MPLS *** option C

不得不說option C的配置很是複雜，光理解一些重分發就花了好多時間。
配置要點：
1 . RR與RR之間配置MP-BGP鄰居關係，就帶來了須要二者之間下層傳輸須要可達。

2. 當一條***v4路由被RR傳到另外一個RR時，須要經過ASBR根據這個next-hop值分發一個標籤。
3. BGP能夠用來分發標籤，經過命令neighbor X.X.X.X send-label來實現。同時也要作很是精細的過濾，將己方的PE的loopback過濾出來發送給對方RR
4. 當一條打了標籤的***v4路由經過ASBR進入己方AS時，須要經過match mpls-label匹配，並將此條bgp路由重分發進IGP中。這條命令是爲了保證，不一樣運營商PE之間創建IP可達性。
5. 通常來講，RR與ASBR只創建ipv4鄰居關係。

如下是topology

R1/R6 PE
R2/R5 RR
R3/R4 ASBR
配置部分
R1 (PE1)
ip vrf CustomerA
rd 100:1
route-target export 100:1
route-target import 200:1
!
router eigrp 100
network 1.1.1.1 0.0.0.0
network 12.1.1.1 0.0.0.0
network 13.1.1.1 0.0.0.0
!
router ospf 100 vrf CustomerA
redistribute bgp 100 subnets
network 192.168.1.1 0.0.0.0 area 0
!
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
!
address-family ipv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 next-hop-self
exit-address-family
!
address-family ***v4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf CustomerA
redistribute ospf 100 match internal external 1 external 2
exit-address-family
!
R2(RR1)
router eigrp 100
network 0.0.0.0
!
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
neighbor 5.5.5.5 remote-as 200
neighbor 5.5.5.5 ebgp-multihop 255
neighbor 5.5.5.5 update-source Loopback0
!
address-family ipv4
network 1.1.1.1 mask 255.255.255.255
network 2.2.2.2 mask 255.255.255.255
neighbor 1.1.1.1 activate
neighbor 3.3.3.3 activate
exit-address-family
!
address-family ***v4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 1.1.1.1 route-reflector-client
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community extended
neighbor 5.5.5.5 next-hop-unchanged
exit-address-family
!
R3 (ASBR1)
router eigrp 100
network 3.3.3.3 0.0.0.0
network 13.1.1.3 0.0.0.0
network 23.1.1.3 0.0.0.0
redistribute bgp 100 metric 10000 100 255 1 1500 route-map EIGRP
!
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
neighbor 34.1.1.4 remote-as 200
!
address-family ipv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 next-hop-self
neighbor 34.1.1.4 activate
neighbor 34.1.1.4 route-map Set_Label out
neighbor 34.1.1.4 send-label
exit-address-family
!
ip prefix-list PE1 seq 5 permit 1.1.1.1/32
!
route-map EIGRP permit 10
match mpls-label
!
route-map Set_Label permit 10
match ip address prefix-list PE1
set mpls-label
!
route-map Set_Label permit 20

R4
router eigrp 100
network 4.4.4.4 0.0.0.0
network 45.1.1.4 0.0.0.0
network 46.1.1.4 0.0.0.0
redistribute bgp 200 metric 10000 100 255 1 1500 route-map EIGRP
!
router bgp 200
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 200
neighbor 5.5.5.5 update-source Loopback0
neighbor 34.1.1.3 remote-as 100
!
address-family ipv4
network 5.5.5.5 mask 255.255.255.255
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 next-hop-self
neighbor 34.1.1.3 activate
neighbor 34.1.1.3 route-map Set_Label out
neighbor 34.1.1.3 send-label
exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
!
ip prefix-list PE2 seq 5 permit 6.6.6.6/32
no cdp log mismatch duplex
!
route-map EIGRP permit 10
match mpls-label
!
route-map Set_Label permit 10
match ip address prefix-list PE2
set mpls-label
!
route-map Set_Label permit 20
!

R5
router eigrp 100
network 0.0.0.0
!
router bgp 200
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 ebgp-multihop 255
neighbor 2.2.2.2 update-source Loopback0
neighbor 4.4.4.4 remote-as 200
neighbor 4.4.4.4 update-source Loopback0
neighbor 6.6.6.6 remote-as 200
neighbor 6.6.6.6 update-source Loopback0
!
address-family ipv4
network 6.6.6.6 mask 255.255.255.255
neighbor 4.4.4.4 activate
neighbor 6.6.6.6 activate
exit-address-family
!
address-family ***v4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
neighbor 2.2.2.2 next-hop-unchanged
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-community extended
neighbor 6.6.6.6 route-reflector-client
exit-address-family
!
R6
ip vrf CustomerA
rd 200:1
route-target export 200:1
route-target import 100:1

router eigrp 100
network 6.6.6.6 0.0.0.0
network 46.1.1.6 0.0.0.0
network 56.1.1.6 0.0.0.0
!
router ospf 100 vrf CustomerA
redistribute bgp 200 subnets
network 192.168.2.1 0.0.0.0 area 0
!
router bgp 200
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 200
neighbor 5.5.5.5 update-source Loopback0
!
address-family ipv4
neighbor 5.5.5.5 activate
exit-address-family
!
address-family ***v4
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community extended
exit-address-family
!
address-family ipv4 vrf CustomerA
redistribute ospf 100 match internal external 1 external 2
exit-address-family
!

配置分析主要集中在RR和ASBR上，先來看RR
路由反射器須要和己方AS PE創建***v4鄰居關係，（固然PE是RR的client）
R2
address-family ipv4
neighbor 1.1.1.1 activate
address-family ***v4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
neighbor 1.1.1.1 route-reflector-client

R4
address-family ipv4
neighbor 6.6.6.6 activate
address-family ***v4
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-community extended
neighbor 6.6.6.6 route-reflector-client

以前提到過RR與RR之間要創建***v4鄰居關係，意味着底層ipv4要打通。

R3
address-family ipv4
network 1.1.1.1 mask 255.255.255.255
R4
address-family ipv4
network 5.5.5.5 mask 255.255.255.255

以後RR之間再創建***v4的鄰居關係
R2
router bgp 100
neighbor 5.5.5.5 remote-as 200
neighbor 5.5.5.5 ebgp-multihop 255
neighbor 5.5.5.5 update-source Loopback0
!
address-family ***v4
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community extended
neighbor 5.5.5.5 next-hop-unchanged

R5
router bgp 200
address-family ***v4
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 ebgp-multihop 255
neighbor 2.2.2.2 update-source Loopback0
!
address-family ***v4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
neighbor 2.2.2.2 next-hop-unchanged

此時，下一跳不改變是爲了以後數據層面不通過次優路徑作的，這裏偷懶後面不解釋了。
同時，這個bgp鄰居須要multihop，改爲相應的數值就行。

接下來看ASBR。當說起跨域MPLS時候，反覆強調一點 即路由器須要爲下一跳分發標籤。牢記這點其實邏輯也不難。

1. 在ebgp鄰居上使用send-label命令
   R3
   neighbor 34.1.1.4 send-label
   R4
   neighbor 34.1.1.3 send-label

2. 用route-map對label進行過濾，過濾的對象爲對端AS的PE路由器，注意爲route-map放空語句
   R3
   ip prefix-list PE1 seq 5 permit 1.1.1.1/32
   !
   route-map EIGRP permit 10
   match mpls-label
   !
   route-map Set_Label permit 10
   match ip address prefix-list PE1
   set mpls-label
   !
   route-map Set_Label permit 20
   !
   router bgp 100
   address-family ipv4
   neighbor 34.1.1.4 route-map Set_Label out

R4
ip prefix-list PE2 seq 5 permit 6.6.6.6/32
!
route-map EIGRP permit 10
match mpls-label
!
route-map Set_Label permit 10
match ip address prefix-list PE2
set mpls-label
!
route-map Set_Label permit 20
!
router bgp 200
address-family ipv4
neighbor 34.1.1.3 route-map Set_Label out

3.須要advertise對端PE的loopback地址，不然以前使用的next-hop-unchanged的下一跳會不優
R3
address-family ipv4
network 1.1.1.1 mask 255.255.255.255
R4
address-family ipv4
network 6.6.6.6 mask 255.255.255.255

4.把打了標籤的bgp路由重分發進IGP中
另外，ASBR只須要運行普通ipv4 BGP就好了。

R3
redistribute bgp 100 metric 10000 100 255 1 1500 route-map EIGRP

R4
redistribute bgp 200 metric 10000 100 255 1 1500 route-map EIGRP

此時，彼方IGP中會有條己方AS PE的路由
R1#show ip route | in EX
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
D EX 6.6.6.6 [170/281856] via 13.1.1.3, 01:10:09, GigabitEthernet0/0

R6#sh ip route | in EX
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
D EX 1.1.1.1 [170/281856] via 46.1.1.4, 00:41:01, GigabitEthernet2/0R6

配置分析完了，來看數據層面

R1#show ip cef vrf CustomerA 22.22.22.22 detail
22.22.22.22/32, epoch 0, flags rib defined all labels
recursive via 6.6.6.6 label 605
nexthop 13.1.1.3 GigabitEthernet0/0 label 307

PE端，內層標籤605，外層標籤307

R3#show mpls forwarding-table labels 307
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
307 400 6.6.6.6/32 610 Gi1/0 34.1.1.4

R4#show mpls forwarding-table labels 400
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
400 Pop Label 6.6.6.6/32 1180 Gi2/0 46.1.1.6

R6#show mpls forwarding-table labels 605
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
605 No Label 22.22.22.22/32[V] \
1140 Gi0/0 192.168.2.33

配上一個BGP update的抓包，由R2發送給R5，NLRI 11.11.11.11/32， 下一跳1.1.1.1 label是103

optionC的確要比option B分析起來簡單些，固然配起來的確很繞。有時間回來把這實驗再敲一遍。
過兩天研究IS-IS和MPLS TE。

補充一份最近搜到的Cisco live講inter-as ×××的截圖。第一幅圖是控制層面的BGP標籤分發。PE端分發的標籤，將下一跳，RT RD VRF 及標籤綁定在一塊兒，可是注意，下一跳仍然是最關鍵的。當BGP充當標籤分發器時，永遠是根據下一跳分發的。即便是ASBR之間的label unicast，也仍然依照next hop value分發。因此在傳遞的過程當中，實際上是三層標籤。LSP/ASBR/remote PE

4月9號更新，上一個其實仍是有點問題。把兩個問題寫下來。爲何要重分發對端的PE 環回口，由於在查詢vrf路由的時候，下一眺的recursive lookup必定要在global RIB中。

若是不重分發，那11.11.11.11/32前面的星號就沒了。

第二，使用show ip bgp ***v4 rd 200:1 label來查看本地發放了什麼標籤給對端。

第三，查看路由表，bgp路由下一跳，以及PE收到的關於此下一跳的標籤就能夠明白標籤是如何堆疊的。爲什麼這種方法是兩層標籤，是由於咱們把對端PE的環回口發送進了本地IGP。使得在標籤分發的過程當中，這個對端PE對於本地分發標籤的時候就好像本地AS的路由同樣。