ISP内部路由

[PE1]display ip routing-table 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
        Destinations : 11       Routes : 11       
 
 
Destination/Mask   Proto   Pre  Cost     Flags NextHop         Interface
 
       1.1.1.1/32  Direct  0   0           D   127.0.0.1       LoopBack0
       2.2.2.2/32  OSPF    10  1           D   12.1.1.2        GigabitEthernet
0/0/1
       3.3.3.3/32  OSPF    10  2           D   12.1.1.2        GigabitEthernet
0/0/1
      12.1.1.0/24  Direct  0   0           D   12.1.1.1        GigabitEthernet
0/0/1
      12.1.1.1/32  Direct  0   0           D   127.0.0.1       GigabitEthernet
0/0/1
    12.1.1.255/32  Direct  0   0           D   127.0.0.1       GigabitEthernet
0/0/1
      23.1.1.0/24  OSPF    10  2           D   12.1.1.2        GigabitEthernet
0/0/1
     127.0.0.0/8   Direct  0   0           D   127.0.0.1       InLoopBack0
     127.0.0.1/32  Direct  0   0           D   127.0.0.1       InLoopBack0
127.255.255.255/32 Direct  0    0          D   127.0.0.1       InLoopBack0
255.255.255.255/32 Direct  0    0          D   127.0.0.1       InLoopBack0

可以看到PE1设备有ISP内部的路由。

3)配置ISP内部的mpls及mpls ldp,建立公网的lsp隧道

PE1的配置:

[PE1]mpls lsr-id 1.1.1.1
[PE1]mpls 
[PE1]mpls  ldp     
[PE1]interface g0/0/1
[PE1-GigabitEthernet0/0/1]mpls
[PE1-GigabitEthernet0/0/1]mpls ldp

P的配置:

[P]mpls lsr-id 2.2.2.2
[P]mpls 
[P]mpls  ldp  
[P]interface g0/0/1
[P-GigabitEthernet0/0/1]mpls
[P-GigabitEthernet0/0/1]mpls ldp
[P]interface g0/0/0
[P-GigabitEthernet0/0/0]mpls
[P-GigabitEthernet0/0/0]mpls ldp

PE2的配置:

[PE2]mpls lsr-id 3.3.3.3
[PE2]mpls 
[PE2]mpls  ldp     
[PE2]interface g0/0/0
[PE2-GigabitEthernet0/0/0]mpls
[PE2-GigabitEthernet0/0/0]mpls ldp

查看PE1的lsp信息

[PE1]display mpls lsp 
-------------------------------------------------------------------------------
                LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC               In/Out Label  In/Out IF                      Vrf Name       
1.1.1.1/32        3/NULL        -/-                                           
2.2.2.2/32        NULL/3        -/GE0/0/1                                     
2.2.2.2/32        1024/3        -/GE0/0/1                                     
3.3.3.3/32        NULL/1025     -/GE0/0/1                                     
3.3.3.3/32        1025/1025     -/GE0/0/1                                     

可以看到PE设备已经为32位的环回口地址分配了标签,并建立了lsp隧道。

4)配置实例,将接口加入到实例。

在PE1和PE2上为不同的配置实例。(在ISP中会接入很多不同的客户即CE设备,CE设备的ip地址可能会出现冲突现象,因此配置不同的实例可以将不同用户的路由放到不同的实例路由表中,实现逻辑隔离)

PE1的配置:

[PE1]ip -instance 1 //创建实例,命名位1
[PE1--instance-1]ipv4-family //进入ipv4地址族视图
[PE1--instance-1-af-ipv4]route-distinguisher100:1 //配置RD为100:1
[PE1--instance-1-af-ipv4]-target 100:1 both//配置import、export RT都为100:1
[PE1]ip -instance 2
[PE1--instance-2]ipv4-family
[PE1--instance-2-af-ipv4]route-distinguisher200:1
[PE1--instance-2-af-ipv4]-target 200:1 both

PE2的配置:

[PE2]ip -instance 1
[PE2--instance-1] ipv4-family
[PE2--instance-1-af-ipv4]  route-distinguisher 100:1
[PE2--instance-1-af-ipv4]  -target 100:1 both
[PE2]ip -instance 2
[PE2--instance-2] ipv4-family
[PE2--instance-2-af-ipv4]  route-distinguisher 200:1
[PE2--instance-2-af-ipv4]  -target 200:1 both

RD作用:用于标记v4路由,bgp传递v4路由的时候会携带RD值,代表这是一条唯一的v4路由。

RT作用:用于控制v4路由的接收,出方向RT等于对端设备入方向RT则接收路由,并且将路由加入到对应的实例路由表中。

将接口加入到对应的实例

PE1的配置:

[PE1]interface g0/0/0
[PE1-GigabitEthernet0/0/0]ip binding  -instance 1 //将G0/0/0口绑定到实例1中
[PE1-GigabitEthernet0/0/0]ip address  192.168.1.1 24 
[PE1]interface g0/0/2
[PE1-GigabitEthernet0/0/2]ip binding -instance2 //将G0/0/2口绑定到实例2中
[PE1-GigabitEthernet0/0/2]ip address  192.168.1.1 24

通过:display ip routing-table -instance 1、display ip routing-table -instance 2 查看不同实例的路由表。可以看到G0/0/0口与G0/0/2口的直连路由虽然ip地址相同,但是属于不同的实例的路由表中,实现逻辑隔离。

[PE1]display ip routing-table  -instance1
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: 1
        Destinations : 4        Routes :4        
 
Destination/Mask   Proto   Pre  Cost     Flags NextHop         Interface
 
   192.168.1.0/24  Direct  0   0           D   192.168.1.1     GigabitEthernet
0/0/0
    192.168.1.1/32  Direct 0    0           D  127.0.0.1       GigabitEthernet
0/0/0
 192.168.1.255/32  Direct  0   0           D   127.0.0.1       GigabitEthernet
0/0/0
255.255.255.255/32 Direct  0    0          D   127.0.0.1       InLoopBack0

[PE1]display ip routing-table -instance 2
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: 2
        Destinations : 4        Routes :4        
 
Destination/Mask   Proto   Pre  Cost     Flags NextHop         Interface
 
   192.168.1.0/24  Direct  0   0           D   192.168.1.1     GigabitEthernet
0/0/2
    192.168.1.1/32  Direct 0    0           D  127.0.0.1       GigabitEthernet
0/0/2
  192.168.1.255/32  Direct 0    0           D  127.0.0.1       GigabitEthernet
0/0/2
255.255.255.255/32 Direct  0    0          D   127.0.0.1       InLoopBack0

PE2的配置:

[PE2]interface g0/0/1 
[PE2-GigabitEthernet0/0/1]ip binding -instance1
[PE2-GigabitEthernet0/0/1]ip address  172.16.1.1 24 
[PE2]interface g0/0/2
[PE2-GigabitEthernet0/0/2]ip binding -instance2
[PE2-GigabitEthernet0/0/2]ip address  172.16.1.1 24

5)按照题目需求,配置CE和PE之间的路由协议

PE1的ospf配置:

[PE1]ospf 100 -instance 1 //将ospf 100绑定到实例1
[PE1-ospf-100]area 0
[PE1-ospf-100-area-0.0.0.0]network 192.168.1.00.0.0.255

CE1的ospf配置

[CE1]ospf 100 
[CE1-ospf-100]area 0 
[CE1-ospf-100-area-0.0.0.0]network  10.10.10.10 0.0.0.0
[CE1-ospf-100-area-0.0.0.0]network  192.168.1.0 0.0.0.255

等待邻居建立,查看PE1的实例1的路由表中能否学习到CE1的路由信息

[PE1]display ip routing-table -instance 1
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: 1
        Destinations : 5        Routes :5        
 
Destination/Mask   Proto   Pre  Cost     Flags NextHop         Interface
 
   10.10.10.10/32  OSPF    10  1           D   192.168.1.2     GigabitEthernet
0/0/0
   192.168.1.0/24  Direct  0   0           D   192.168.1.1     GigabitEthernet
0/0/0
   192.168.1.1/32  Direct  0   0           D   127.0.0.1       GigabitEthernet
0/0/0
 192.168.1.255/32  Direct  0   0           D   127.0.0.1       GigabitEthernet
0/0/0
255.255.255.255/32 Direct  0    0          D   127.0.0.1       InLoopBack0
可以看到实例1可以学习到10.10.10.10/32的路由信息。

PE2的ospf配置

[PE2]ospf 100 -instance  1
[PE2-ospf-100]area 0
[PE2-ospf-100-area-0.0.0.0]network 172.16.1.00.0.0.255

CE2的ospf配置

[CE2]ospf 100
[CE2-ospf-100]area 0
[CE2-ospf-100-area-0.0.0.0]network 172.16.1.00.0.0.255
[CE2-ospf-100-area-0.0.0.0]network 20.20.20.200.0.0.0

等待邻居建立,查看PE2的实例1的路由表中能否学习到CE2的路由信息

[PE2]display ip routing-table -instance  1
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: 1
        Destinations : 5        Routes :5        
 
Destination/Mask   Proto   Pre  Cost     Flags NextHop         Interface
 
   20.20.20.20/32  OSPF    10  1           D   172.16.1.2      GigabitEthernet
0/0/1
    172.16.1.0/24  Direct  0   0           D   172.16.1.1      GigabitEthernet
0/0/1
    172.16.1.1/32  Direct  0   0           D   127.0.0.1       GigabitEthernet
0/0/1
  172.16.1.255/32  Direct  0   0           D   127.0.0.1       GigabitEthernet
0/0/1
255.255.255.255/32 Direct  0    0          D   127.0.0.1       InLoopBack0

可以看到实例1可以学习到20.20.20.20/32的路由信息。

PE1的BGP配置:

[PE1]bgp  100
[PE1-bgp]ipv4-family -instance 2 //进入实例2的地址族
[PE1-bgp-2]peer 192.168.1.2 as-number 200 //配置与CE3的EBGP邻居关系

CE3的BGP配置

[CE3]bgp  200 
[CE3-bgp]peer 192.168.1.1 as-number 100
[CE3-bgp]network 30.30.30.30 32

查看PE1和CE3的BGP邻居关系

display bgp  v4 all  peer 
 
 BGP localrouter ID : 12.1.1.1
 Local ASnumber : 100
 Total numberof peers : 1           Peers in established state : 1
 
  Peer            V          AS MsgRcvd  MsgSent  OutQ Up/Down       State PrefRcv
 
  Peer ofIPv4-family for  instance :
 
 VPN-Instance2, Router ID 12.1.1.1:
 192.168.1.2     4         200       17      17     0 00:14:37 Established     1

可以看到,设备之间建立了实例的邻居关系

查看PE1的实例2的路由表中能否学习到CE3的路由信息

[PE1]display ip routing-table  -instance2
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: 2
         Destinations : 5        Routes : 5        
 
Destination/Mask   Proto   Pre  Cost     Flags NextHop         Interface
 
   30.30.30.30/32  EBGP    255 0           D   192.168.1.2     GigabitEthernet
0/0/2
   192.168.1.0/24  Direct  0   0           D   192.168.1.1    GigabitEthernet
0/0/2
   192.168.1.1/32  Direct  0   0           D   127.0.0.1       GigabitEthernet
0/0/2
 192.168.1.255/32  Direct  0   0           D   127.0.0.1       GigabitEthernet
0/0/2
255.255.255.255/32 Direct  0    0          D   127.0.0.1       InLoopBack0

可以看到实例2可以学习到30.30.30.30/32的路由信息。再次查看BGP的v4路由表。

[PE1]display bgp  v4 all  routing-table 
 
 
 BGP Localrouter ID is 12.1.1.1 
 Status codes:* - valid, > - best, d - damped,
              h - history,  i - internal, s -suppressed, S - Stale
              Origin : i - IGP, e - EGP, ? - incomplete
 
 Total numberof routes from all PE: 1
 RouteDistinguisher: 200:1 
 
     Network            NextHop        MED        LocPrf    PrefVal Path/Ogn
 
 *>   30.30.30.30/32     192.168.1.2     0                     0      200i
 
 VPN-Instance2, Router ID 12.1.1.1:
 
 Total Numberof Routes: 1
     Network            NextHop        MED        LocPrf    PrefVal Path/Ogn
 
 *>   30.30.30.30/32     192.168.1.2     0                    0      200i

可以看到30.30.30.30/32的路由直接导入到了BGP的v4路由表中,其中分为了RD为200:1的路由,以及VPN实例VPN2的路由,那么为说明CE1的10.10.10.10/32的路由并没有出现在这张路由表中呢?

因为CE1和PE1之间的运行的是ospf协议,而此表项为v4的路由表,如果向将CE1的路由导入到v4路由表中再传递给对端PE2,那么PE1就必须在BGP中引入ospf100的路由,并且再将BGP的路由引入到ospf 100,间v4路由传递给CE1。(此步骤我们在步骤6中体现)

PE2的BGP配置:

[PE2]bgp 100 
[PE2-bgp]ipv4-family -instance 2
[PE2-bgp-2]peer 172.16.1.2 as-number 300
 
CE4的BGP配置:
[CE4]bgp  300
[CE4-bgp]peer 172.16.1.1 as-number 100
[CE4-bgp]network 40.40.40.40 32

查看PE2的VPNV4路由

[PE2]display bgp v4 all  routing-table 
 
 
 BGP Localrouter ID is 23.1.1.2 
 Status codes:* - valid, > - best, d - damped,
              h - history,  i - internal, s -suppressed, S - Stale
              Origin : i - IGP, e - EGP, ? - incomplete
 
 Total numberof routes from all PE: 1
 RouteDistinguisher: 200:1 
 
     Network            NextHop        MED        LocPrf    PrefVal Path/Ogn
 
 *>   40.40.40.40/32     172.16.1.2      0                     0      300i
 
 VPN-Instance2, Router ID 23.1.1.2:
 
 Total Numberof Routes: 1
     Network            NextHop        MED        LocPrf    PrefVal Path/Ogn
 
 *>   40.40.40.40/32     172.16.1.2      0                     0      300i

6)将PE1、PE2的ospf 100的路由引入到BGP中,把实例1的路由变为v4路由,在步骤7使用MP-BGP传递给对端PE,并且将BGP的路由引入到ospf100中。

PE1的配置:

[PE1]bgp  100 
[PE1-bgp]ipv4-family -instance 1
[PE1-bgp-1]import-route  ospf 100 //在bgp的实例1中引入ospf100的路由

查看PE1的v4路由表:

[PE1]display bgp  v4 all  routing-table 
 
 
 BGP Localrouter ID is 12.1.1.1 
 Status codes:* - valid, > - best, d - damped,
              h - history,  i - internal, s -suppressed, S - Stale
              Origin : i - IGP, e - EGP, ? - incomplete
 
 Total numberof routes from all PE: 3
 RouteDistinguisher: 100:1 
 
     Network            NextHop        MED        LocPrf    PrefVal Path/Ogn
 
 *>   10.10.10.10/32     0.0.0.0         2                     0      ?
 *>   192.168.1.0        0.0.0.0         0                     0      ?
 
 RouteDistinguisher: 200:1 
 
 
     Network            NextHop        MED        LocPrf    PrefVal Path/Ogn
 
 *>   30.30.30.30/32     192.168.1.2     0                     0      200i
 
 VPN-Instance1, Router ID 12.1.1.1:
 
 Total Numberof Routes: 2
     Network            NextHop        MED        LocPrf    PrefVal Path/Ogn
 
 *>   10.10.10.10/32     0.0.0.0         2                     0      ?
 *>   192.168.1.0        0.0.0.0         0                     0      ?
 
 VPN-Instance2, Router ID 12.1.1.1:
 
 Total Numberof Routes: 1
     Network            NextHop        MED        LocPrf    PrefVal Path/Ogn
 
 *>   30.30.30.30/32     192.168.1.2     0                     0      200i

可以看到10.10.10.10/32的路由以及被导入到v4路由表中了。

将bgp的路由再次引入到ospf 100 中,其目的是对端的PE2将CE2的路由发送给bgp时,再把BGP的路由引入到ospf 100 ,PE1就能将CE2的路由发送给CE1了。

PE1的配置:

[PE1]ospf 100 
[PE1-ospf-100]import-route  bgp  

PE2的配置:

[PE2]bgp  100 
[PE2-bgp]ipv4-family -instance 1
[PE2-bgp-1]import-route  ospf 100
[PE2]ospf 100
[PE2-ospf-100]import-route bgp

7)配置PE1和PE2之间的MP-BGP,传递各个站点之间的VPNV4路由信息。

PE1的配置:

[PE1]bgp  100
[PE1-bgp]peer 3.3.3.3 as-number 100
[PE1-bgp]peer 3.3.3.3 connect-interface LoopBack 0
[PE1-bgp]ipv4-family v4 //进入v4地址族
[PE1-bgp-af-v4]peer 3.3.3.3 enable //使能3.3.3.3对等体的v4邻居关系

PE2的配置:

[PE2]bgp  100
[PE2-bgp]peer 1.1.1.1 as-number 100
[PE2-bgp]peer 1.1.1.1 connect-interface LoopBack 0
[PE2-bgp]ipv4-family v4       
[PE2-bgp-af-v4]peer  1.1.1.1 enable

查看v4邻居建立情况

[PE1]display bgp  v4 all  peer 
 
 BGP localrouter ID : 12.1.1.1
 Local ASnumber : 100
 Total numberof peers : 2           Peers in established state : 2
 
  Peer            V          AS MsgRcvd  MsgSent  OutQ Up/Down       State Pre
fRcv
 
  3.3.3.3         4        100        6        6    0 00:01:49 Established    
   3
 
  Peer ofIPv4-family for  instance :
 
 VPN-Instance2, Router ID 12.1.1.1:
 192.168.1.2     4         200       38      40     0 00:36:01 Established 

可以看到PE1和PE2已经建立了MP-BGP邻居关系

查看对端的VPNV4路由是否传递

[PE1]display bgp v4 all  routing-table 
 
 
 BGP Localrouter ID is 12.1.1.1 
 Status codes:* - valid, > - best, d - damped,
              h - history,  i - internal, s -suppressed, S - Stale
              Origin : i - IGP, e - EGP, ? - incomplete
 
 Total numberof routes from all PE: 6
 RouteDistinguisher: 100:1 
 
 
     Network            NextHop        MED        LocPrf    PrefVal Path/Ogn
 
 *>   10.10.10.10/32     0.0.0.0         2                     0      ?
 *>i  20.20.20.20/32     3.3.3.3         2          100        0     ?
 *>i  172.16.1.0/24      3.3.3.3         0          100        0     ?
 *>   192.168.1.0        0.0.0.0         0                     0      ?
 
 RouteDistinguisher: 200:1 
 
 
     Network            NextHop        MED        LocPrf    PrefVal Path/Ogn
 
 *>   30.30.30.30/32     192.168.1.2     0                     0      200i
 *>i  40.40.40.40/32     3.3.3.3         0         100        0     300i
 
 VPN-Instance1, Router ID 12.1.1.1:
 
 Total Numberof Routes: 4
     Network            NextHop        MED        LocPrf    PrefVal Path/Ogn
 
 *>   10.10.10.10/32     0.0.0.0         2                     0      ?
 *>i  20.20.20.20/32     3.3.3.3         2          100        0     ?
 *>i  172.16.1.0/24      3.3.3.3         0          100        0     ?
 *>   192.168.1.0        0.0.0.0         0                     0     ?
 
 VPN-Instance2, Router ID 12.1.1.1:
 
 Total Numberof Routes: 2
     Network            NextHop        MED        LocPrf    PrefVal Path/Ogn
 
 *>   30.30.30.30/32     192.168.1.2     0                     0      200i
 *>i  40.40.40.40/32     3.3.3.3         0          100        0     300i

可以看到,VPNV4路由中的实例1、2中各自携带各个站点的路由信息。

查看CE1和CE3的路由

display ip routing-table protocol ospf 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
        Destinations : 2        Routes :2        
 
OSPF routing table status : 
        Destinations : 2        Routes : 2
 
Destination/Mask   Proto   Pre  Cost     Flags NextHop         Interface
 
   20.20.20.20/32  OSPF    10  3           D   192.168.1.1     GigabitEthernet
0/0/0
    172.16.1.0/24  O_ASE   150 1           D   192.168.1.1     GigabitEthernet
0/0/0

CE1学习到了CE2的路由信息。

display ip routing-table protocol bgp 
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : BGP
        Destinations : 1        Routes :1        
 
BGP routing table status : 
        Destinations : 1        Routes : 1
 
Destination/Mask   Proto   Pre  Cost     Flags NextHop         Interface
 
   40.40.40.40/32  EBGP    255 0           D   192.168.1.1     GigabitEthernet
0/0/0

CE3学习到了CE4的路由信息。

8)测试网络连通性,理解mpls 的转发流程

ping 20.20.20.20
  PING20.20.20.20: 56  data bytes, press CTRL_Cto break
    Reply from20.20.20.20: bytes=56 Sequence=1 ttl=252 time=60 ms
    Reply from20.20.20.20: bytes=56 Sequence=2 ttl=252 time=40 ms
    Reply from20.20.20.20: bytes=56 Sequence=3 ttl=252 time=30 ms
    Reply from20.20.20.20: bytes=56 Sequence=4 ttl=252 time=40 ms
    Reply from20.20.20.20: bytes=56 Sequence=5 ttl=252 time=40 ms
 
  ---20.20.20.20 ping statistics ---
    5 packet(s)transmitted
    5 packet(s)received
    0.00%packet loss
    round-tripmin/avg/max = 30/42/60 ms

ping -a 30.30.30.30 40.40.40.40
  PING40.40.40.40: 56  data bytes, press CTRL_Cto break
    Reply from40.40.40.40: bytes=56 Sequence=1 ttl=252 time=40 ms
    Reply from40.40.40.40: bytes=56 Sequence=2 ttl=252 time=30 ms
    Reply from40.40.40.40: bytes=56 Sequence=3 ttl=252 time=40 ms
    Reply from40.40.40.40: bytes=56 Sequence=4 ttl=252 time=30 ms
    Reply from40.40.40.40: bytes=56 Sequence=5 ttl=252 time=30 ms
 
  ---40.40.40.40 ping statistics ---
    5 packet(s)transmitted
    5 packet(s)received
    0.00%packet loss
    round-trip min/avg/max = 30/34/40 ms

测试结果表明,CE1能访问CE2。CE3能访问CE4 。那么具体的通信过程是怎样的呢。

我们来根据以下几个表项了解下,以CE1访问20.20.20.20/32的目标网段为例:

查看私网路由的标签分配情况,

display bgp  v4 all  routing-table label 
 
----------------------------------------------------------------
 VPN-Instance1, Router ID 12.1.1.1:
 
 Total Numberof Routes: 2
 
 
       Network           NextHop           In/Out Label
 
 *>i    20.20.20.20       3.3.3.3           NULL/1028
 *>i    172.16.1.0        3.3.3.3           NULL/1027
 
 VPN-Instance2, Router ID 12.1.1.1:
 
 Total Numberof Routes: 1
 
 
       Network           NextHop           In/Out Label
 
 *>i    40.40.40.40       3.3.3.3           NULL/1026

可以看到PE2为20.20.20.20/32分配了私网标签1028 。

查看公网标签分配情况

display mpls  lsp 
-------------------------------------------------------------------------------
                LSP Information: BGP  LSP
-------------------------------------------------------------------------------
FEC               In/Out Label  In/Out IF                      Vrf Name       
30.30.30.30/32    1026/NULL     -/-                            2           
192.168.1.0/24    1027/NULL     -/-                            1           
10.10.10.10/32    1028/NULL     -/-                            1           
-------------------------------------------------------------------------------
                LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC               In/Out Label  In/Out IF                      Vrf Name       
1.1.1.1/32        3/NULL        -/-                                           
2.2.2.2/32        NULL/3        -/GE0/0/1                                     
2.2.2.2/32        1024/3        -/GE0/0/1                                     
3.3.3.3/32         NULL/1025     -/GE0/0/1                                     
3.3.3.3/32        1025/1025     -/GE0/0/1    

通过上述表项内容可知,PE1收到目标网段为20.20.20.20数据时,先打上私网标签1028,下一跳为3.3.3.3。因此将迭代进入mpls ldp建立的公网lsp隧道。出标签为1025。因此内层标签为私网标签1028、出标签为公网标签1025。

在CE1访问20.20.20.20/32的同时在PE1的G0/0/1口抓包,查看抓包情况,如图所示。

PE1的G0/0/1口抓包结果

因此此数据可以通过外层标签(mplslsp 隧道)发送到PE2,PE2再查看内层标签1028,通过mpls标签表现决定发往哪个实例。由下图可知,入标签为1028的数据将发往1。PE2查看VPN1实例的路由表决定发往哪个接口。

display mpls  lsp 
-------------------------------------------------------------------------------
                LSP Information: BGP  LSP
-------------------------------------------------------------------------------
FEC               In/Out Label  In/Out IF                      Vrf Name       
40.40.40.40/32    1026/NULL     -/-                            2           
172.16.1.0/24     1027/NULL     -/-                            1           
20.20.20.20/32    1028/NULL     -/-                            1           
-------------------------------------------------------------------------------
                LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC               In/Out Label  In/Out IF                      Vrf Name       
1.1.1.1/32        NULL/1024     -/GE0/0/0                                     
1.1.1.1/32        1024/1024     -/GE0/0/0                                     
2.2.2.2/32        NULL/3        -/GE0/0/0                                     
2.2.2.2/32        1025/3        -/GE0/0/0                                     
3.3.3.3/32        3/NULL        -/-

查看PE2的实例1的路由表

[PE2]display ip routing-table -instance 1
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: 1
        Destinations : 7        Routes :7        
 
Destination/Mask   Proto   Pre  Cost     Flags NextHop         Interface
 
   10.10.10.10/32  IBGP    255 2          RD   1.1.1.1         GigabitEthernet0/0/0
    20.20.20.20/32  OSPF   10   1           D  172.16.1.2      GigabitEthernet0/0/1
    172.16.1.0/24  Direct  0   0           D   172.16.1.1      GigabitEthernet0/0/1
    172.16.1.1/32  Direct  0   0           D   127.0.0.1       GigabitEthernet0/0/1
  172.16.1.255/32  Direct  0   0           D   127.0.0.1       GigabitEthernet0/0/1
   192.168.1.0/24  IBGP    255 0          RD   1.1.1.1         GigabitEthernet0/0/0
255.255.255.255/32 Direct  0    0          D   127.0.0.1       InLoopBack0

最终PE2查看1的路由表可以将数据从G0/0/1接口发出,发往172.16.1.2(即CE2)。

你可能感兴趣的:(网络)