VPN与OSPF的实验” TITLE=”MPLS VPN与OSPF的实验” /> 拓扑如上图: 这个拓扑是MPLS VPN将一个非area 0的区域分隔开,AS内部只在R3和R5上面跑MP-BGP,R4上面不运行BGP,AS内部接口全部运行MPLS,以此达到不需要BGP全互联的目的,原因在下一篇博客讲解。在R3和R5上启用MP-BGP和 vrf a 标签设置为1:1,在R3和R5上进行BGP和OSPF的双向重发布,这时候发现,R6上有R2的路由,但是显示的为OIA外部路由,为了将分离的area1真正变成一个区域,进行如下操作:在R3和R5之间建立一条sham-link。sham-link的建立规则:1,建立环回口,并划分到相应的vrf 中去2,将环回口发布到MP-BGP中,使下一跳可达,环回口必须是32位的 router bgp 2 address-family ipv4 vrf a network33.33.33.33 mask 255.255.255.255 注意这里不能用IGP路由使下一跳可达,否则sham-link建立不起来,只能靠MP-BGP达到下一跳可达3,建立虚连接 router ospf 1 vrf a area 1 sham-link33.33.33.33(自己的环回口地址)55.55.55.55(对端环回口地址)建立好以后发现R2和R6上互相之间的路由变成了O,既认为是在一个区域内。接下来为了让R1和R6之间互通,需要建立一条virtual-link在area0和superbackbone之间也就是在R2和R3之间。路由如下:R1#sh ip rpou*Mar 1 03:43:13.995: %SYS-5-CONFIG_I: Configuredfrom console by consoleR1#sh … 继续阅读
VPN与OSPF的实验” TITLE=”MPLS VPN与OSPF的实验” /> 拓扑如上图: 这个拓扑是MPLS VPN将一个非area 0的区域分隔开,AS内部只在R3和R5上面跑MP-BGP,R4上面不运行BGP,AS内部接口全部运行MPLS,以此达到不需要BGP全互联的目的,原因在下一篇博客讲解。在R3和R5上启用MP-BGP和 vrf a 标签设置为1:1,在R3和R5上进行BGP和OSPF的双向重发布,这时候发现,R6上有R2的路由,但是显示的为OIA外部路由,为了将分离的area1真正变成一个区域,进行如下操作:在R3和R5之间建立一条sham-link。sham-link的建立规则:1,建立环回口,并划分到相应的vrf 中去2,将环回口发布到MP-BGP中,使下一跳可达,环回口必须是32位的 router bgp 2 address-family ipv4 vrf a network33.33.33.33 mask 255.255.255.255 注意这里不能用IGP路由使下一跳可达,否则sham-link建立不起来,只能靠MP-BGP达到下一跳可达3,建立虚连接 router ospf 1 vrf a area 1 sham-link33.33.33.33(自己的环回口地址)55.55.55.55(对端环回口地址)建立好以后发现R2和R6上互相之间的路由变成了O,既认为是在一个区域内。接下来为了让R1和R6之间互通,需要建立一条virtual-link在area0和superbackbone之间也就是在R2和R3之间。路由如下:R1#sh ip rpou*Mar 1 03:43:13.995: %SYS-5-CONFIG_I: Configuredfrom console by consoleR1#sh ip routeCodes: C – connected, S – static, R – RIP, M – mobile, B -BGP D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF interarea N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type2 E1 – OSPF external type 1, E2 – OSPF external type 2 i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-ISlevel-2 ia – IS-IS inter area, * – candidate default, U – per-user staticroute o – ODR, P – periodic downloaded static routeGateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnetsC 1.1.1.1 is directly connected, Loopback0 2.0.0.0/32 is subnetted, 1 subnetsO IA 2.2.2.2[110/11] via 12.1.1.2, 02:45:30, FastEthernet0/0 33.0.0.0/32 is subnetted, 1 subnetsO E2 33.33.33.33 [110/1] via 12.1.1.2, 01:44:01, FastEthernet0/0 55.0.0.0/32 is subnetted, 1 subnetsO E2 55.55.55.55 [110/1] via 12.1.1.2, 01:44:01, FastEthernet0/0 6.0.0.0/32 is subnetted, 1 subnetsO IA 6.6.6.6[110/32] via 12.1.1.2, 01:44:06, FastEthernet0/0 23.0.0.0/24 is subnetted, 1 subnetsO IA 23.1.1.0[110/20] via 12.1.1.2, 02:44:02, FastEthernet0/0 56.0.0.0/24 is subnetted, 1 subnetsO IA 56.1.1.0[110/31] via 12.1.1.2, 01:44:07, FastEthernet0/0 12.0.0.0/24 is subnetted, 1 subnetsC 12.1.1.0 is directly connected, FastEthernet0/0 R2#sh ip routeCodes: C – connected, S – static, R – RIP, M – mobile, B -BGP D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF interarea N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type2 E1 – OSPF external type 1, E2 – OSPF external type 2 i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-ISlevel-2 ia – IS-IS inter area, * – candidate default, U – per-user staticroute o – ODR, P – periodic downloaded static routeGateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnetsO 1.1.1.1 [110/11] via 12.1.1.1, 02:45:43, FastEthernet0/0 2.0.0.0/32 is subnetted, 1 subnetsC 2.2.2.2 is directly connected, Loopback0 33.0.0.0/32 is subnetted, 1 subnetsO E2 33.33.33.33 [110/1] via 23.1.1.3, 01:44:29, FastEthernet0/1 55.0.0.0/32 is subnetted, 1 subnetsO E2 55.55.55.55 [110/1] via 23.1.1.3, 01:44:29, FastEthernet0/1 6.0.0.0/32 is subnetted, 1 subnetsO 6.6.6.6 [110/22] via 23.1.1.3, 01:44:29, FastEthernet0/1 23.0.0.0/24 is subnetted, 1 subnetsC 23.1.1.0 is directly connected, FastEthernet0/1 56.0.0.0/24 is subnetted, 1 subnetsO 56.1.1.0 [110/21] via 23.1.1.3, 01:44:30, FastEthernet0/1 12.0.0.0/24 is subnetted, 1 subnetsC 12.1.1.0 is directly connected, FastEthernet0/0 R6#sh ip routeCodes: C – connected, S – static, R – RIP, M – mobile, B -BGP D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF interarea N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type2 E1 – OSPF external type 1, E2 – OSPF external type 2 i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-ISlevel-2 ia – IS-IS inter area, * – candidate default, U – per-user staticroute o – ODR, P – periodic downloaded static routeGateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnetsO IA 1.1.1.1[110/32] via 56.1.1.5, 01:45:08, FastEthernet0/0 2.0.0.0/32 is subnetted, 1 subnetsO 2.2.2.2 [110/22] via 56.1.1.5, 01:45:08, FastEthernet0/0 33.0.0.0/32 is subnetted, 1 subnetsO E2 33.33.33.33 [110/1] via 56.1.1.5, 01:45:08, FastEthernet0/0 55.0.0.0/32 is subnetted, 1 subnetsO E2 55.55.55.55 [110/1] via 56.1.1.5, 01:45:08, FastEthernet0/0 6.0.0.0/32 is subnetted, 1 subnetsC 6.6.6.6 is directly connected, Loopback0 23.0.0.0/24 is subnetted, 1 subnetsO 23.1.1.0 [110/21] via 56.1.1.5, 01:45:08, FastEthernet0/0 56.0.0.0/24 is subnetted, 1 subnetsC 56.1.1.0 is directly connected, FastEthernet0/0 12.0.0.0/24 is subnetted, 1 subnetsO IA 12.1.1.0[110/31] via 56.1.1.5, 01:45:08, FastEthernet0/0 最终配置如下: R1#sh runBuilding configuration…Current configuration : 850 bytes!version 12.4service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R1!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size iomem 5ip cef!!!!no ip domain lookup!! !!!!!!!!!!!!!!!!!interface Loopback0 ip address 1.1.1.1 255.255.255.255!interface FastEthernet0/0 ip address 12.1.1.1 255.255.255.0 duplex auto speed auto!interface FastEthernet0/1 no ip address shutdown duplex auto speed auto!router ospf 1 log-adjacency-changes network 1.1.1.1 0.0.0.0 area 0 network 12.1.1.1 0.0.0.0 area 0!ip forward-protocol nd!!no ip http serverno ip http secure-server!!!control-plane! !!!mgcp behavior g729-variants static-pt!!!!!line con 0 exec-timeout 0 0 logging synchronousline aux 0line vty 0 4 login!!end R2#sh runBuilding configuration…Current configuration : 923 bytes!version 12.4service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R2!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size iomem 5ip cef!!!!no ip domain lookup!! !!!!!!!!!!!!!!!!!interface Loopback0 ip address 2.2.2.2 255.255.255.255!interface FastEthernet0/0 ip address 12.1.1.2 255.255.255.0 duplex auto speed auto!interface FastEthernet0/1 ip address 23.1.1.2 255.255.255.0 duplex auto speed auto!router ospf 1 log-adjacency-changes area 1 virtual-link 23.1.1.3 network 2.2.2.2 0.0.0.0 area 1 network 12.1.1.2 0.0.0.0 area 0 network 23.1.1.2 0.0.0.0 area 1!ip forward-protocol nd!!no ip http serverno ip http secure-server!!!control-plane!!!!mgcp behavior g729-variants static-pt!!!!!line con 0 exec-timeout 0 0 logging synchronousline aux 0line vty 0 4 login!!end R3#sh runBuilding configuration…Current configuration : 1619 bytes!version 12.4service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R3!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size iomem 5ip cef!!!!ip vrf a rd 1:1 route-target export 1:1 route-target import 1:1!no ip domain lookup!!!!!!!!!!!!!!!!!!!interface Loopback0 ip address 3.3.3.3 255.255.255.255!interface Loopback1 ip vrf forwarding a ip address 33.33.33.33 255.255.255.255!interface FastEthernet0/0 ip address 34.1.1.3 255.255.255.0 duplex auto speed auto mpls ip!interface FastEthernet0/1 ip vrf forwarding a ip address 23.1.1.3 255.255.255.0 duplex auto speed auto!router eigrp 1 network 3.0.0.0 network 34.0.0.0 no auto-summary! router ospf 1 vrf a log-adjacency-changes area 1 virtual-link 2.2.2.2 area 1 sham-link 33.33.33.33 55.55.55.55 redistribute bgp 2 subnets network 23.1.1.3 0.0.0.0 area 1!router bgp 2 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 5.5.5.5 remote-as 2 neighbor 5.5.5.5 update-source Loopback0 ! address-family vpnv4 neighbor 5.5.5.5 activate neighbor 5.5.5.5 send-community extended neighbor 5.5.5.5 next-hop-self exit-address-family ! address-family ipv4 vrf a redistribute ospf 1 vrf a no synchronization network 33.33.33.33 mask 255.255.255.255 exit-address-family!ip forward-protocol nd!!no ip http serverno ip http secure-server!!!control-plane!!!!mgcp behavior g729-variants static-pt!!!!!line con 0 exec-timeout 0 0 logging synchronousline aux 0line vty 0 4 login!!end R4#sh runBuilding configuration…Current configuration : 861 bytes!version 12.4service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R4!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size iomem 5ip cef!!!!no ip domain lookup!! !!!!!!!!!!!!!!!!!interface Loopback0 ip address 4.4.4.4 255.255.255.255!interface FastEthernet0/0 ip address 34.1.1.4 255.255.255.0 duplex auto speed auto mpls ip!interface FastEthernet0/1 ip address 45.1.1.4 255.255.255.0 duplex auto speed auto mpls ip!router eigrp 1 network 4.0.0.0 network 34.0.0.0 network 45.0.0.0 no auto-summary!ip forward-protocol nd!!no ip http serverno ip http secure-server!!! control-plane!!!!mgcp behavior g729-variants static-pt!!!!!line con 0 exec-timeout 0 0 logging synchronousline aux 0line vty 0 4 login!!end R5#sh runBuilding configuration…Current configuration : 1622 bytes!version 12.4service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R5!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size iomem 5ip cef!!!!ip vrf a rd 1:1 route-target export 1:1 route-target import 1:1!no ip domain lookup!!!!!!!!!!!!!!!!!!!interface Loopback0 ip address 5.5.5.5 255.255.255.255!interface Loopback1 ip vrf forwarding a ip address 55.55.55.55 255.255.255.255!interface FastEthernet0/0 ip vrf forwarding a ip address 56.1.1.5 255.255.255.0 duplex auto speed auto!interface FastEthernet0/1 ip address 45.1.1.5 255.255.255.0 duplex auto speed auto mpls ip!router eigrp 1 network 5.0.0.0 network 45.0.0.0 no auto-summary! router ospf 1 vrf a log-adjacency-changes area 1 sham-link 55.55.55.55 33.33.33.33 redistribute bgp 2 subnets network 5.5.5.5 0.0.0.0 area 1 network 56.1.1.5 0.0.0.0 area 1!router bgp 2 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 3.3.3.3 remote-as 2 neighbor 3.3.3.3 update-source Loopback0 ! address-family vpnv4 neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-community extended neighbor 3.3.3.3 next-hop-self exit-address-family ! address-family ipv4 vrf a redistribute ospf 1 vrf a no synchronization network 55.55.55.55 mask 255.255.255.255 exit-address-family!ip forward-protocol nd!!no ip http serverno ip http secure-server!!!control-plane!!!!mgcp behavior g729-variants static-pt!!!!!line con 0 exec-timeout 0 0 logging synchronousline aux 0line vty 0 4 login!!end R6#sh runBuilding configuration…Current configuration : 850 bytes!version 12.4service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R6!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size iomem 5ip cef!!!!no ip domain lookup!! !!!!!!!!!!!!!!!!!interface Loopback0 ip address 6.6.6.6 255.255.255.255!interface FastEthernet0/0 ip address 56.1.1.6 255.255.255.0 duplex auto speed auto!interface FastEthernet0/1 no ip address shutdown duplex auto speed auto!router ospf 1 log-adjacency-changes network 6.6.6.6 0.0.0.0 area 1 network 56.1.1.6 0.0.0.0 area 1!ip forward-protocol nd!!no ip http serverno ip http secure-server!!!control-plane! !!!mgcp behavior g729-variants static-pt!!!!!line con 0 exec-timeout 0 0 logging synchronousline aux 0line vty 0 4 login!!end
No comments:
Post a Comment