Inter-Provider MPLS Solutions 之 option C-CSC

Option C也叫做Multi-Hop eBGP方案，這種方案是在不一樣AS的PE之間直接創建MP-eBGP鏈接,以交換v4路由。與前兩種方案不一樣的是，ASBR再也不須要維護和交換v4路由了，減輕ASBR設備負擔的同時也加強了網絡的擴展性。爲提升可擴展性，也能夠在每一個AS中指定一個路由反射器阻，由RR保存全部v4 路由與本AS內的PE交換v4 路由信息。兩個AS的RR之間創建MP-eBGP鏈接，通告v4路由。
從轉發層面看，這種方案須要在不一樣的PE之間直接創建公網隧道，這就要求PE必須具備對方PE的Loopback地址的路由及標籤，一種方法是在ASBR處，將BGP學習到的對方PE的Loopback地址路由引入到本地的IGP ，使得LDP能爲其分配標籤。另外，因爲ASBR 之間運行的是BGP，LDP協議經過IGP路由而創建的LSP會在ASBR之間中斷，須要在ASBR之間利用eBGP來傳遞IPv4路由的標籤，使得針對PE的Loopback地址的LSP得以貫通。此時，針對某個特定 ，從PE 發出的數據包一般帶有三層標籤，最裏面的標籤是對方AS 的PE爲特定分配的標籤(也叫私網標籤)，中間的標籤是本ASBR爲對方AS的PE 路由器分配的標籤，最外面的標籤是本AS爲IGP路由分配的LDP 標籤。

• 優勢
  這種方案應該說是最容易被接受的，由於它符合MPLS的體系結構的要求，只有PE知道路由信息，而P路由器只負責報文轉發。這樣就使得中間域的設備能夠不支持MPLS***業務。尤爲是在跨越多個域時優點更加明顯，並且這個方案支持負載分擔等功能。
• 缺點
  要對BGP 作擴展(利用了BGP 的一個新特性--RFC3107 ，這個特性可讓BGP傳遞公網路由的時候攜帶標籤)，並且隧道的生成也是有別於普通的MPLS ***結構，所以維護和理解起來難度比較大，不適合用於企業網的環境。

實驗拓撲（customer carrier supports MPLS ***s）

需求：
1）網段以及IP地址如拓撲所示
2）各AS執行的動態路由協議如拓撲所示
3）各AS細節
-- AS456
PE1和Y-ASBR1 之間
VRP：Y
rd 456:123
route-target export 456:1011
route-target import 456:1011
PE2和B-ASBR1之間
VRF：B
rd 456:789
route-target export 456:1011
route-target import 456:1011

-- AS123
Y-PE1和CE1之間
VRF：CustA
rd 123:11
import route-target
1111:1111
export route-target
1111:1111

-- AS789
B-PE1和CE2之間
VRF：CustB
rd 789:10
route-target export 1010:1010
route-target import 1010:1010

4）配置CsC，保障CE1和CE2之間的通信

配置：
1)配置CustA（AS123)VRF以及*v4
****Y-PE1***
！
hostname Y-PE1
!
vrf CustA
address-family ipv4 unicast
import route-target
1111:1111
!
export route-target
1111:1111
!
!
!
interface Loopback0
ipv4 address 1.1.1.1 255.255.255.255
!
interface GigabitEthernet0/0/0/0 --Link-to-CE1
vrf CustA
ipv4 address 110.1.1.1 255.255.255.0
!
interface GigabitEthernet0/0/0/1
ipv4 address 10.1.12.1 255.255.255.0
!
router ospf 123
router-id 1.1.1.1
address-family ipv4 unicast
area 0
interface Loopback0
!
interface GigabitEthernet0/0/0/1
!
!
!
router bgp 123
bgp router-id 1.1.1.1
address-family ipv4 unicast
!
address-family v4 unicast
!
neighbor 2.2.2.2
remote-as 123
update-source Loopback0
address-family v4 unicast
!
!
vrf CustA
rd 123:11
address-family ipv4 unicast
redistribute rip
!
!
!
mpls ldp
router-id 1.1.1.1
address-family ipv4
!
interface GigabitEthernet0/0/0/1
!
!
mpls label range table 0 16100 16199
！
router rip
vrf CustA
interface GigabitEthernet0/0/0/0
!
redistribute bgp 123
default-metric 1
!
!

****Y-RR1***
！
hostname Y-RR1
!
mpls label range 200 299
mpls label protocol ldp
mpls ldp router-id Loopback0 force
！
interface Loopback0
ip address 2.2.2.2 255.255.255.255
！
interface Ethernet0/0
ip address 10.1.12.2 255.255.255.0
mpls ip
！
interface Ethernet0/1
ip address 10.1.23.2 255.255.255.0
mpls ip
！
router ospf 123
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 10.1.12.0 0.0.0.255 area 0
network 10.1.23.0 0.0.0.255 area 0
！
router bgp 123
bgp router-id 2.2.2.2
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 123
neighbor 1.1.1.1 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family *v4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 1.1.1.1 route-reflector-client
exit-address-family
！

****Y-ASBR1*****
！
hostname Y-ASBR1
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
！
interface Ethernet0/0
ip address 10.1.34.3 255.255.255.0
！
interface Ethernet0/1
ip address 10.1.23.3 255.255.255.0
！
router ospf 123
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 10.1.23.0 0.0.0.255 area 0
！

****CE1*****
！
hostname CE1
!
interface Loopback0
ip address 11.11.11.11 255.255.255.255
！
interface Ethernet0/0
ip address 110.1.1.10 255.255.255.0
！
router rip
version 2
network 11.0.0.0
network 110.0.0.0
no auto-summary
！

2）配置CustB（AS789)VRF以及*v4
****B-ASBR1***
！
hostname B-ASBR1
!
interface Loopback0
ip address 7.7.7.7 255.255.255.255
！
interface Ethernet0/0
ip address 10.1.78.7 255.255.255.0
！
interface Ethernet0/1
ip address 10.1.67.7 255.255.255.0
！
router ospf 789
router-id 7.7.7.7
network 7.7.7.7 0.0.0.0 area 0
network 10.1.78.0 0.0.0.255 area 0
！

****B-RR1***
！
hostname B-RR1
!
interface Loopback0
ipv4 address 8.8.8.8 255.255.255.255
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.1.78.8 255.255.255.0
!
interface GigabitEthernet0/0/0/1
ipv4 address 10.1.89.8 255.255.255.0
!
router ospf 789
router-id 8.8.8.8
address-family ipv4 unicast
area 0
interface Loopback0
!
interface GigabitEthernet0/0/0/0
!
interface GigabitEthernet0/0/0/1
!
!
router bgp 789
bgp router-id 8.8.8.8
address-family ipv4 unicast
!
address-family *v4 unicast
!
neighbor 9.9.9.9
remote-as 789
update-source Loopback0
address-family ***v4 unicast
route-reflector-client
!
!
!
mpls ldp
router-id 8.8.8.8
address-family ipv4
!
interface GigabitEthernet0/0/0/0
!
interface GigabitEthernet0/0/0/1
!
!
mpls label range table 0 16800 16899
！

****B-PE1***
！
hostname B-PE1
!
ip vrf CustB
rd 789:10
route-target export 1010:1010
route-target import 1010:1010
！
mpls label range 900 999
mpls label protocol ldp
mpls ldp router-id Loopback0 force
！
interface Loopback0
ip address 9.9.9.9 255.255.255.255
！
interface Ethernet0/0
ip address 10.1.89.9 255.255.255.0
mpls ip
！
interface Ethernet0/1 --Link-to-CE2
ip vrf forwarding CustB
ip address 10.1.90.9 255.255.255.0
！
router ospf 90 vrf CustB
router-id 99.99.99.99
redistribute bgp 789 subnets
network 10.1.90.0 0.0.0.255 area 0
！
router ospf 789
router-id 9.9.9.9
network 9.9.9.9 0.0.0.0 area 0
network 10.1.89.0 0.0.0.255 area 0
！
router bgp 789
bgp router-id 9.9.9.9
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 8.8.8.8 remote-as 789
neighbor 8.8.8.8 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family *v4
neighbor 8.8.8.8 activate
neighbor 8.8.8.8 send-community extended
exit-address-family
!
address-family ipv4 vrf CustB
redistribute ospf 90 match internal external 1 external 2
exit-address-family
！

****CE2*****
！
hostname CE2
!
interface Loopback0
ip address 10.10.10.10 255.255.255.255
！
interface Ethernet0/1
ip address 10.1.90.10 255.255.255.0
！
router ospf 90
router-id 10.10.10.10
network 10.1.90.0 0.0.0.255 area 0
network 10.10.10.10 0.0.0.0 area 0
！

3）配置Core-ISP（PE1/P1/PE2）的VRF以及*v4
****PE1***
！
hostname PE1
!
ip vrf Y
rd 456:123
route-target export 456:1011
route-target import 456:1011
！
mpls label range 400 499
mpls label protocol ldp
mpls ldp router-id Loopback0 force
！
interface Loopback0
ip address 4.4.4.4 255.255.255.255
！
interface Ethernet0/0 ---Link-to-Y-ASBR1
ip vrf forwarding Y
ip address 10.1.34.4 255.255.255.0
！
interface Ethernet0/1
ip address 10.1.45.4 255.255.255.0
mpls ip
！
router ospf 654 vrf Y
router-id 44.44.44.44
redistribute bgp 456 subnets
network 10.1.34.0 0.0.0.255 area 0
!
router ospf 456
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 10.1.45.0 0.0.0.255 area 0
!
router bgp 456
bgp router-id 4.4.4.4
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 6.6.6.6 remote-as 456
neighbor 6.6.6.6 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family v4
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-community extended
exit-address-family
!
address-family ipv4 vrf Y
redistribute ospf 654 match internal external 1 external 2 route-map Y
exit-address-family
!
！使用ACL匹配Y-PE1和Y-RR1的Loopback0接口IP地址
access-list 1 permit 1.1.1.1
access-list 1 permit 2.2.2.2
!
！使用route-map調用ACL---過濾AS123其餘OSPF路由進入v4
route-map Y permit 10
match ip address 1
!

****P1*****
！
hostname P1
!
mpls label range 500 599
mpls label protocol ldp
mpls ldp router-id Loopback0 force
！
interface Loopback0
ip address 5.5.5.5 255.255.255.255
！
interface Ethernet0/0
ip address 10.1.56.5 255.255.255.0
mpls ip
！
interface Ethernet0/1
ip address 10.1.45.5 255.255.255.0
mpls ip
！
router ospf 456
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 10.1.45.0 0.0.0.255 area 0
network 10.1.56.0 0.0.0.255 area 0
！

****PE2***
！
hostname PE2
!
ip vrf B
rd 456:789
route-target export 456:1011
route-target import 456:1011
！
mpls label range 600 699
mpls label protocol ldp
mpls ldp router-id Loopback0 force
！
interface Loopback0
ip address 6.6.6.6 255.255.255.255
！
interface Ethernet0/0
ip address 10.1.56.6 255.255.255.0
mpls ip
！
interface Ethernet0/1 --Link-to-B-ASBR1
ip vrf forwarding B
ip address 10.1.67.6 255.255.255.0
！
router ospf 654 vrf B
router-id 66.66.66.66
redistribute bgp 456 subnets
network 10.1.67.0 0.0.0.255 area 0
!
router ospf 456
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 10.1.56.0 0.0.0.255 area 0
!
router bgp 456
bgp router-id 6.6.6.6
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 456
neighbor 4.4.4.4 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family *v4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
exit-address-family
!
address-family ipv4 vrf B
redistribute ospf 654 match internal external 1 external 2 route-map B
exit-address-family
!
！使用ACL匹配B-RR1和B-PE1的loopback0接口IP
access-list 1 permit 8.8.8.8
access-list 1 permit 9.9.9.9
!
！使用route-map調用ACL--過濾AS789其餘OSPF的路由進入***v4
route-map B permit 10
match ip address 1
!

****Y-ASBR1*****
！
hostname Y-ASBR1
!
router ospf 123
router-id 3.3.3.3
network 10.1.34.0 0.0.0.255 area 0
！

****B-ASBR1*****
！
hostname B-ASBR1
!
router ospf 789
router-id 7.7.7.7
network 10.1.67.0 0.0.0.255 area 0
！

4）RR之間創建eBGP的*v4
****Y-RR1***
！
hostname Y-RR1
!
router bgp 123
bgp router-id 2.2.2.2
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 123
neighbor 1.1.1.1 update-source Loopback0
neighbor 8.8.8.8 remote-as 789
neighbor 8.8.8.8 ebgp-multihop 255
neighbor 8.8.8.8 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family ***v4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 1.1.1.1 route-reflector-client
neighbor 8.8.8.8 activate
neighbor 8.8.8.8 send-community extended
neighbor 8.8.8.8 next-hop-unchanged ---保持標籤的一致性
exit-address-family
！

****B-RR1***
！
hostname B-RR1
!
route-policy PASS --eBGP傳遞策略
pass
end-policy
！
router bgp 789
bgp router-id 8.8.8.8
address-family ipv4 unicast
!
address-family *v4 unicast
!
neighbor 2.2.2.2
remote-as 123
ebgp-multihop 255
update-source Loopback0
address-family v4 unicast
route-policy PASS in
route-policy PASS out
next-hop-unchanged ---保持標籤的一致性
!
!
neighbor 9.9.9.9
remote-as 789
update-source Loopback0
address-family v4 unicast
route-reflector-client
!
!
!

5）爲保障PE能夠接收到不一樣AS間的*v4路由，PE端分別作RT的導入
****Y-PE1***
！
hostname Y-PE1
!
vrf CustA
address-family ipv4 unicast
import route-target
1010:1010
1111:1111
!
export route-target
1111:1111
!
!

****B-PE1*****
！
hostname B-PE1
!
ip vrf CustB
rd 789:10
route-target export 1010:1010
route-target import 1010:1010
route-target import 1111:1111
！

6）爲保障CE兩端可以經過標籤傳遞數據，在Y-ASBR一、PE一、PE二、B-ASBR1之間創建LDP鄰居
****Y-ASBR1*****
！
hostname Y-ASBR1
!
mpls label range 300 399
mpls label protocol ldp
mpls ldp router-id Loopback0 force
！
interface Ethernet0/0
ip address 10.1.34.3 255.255.255.0
mpls ip
！
interface Ethernet0/1
ip address 10.1.23.3 255.255.255.0
mpls ip
！

****PE1*****
！
hostname PE1
!
interface Ethernet0/0
ip vrf forwarding Y
ip address 10.1.34.4 255.255.255.0
mpls ip
！

****PE2*****
！
hostname PE1
!
interface Ethernet0/1
ip vrf forwarding B
ip address 10.1.67.6 255.255.255.0
mpls ip
！

****B-ASBR1*****
！
hostname B-ASBR1
!
mpls label range 700 799
mpls label protocol ldp
mpls ldp router-id Loopback0 force
！
interface Ethernet0/0
ip address 10.1.78.7 255.255.255.0
mpls ip
！
interface Ethernet0/1
ip address 10.1.67.7 255.255.255.0
mpls ip
！