华为MPLS跨域C1方式RR场景(数据不经过RR)实验配置
目录
配置BGP邻居的建立
配置MPLS LDP
配置RR之间的MP-BGP邻居
配置通过ASBR学习PE路由并为PE分配标签(实现Vpnv4路由的传递和数据传输)
根据图配置接口的IP地址和IGP协议
BGP邻居用来传递标签和RR、PE的路由
MP-BGP邻居用来传递Vpnv4路由
配置BGP邻居的建立
PE1和RR1建立IBGP邻居、RR1和ASBR1建立IBGP邻居(RR1作为反射器)
PE1和RR1建立MP-IBGP邻居(RR1传给PE1的Vpnv4路由要求不更改下一跳)
ASBR1和ASBR2建立EBGP邻居
ASBR2和RR2建立IBGP邻居、RR2和PE2建立IBGP邻居(RR2作为反射器)
PE2和RR2建立MP-IBGP邻居(RR2传给PE2的Vpnv4路由要求不更改下一跳)
PE1和RR1建立IBGP邻居(RR1为反射器)和MP-IBGP邻居
PE1 bgp 100 peer 7.7.7.7 as-number 100 peer 7.7.7.7 connect-interface LoopBack0 ipv4-family unicast undo synchronization peer 7.7.7.7 enable ipv4-family vpnv4 policy vpn-target peer 7.7.7.7 enable RR1 bgp 100 peer 1.1.1.1 as-number 100 peer 1.1.1.1 connect-interface LoopBack0 ipv4-family unicast peer 1.1.1.1 enable peer 1.1.1.1 reflect-client 配置1.1.1.1为反射客户端(本端为反射器) ipv4-family vpnv4 undo policy vpn-target 取消RT值检测 peer 1.1.1.1 enable 配置MP-BGP邻居 peer 1.1.1.1 next-hop-invariable 配置向1.1.1.1传递vpnv4路由时不更改下一跳RR1和ASBR1建立IBGP邻居(RR1为反射器,ASBR1配置从EBGP学到的路由传给IBGP时更改下一跳)
RR1 bgp 100 peer 3.3.3.3 as-number 100 peer 3.3.3.3 connect-interface LoopBack0 ipv4-family unicast peer 3.3.3.3 enable peer 3.3.3.3 reflect-client ASBR1 bgp 100 peer 7.7.7.7 as-number 100 peer 7.7.7.7 connect-interface LoopBack0 ipv4-family unicast peer 7.7.7.7 enable peer 7.7.7.7 next-hop-localASBR1和ASBR2建立EBGP邻居
ASBR1 bgp 100 peer 100.0.34.4 as-number 200 ipv4-family unicast peer 100.0.34.4 enable ASBR2 bgp 200 peer 100.0.34.3 as-number 100 ipv4-family unicast peer 100.0.34.3 enableASBR2和RR2建立IBGP邻居(RR2为反射器,ASBR2配置从EBGP学到的路由传给IBGP时更改下一跳)
ASBR2 bgp 200 peer 8.8.8.8 as-number 200 peer 8.8.8.8 connect-interface LoopBack0 ipv4-family unicast peer 8.8.8.8 enable peer 8.8.8.8 next-hop-local RR2 bgp 200 peer 4.4.4.4 as-number 200 peer 4.4.4.4 connect-interface LoopBack0 ipv4-family unicast peer 4.4.4.4 enable peer 4.4.4.4 reflect-clientASBR2和RR2建立IBGP邻居(RR2为反射器)
RR2 bgp 200 peer 6.6.6.6 as-number 200 peer 6.6.6.6 connect-interface LoopBack0 ipv4-family unicast peer 6.6.6.6 enable peer 6.6.6.6 reflect-client ipv4-family vpnv4 undo policy vpn-target peer 6.6.6.6 enable peer 6.6.6.6 next-hop-invariable PE2 bgp 200 peer 8.8.8.8 as-number 200 peer 8.8.8.8 connect-interface LoopBack0 ipv4-family unicast undo synchronization peer 8.8.8.8 enable ipv4-family vpnv4 policy vpn-target peer 8.8.8.8 enable
配置MPLS LDP
除了ASBR之间相连的接口、PE与CE相连接口,其余的接口都开启MPLS LDP
以PE1的配置为例(其余设备的配置同PE1)
全局开启MPLS LDP mpls lsr-id 1.1.1.1 mpls mpls ldp 接口下配置MPLS LDP interface GigabitEthernet0/0/1 mpls mpls ldp
配置RR之间的MP-BGP邻居
RR1和RR2建立MP-EBGP邻居
(RR1传给RR2、RR2传给RR1的Vpnv4路由要求不更改下一跳)
在ASBR上通过BGP邻居将RR1的路由传给RR2、将RR2的路由传给RR1(配置完成后本端的PE和RR会通过BGP学习到对端的RR路由)
ASBR1 bgp 100 ipv4-family unicast network 7.7.7.7 255.255.255.255 ASBR2 bgp 200 ipv4-family unicast network 8.8.8.8 255.255.255.255配置RR之间的MP-EBGP邻居
RR1 bgp 100 peer 8.8.8.8 as-number 200 peer 8.8.8.8 ebgp-max-hop 10 peer 8.8.8.8 connect-interface LoopBack0 ipv4-family unicast undo peer 8.8.8.8 enable ipv4-family vpnv4 undo policy vpn-target peer 8.8.8.8 enable peer 8.8.8.8 next-hop-invariable RR2 bgp 200 peer 7.7.7.7 as-number 100 peer 7.7.7.7 ebgp-max-hop 10 peer 7.7.7.7 connect-interface LoopBack0 ipv4-family unicast undo peer 7.7.7.7 enable ipv4-family vpnv4 undo policy vpn-target peer 7.7.7.7 enable peer 7.7.7.7 next-hop-invariable此时RR双方虽然有对端的路由,但是无法建立邻居,此时需要在ASBR为RR手动分配标签
ASBR1为RR1分配标签给ASBR2;ASBR2为RR2分配标签给ASBR1
ASBR1 ip ip-prefix PE1-RR1 index 10 permit 7.7.7.7 32 route-policy PE1-RR1 permit node 10 此路由策略的目的为匹配7.7.7.7路由,为其分配标签 if-match ip-prefix PE1-RR1 apply mpls-label bgp 100 ipv4-family unicast peer 100.0.34.4 route-policy PE1-RR1 export 向100.0.34.4的邻居应用此路由策略 peer 100.0.34.4 label-route-capability 向100.0.34.4的邻居开启标签转发能力(可以向此邻居转发带标签的BGP路由) ASBR2 ip ip-prefix PE2-RR2 index 20 permit 8.8.8.8 32 route-policy PE2-RR2 permit node 10 if-match ip-prefix PE2-RR2 apply mpls-label bgp 200 ipv4-family unicast peer 100.0.34.3 route-policy PE2-RR2 export peer 100.0.34.3 label-route-capabilityASBR2获得RR1的标签后,重新分配标签分发给RR2
ASBR2 route-policy label permit node 10 if-match mpls-label apply mpls-label bgp 200 ipv4-family unicast peer 8.8.8.8 route-policy label export peer 8.8.8.8 label-route-capability RR2 bgp 200 ipv4-family unicast peer 4.4.4.4 label-route-capabilityASBR1获得RR2的标签后,重新分配标签分发给RR1
ASBR1 route-policy label permit node 10 if-match mpls-label apply mpls-label bgp 200 ipv4-family unicast peer 7.7.7.7 route-policy label export peer 7.7.7.7 label-route-capability RR1 bgp 100 ipv4-family unicast peer 3.3.3.3 label-route-capability在ASBR1和ASBR2的接口上开启MPLS标签转发
int g0/0/0 mpls此时可以在RR上查看到关于对端RR的LSP标签路径,并且邻居建立RR邻居建立成功
配置通过ASBR学习PE路由并为PE分配标签(实现Vpnv4路由的传递和数据传输)
此时RR邻居建立成功,RR1可以将PE1的Vpnv4路由传递给RR2
但是RR2收到PE1的Vpnv4路由后,发现路由的下一跳(PE1)不可达,无法转发给RR2
此时就需要在ASBR上将PE的路由宣告到对端,并为PE分配标签
在ASBR上通过BGP邻居将PE1的路由传给RR2和PE2、将PE2的路由传给RR1和PE1
ASBR1 bgp 100 ipv4-family unicast network 1.1.1.1 255.255.255.255 ASBR2 bgp 200 ipv4-family unicast network 6.6.6.6 255.255.255.255通过BGP路由为PE分配标签方法与ASBR为RR分配标签相同(此时只需要将PE的路由加入到上述配置的路由策略中就可以实现ASBR1/2为PE1/2分配标签传给ASBR2/1、ASBR2/1再重新为PE1/2分配标签传给RR2/1)
ASBR1 ip ip-prefix PE1-RR1 index 10 permit 1.1.1.1 32 ASBR2 ip ip-prefix PE2-RR2 index 10 permit 6.6.6.6 32此时RR关于PE的Vpnv4路由可达,传递给对端PE;对端PE收到后,由于没有PE的标签,路由不生效;
此时就需要配置RR通过BGP路由将ASBR分配的标签传递给PE(由于RR不转发数据,此时RR不再重新生成标签,直接将ASBR生成的标签转发给PE)
RR1 peer 1.1.1.1 label-route-capability RR2 peer 6.6.6.6 label-route-capability此时PE上可以看到关于对端PE的LSP;之后再配置PE和CE直接的路由协议进行路由引入
关于PE和CE之间的配置本次不做讲述了,与之前C1方案一致
