MPLS ××× 互訪關係控制

MPLS ××× 互訪關係控制

1.各路由器基本信息配置

2.OSPF規範配置，修改網絡類型爲點對點，配置被動接口

3.MPLS骨幹網運行OSPF，標籤分發協議爲LDP

4.RT一、RT二、RT三、RT4和RT5運行MP_IPGP，RT1爲MP_IPGP RR，RT二、RT三、RT4和RT5分別與RR創建MP_IBGP鄰居

5.RT4的S0/1和E3/0劃分到VRF SC，S0/二、E3/1劃分到VRF BG，E3/2劃分到VRF HUB，RT5的S0/1和E3/0劃分到VRF SC，S0/二、E3/1劃分到VRF BG，E3/2劃分到VRF HUB

6.RT4 VRF SC與RT6運行RIP、RT4 VRF BG 與RT7配置靜態路由、RT5 VRF SC與RT8運行OSPF，RT5 VRF BG與RT9運行EBGP

IP地址分配以下：

RT2 E3/2  172.18.2.1/24   RT4 E3/2 172.18.4.1

RT3 E3/2  172.18.3.1/24   RT5 E3/2 172.18.5.1/24

MPLS ××× 互訪關係控制以下：

1.××× WG的站點可相互訪問

2.HUB－Spoke MPLS ×××

調整WG爲HUB-Spoke MPLS ×××，RT2爲HUB端（中心端），RT三、RT四、RT5爲Spoke端（分支端）；Spoke端的WG只能訪問HUB端，Spoke端間不能互訪。

3.複雜MPLS ×××

調整WG的互訪關係：RT二、RT3爲中心端，中心端之間可以互訪，RT四、RT5爲分支端，分支端只能訪問中心端，分支端之間不能互訪。

1、MPLS 骨幹網的IGP及MPLS配置略

（不明白請看http://tangfangxiao.blog.51cto.com/2116646/663010 ）

2、MP_IPGP RR調測

RT1：

router bgp 65000

no synchronization

neighbor rrc peer-group               //建立一個對等組命名rrc

neighbor rrc remote-as 65000

neighbor rrc update-source Loopback0

neighbor rrc next-hop-self

neighbor 2.2.2.2 peer-group rrc    

neighbor 3.3.3.3 peer-group rrc    //調用對等組rrc創建IBGP鄰居

neighbor 4.4.4.4 peer-group rrc

neighbor 5.5.5.5 peer-group rrc

no auto-summary

address-family ***v4

neighbor rrc activate          //建立一個對等組命名rrc

neighbor rrc send-community extended

neighbor rrc route-reflector-client //配置成爲RR的客戶端

neighbor 2.2.2.2 peer-group rrc //調用對等組rrc創建MP_BGP RR

neighbor 3.3.3.3 peer-group rrc

neighbor 4.4.4.4 peer-group rrc

neighbor 5.5.5.5 peer-group rrc

exit-address-family

RT2：

router bgp 65000

no synchronization

neighbor 1.1.1.1 remote-as 65000

neighbor 1.1.1.1 update-source Loopback0

no auto-summary

address-family ***v4

neighbor 1.1.1.1 activate

neighbor 1.1.1.1 send-community extended

exit-address-family

RT3：

router bgp 65000

no synchronization

neighbor 1.1.1.1 remote-as 65000

neighbor 1.1.1.1 update-source Loopback0

no auto-summary

address-family ***v4

neighbor 1.1.1.1 activate

neighbor 1.1.1.1 send-community extended

exit-address-family

RT4：

router bgp 65000

no synchronization

neighbor 1.1.1.1 remote-as 65000

neighbor 1.1.1.1 update-source Loopback0

no auto-summary

address-family ***v4

neighbor 1.1.1.1 activate

neighbor 1.1.1.1 send-community extended

exit-address-family

RT5：

router bgp 65000

no synchronization

neighbor 1.1.1.1 remote-as 65000

neighbor 1.1.1.1 update-source Loopback0

no auto-summary

address-family ***v4

neighbor 1.1.1.1 activate

neighbor 1.1.1.1 send-community extended

exit-address-family

3、配置VRF調測

RT4:

  ip vrf BG                             //創建VRF 命名爲BG

  rd 2:2                                //VRF的RD爲2：2

route-target export 2:20              //導出RT爲2：20

route-target import 2:10              //導入RT爲2：10

ip vrf SC

rd 1:1

route-target export 1:20

route-target import 1:10

RT5:

ip vrf BG

rd 2:2

route-target export 2:10

route-target import 2:20

ip vrf SC

rd 1:1

route-target export 1:10

route-target import 1:20

4、PE與CE路由協議調測

RT4:

router rip                          //配置CE與PE VRF之間路由協議

version 2

no auto-summary

address-family ipv4 vrf SC             //配置MP_BGP

network 172.16.0.0

no auto-summary

version 2

exit-address-family

RT6:

router rip           

version 2

network 6.0.0.0

network 172.16.0.0

no auto-summary

RT4:

ip route vrf BG 7.7.7.7 255.255.255.255 Serial0/2 172.17.47.2  //在VRF BG中添加靜態路由

ip route vrf BG 172.17.7.0 255.255.255.0 Serial0/2 172.17.47.2

RT7:

ip route 0.0.0.0 0.0.0.0 172.17.47.1  //配置缺省路由

RT5:

router ospf 101 vrf SC               //配置VRF SC OSPF

router-id 172.16.5.1

network 172.16.5.0 0.0.0.255 area 0

network 172.16.58.0 0.0.0.3 area 0

RT8:

router ospf 1

router-id 8.8.8.8

passive-interface Ethernet3/0

network 8.8.8.8 0.0.0.0 area 0

network 172.16.8.0 0.0.0.255 area 0

network 172.16.58.0 0.0.0.3 area 0

network 0.0.0.0 255.255.255.255 area 0

RT5:

router bgp 65000                               //配置EBGP

address-family ipv4 vrf BG                    //配置MP_BGP

neighbor 172.17.59.2 remote-as 65001         //創建EBGP鄰居

no auto-summary

no synchronization

exit-address-family

RT9：

router bgp 65001

no synchronization

network 9.9.9.9 mask 255.255.255.255

network 172.17.9.0 mask 255.255.255.0

network 172.17.59.0 mask 255.255.255.252

neighbor 172.17.59.1 remote-as 65000

no auto-summary

5、MPLS ×××調測

RT4:

router bgp 65000

address-family ipv4 vrf SC                   

redistribute connected metric 1000      //重分佈直連到MP_BGP

redistribute rip metric 1000            //重RIP直連到MP_BGP

no auto-summary

no synchronization

exit-address-family

address-family ipv4 vrf BG

redistribute connected metric 1000   //重分佈直連到MP_BGP

redistribute static metric 1000      //重分佈靜態到MP_BGP

no auto-summary

no synchronization

exit-address-family

router rip

redistribute bgp 65000 metric 5        //重分佈VRF SC到RIP

RT5:

router bgp 65000

address-family ipv4 vrf SC

redistribute connected metric 1000  //重分佈直連到MP_BGP

redistribute ospf 101 vrf SC metric 1000 match internal external 1 external 2    //重分佈OSPF 101 VRF SC中的匹配外部5類類型1和類型2的路由到MP_BGP中

no auto-summary

no synchronization

exit-address-family

address-family ipv4 vrf BG

redistribute connected metric 1000 //重分佈直連到MP_BGP

exit-address-family

6、MPLS ××× 互訪關係控制

1.××× WG的站點可相互訪問

RT二、RT三、RT四、RT5配置以下：

ip vrf WG

rd 1:5

route-target export 5:5

route-target import 5:5

int e3/2

ip vrf forwarding WG

ip address 172.18.xx.1 255.255.255.0

router bgp 65000

address-family ipv4 vrf WG

redistribute connected metric 1000

no auto-summary

no synchronization

exit-address-family

測試結果：

注意：若是配置正確，某條路由在MP_BGP表中存在，而沒有自動導入VRF，請使用clear ip route vrf 〈名字〉*

2.HUB－Spoke MPLS ×××

調整WG爲HUB-Spoke MPLS ×××，RT2爲HUB端（中心端），RT三、RT四、RT5爲Spoke端（分支端）；Spoke端的WG只能訪問HUB端，Spoke端間不能互訪。

RT2：RT二、RT三、RT四、RT5：

ip vrf WG

no route-target export              //清除以前配置的RT

no route-target import

RT2:

ip vrf WG

route-target export 5:5

route-target import 5:10

RT三、RT四、RT5：

ip vrf WG

route-target export 5:10

route-target import 5:5

RT2(config-vrf)#do show ip route vrf WG

     172.18.0.0/24 is subnetted, 4 subnets

B       172.18.4.0 [200/1000] via 4.4.4.4, 00:00:24

B       172.18.5.0 [200/1000] via 5.5.5.5, 00:02:38

C       172.18.2.0 is directly connected, Ethernet3/2

B       172.18.3.0 [200/1000] via 3.3.3.3, 00:01:54

RT3(config-vrf)#do show ip route vrf WG

    172.18.0.0/24 is subnetted, 2 subnets

B       172.18.2.0 [200/1000] via 2.2.2.2, 00:01:40

C       172.18.3.0 is directly connected, Ethernet3/2

RT4(config-vrf)#do show ip route vrf WG

  172.18.0.0/24 is subnetted, 2 subnets

C       172.18.4.0 is directly connected, Ethernet3/2

B       172.18.2.0 [200/1000] via 2.2.2.2, 00:00:07

注意：你們在查看VRF路由表時，仍是先刷新一下VRF路由表

3.複雜MPLS ×××

調整WG的互訪關係：RT二、RT3爲中心端，中心端之間可以互訪，RT四、RT5爲分支端，分支端只能訪問中心端，分支端之間不能互訪。

RT2：RT二、RT三、RT四、RT5：

ip vrf WG

no route-target export              //清除以前配置的RT

no route-target import

RT二、RT3：

ip vrf WG

route-target export 5:5

route-target import 5:5

route-target export 5:10

route-target import 5:20

RT四、RT5：

ip vrf WG

route-target export 5:20

route-target import 5:10

RT2：

  172.18.0.0/24 is subnetted, 4 subnets

B       172.18.4.0 [200/1000] via 4.4.4.4, 00:00:03

B       172.18.5.0 [200/1000] via 5.5.5.5, 00:00:03

C       172.18.2.0 is directly connected, Ethernet3/2

B       172.18.3.0 [200/1000] via 3.3.3.3, 00:00:03

RT3：

     172.18.0.0/24 is subnetted, 4 subnets

B       172.18.4.0 [200/1000] via 4.4.4.4, 00:00:09

B       172.18.5.0 [200/1000] via 5.5.5.5, 00:00:09

B       172.18.2.0 [200/1000] via 2.2.2.2, 00:00:09

C       172.18.3.0 is directly connected, Ethernet3/2

RT4：

     172.18.0.0/24 is subnetted, 3 subnets

C       172.18.4.0 is directly connected, Ethernet3/2

B       172.18.2.0 [200/1000] via 2.2.2.2, 00:00:01

B       172.18.3.0 [200/1000] via 3.3.3.3, 00:00:01

RT5： 

172.18.0.0/24 is subnetted, 3 subnets

C       172.18.5.0 is directly connected, Ethernet3/2

B       172.18.2.0 [200/1000] via 2.2.2.2, 00:01:02

B       172.18.3.0 [200/1000] via 3.3.3.3, 00:01:02

注意：你們在查看VRF路由表時，仍是先刷新一下VRF路由表

RT的配置很是靈活，很容易實現業務分流，配置也很簡單！