MPLS VPN Hub&Spole理论及实验配置

MPLS VPN Hub&Spole理论及实验配置_第1张图片

实现利用MPLS VPN技术实现R5与R6互访时流量需要经过R4

数据包转发过程

  1. R6访问R5,R6产生数据包,源地址192.168.6.6 目的地址192.168.5.5
  2. 根据路由表将数据包交给了R3,进入R3时因为接口绑定在了R3的VRF实例中,所以数据包直接进入R3的VRF实例,并查看VRF的转发表
  3. 发现目的地址的路由隧道ID为0x3,就将数据包交到了对应的隧道中,封装了MP-BGP标签,另外按照MPLS隧道的出口将数据包发给了R1
  4. R1收到数据包后根据MP-BGP的标签把数据包转给了R1的VRF in实例
  5. R1根据VRF in实例的路由表按照下一跳通过ospf 14将数据包转给了R4
  6. R4收到数据包之后查询路由表,又按照ospf 41将数据包交给了R1的VRF out实例
  7. 收到数据包后,查询VRF out的路由表,下一跳交给了R2,R2又通过用户侧的路由交给了R5
1.底层IGP互通
		R1
		isis 1
		is-level level-2
		cost-style wide
		network-entity 49.0000.0000.0001.00
		
		R2
		isis 1
		is-level level-2
		cost-style wide
		network-entity 49.0000.0000.0002.00
		
		R3
		isis 1
		is-level level-2
		cost-style wide
		network-entity 49.0000.0000.0003.00
	2.BGP建立,并启用VPN V4路由
		R1
		bgp 123
		 peer 2.2.2.2 as-number 123 
		 peer 2.2.2.2 connect-interface LoopBack0
		 peer 3.3.3.3 as-number 123 
		 peer 3.3.3.3 connect-interface LoopBack0
		 ipv4-family v4	//能够传递VPN V4路由
		 peer 2.2.2.2 enable
		 peer 3.3.3.3 enable
		
		R2
		bgp 123
		 peer 3.3.3.3 as-number 123 
		 peer 1.1.1.1 connect-interface LoopBack0
		 peer 3.3.3.3 as-number 123 
		 peer 1.1.1.1 connect-interface LoopBack0
		 ipv4-family v4	//能够传递VPN V4路由
		 peer 1.1.1.1 enable
		 peer 3.3.3.3 enable
		 
		 R3
		 bgp 123
		 peer 2.2.2.2 as-number 123 
		 peer 1.1.1.1 connect-interface LoopBack0
		 peer 2.2.2.2 as-number 123 
		 peer 1.1.1.1 connect-interface LoopBack0
		 ipv4-family v4	//能够传递VPN V4路由
		 peer 1.1.1.1 enable
		 peer 2.2.2.2 enable
	3.MPLS建立
		R1
		mpls
		mpls ldp
		int g0/0/0
		mpls 
		mpls ldp
		int g0/0/1
		mpls 
		mpls ldp
		
		R2
		mpls
		mpls ldp
		int g0/0/0
		mpls
		mpls ldp
		
		R3
		mpls
		mpls ldp
		int g0/0/0
		mpls 
		mpls ldp
1.创建VRF实例
		R1
		ip -instance 1
			ipv4-family
			route-distinguisher 2:2
			-target 25:25 export-extcommunity
			-target 52:52 import-extcommunity
		
		R2
		ip -instance 1
			ipv4-family
			route-distinguisher 3:3
			-target 36:36 export-extcommunity
			-target 63:63 import-extcommunity
	2.将VRF实例绑定到连接用户的接口,用户流量直接进入VRF实例
		R2
		int g0/0/2
		ip binding -instance 1
		ip address 192.168.25.2 24	//绑定VRF实例后,关于IP的配置都会失效,需要重新配置
		
		R3
		int g0/0/2
		ip binding -instance 1
		ip address 192.168.36.3 24
	3.配置路由学习用户侧路由
		R2
		ospf 1 -instance 1
		area 0
		qu
		int g0/0/2
		ospf enable 1 area 0
		
		R3
		ospf 1 -instance 1
		area 0
		qu
		int g0/0/2
		ospf enable 1 area 0
1.R1创建入方向VRF,现在R1可以收到R2与R3的路由并放到入方向VRF中
		ip -instance in
		ipv4-family
		route-distinguisher 14:14	RD值
		-target 25:25 36:36 import-extcommunity	接收RT值
	2.R4稍后将路由传递给R1的出方向VRF,建立出方向VRF,将R3,R2的路由做了交互动作
		R1配置出方向VRF
		ip -instance out
		ipv4-family
		route-distinguisher 41:41
		-target 52:52 63:63 export-extcommunity
		-target 52:52 63:63 import-extcommunity
1.R1与R4建立IGP,并将in VRF里面的路由传递给R4
		R1
		ospf 14 -instance in
		import-route bgp
		dn-bit-set disable summary	用于防止环路产生
		area 0.0.0.0 
		interface GigabitEthernet0/0/2.14
		dot1q termination vid 14
		ip binding -instance in
		ip address 192.168.14.1 255.255.255.0 
		ospf enable 14 area 0.0.0.0
		arp broadcast enable
		
		
		R4
		ospf 1 router-id 4.4.4.4 
		area 0.0.0.0 
		interface GigabitEthernet0/0/2.14
		dot1q termination vid 14
		ip address 192.168.14.4 255.255.255.0 
		ospf enable 1 area 0.0.0.0
		arp broadcast enable
	2.R4使用OSPF将传递给 R1的out方向VRF
		R4
		ospf 1
		area 0
		interface GigabitEthernet0/0/2.41
		dot1q termination vid 41
		ip address 192.168.41.4 255.255.255.0 
		ospf enable 1 area 0.0.0.0
		arp broadcast enable
		R1
		ospf 41 -instance out
		area 0.0.0.0 
		interface GigabitEthernet0/0/2.41
		dot1q termination vid 41
		ip binding -instance out		绑定到出方向VRF
		ip address 192.168.41.1 255.255.255.0 
		ospf enable 41 area 0.0.0.0
		arp broadcast enable
	1.R2将R5的路由引入到BGP中,并将BGP引入到OSPF中传递给R5
		bgp 123
		ipv4-family -instance 1 
		import-route ospf 1
		ospf 1 -instance 1
		import-route bgp
		area 0.0.0.0 
	2.R3将R6的路由引入到BGP中,并将BGP引入到OSPF中传递给R6
		bgp 123
		ipv4-family -instance 1 
		import-route ospf 1
		ospf 1 -instance 1
		import-route bgp
		area 0.0.0.0 

 

你可能感兴趣的:(数据通信,网络,服务器,运维)