Spring中的aware接口详情
318
2022-09-24
MPLS-MCE
MPLS-MCE
配置MCE示例组网需求:某公司需要通过MPLS ×××实现总部和分支间的互通,同时需要隔离两种不同的业务。为节省开支,希望分支通过一台CE设备接入PE。如图1所示,按如下组网:CE1、CE2连接企业总部,CE1属于vpna,CE2属于vpnb MCE连接企业分支,通过CE3和CE4分别连接vpna和vpnb要求属于相同×××的用户之间能互相访问,但不同×××的用户之间不能互相访问,从而实现不同业务间隔离。图1 配置Muti-×××-Instance CE组网图
配置思路本例配置主要思路是:1.PE与PE间配置OSPF协议,实现PE之间的互通;配置MP-IBGP交换×××路由信息。 2.PE上配置MPLS基本能力和MPLS LDP,建立LDP LSP。 3.PE和MCE上创建不同的×××实例(vpna和vpnb),实现不同×××间的业务隔离。 4.PE1与相连的CE之间建立EBGP对等体,引入×××路由表中。 5.MCE与Site、MCE与PE2之间配置路由,引入×××路由信息。操作步骤:1.在骨干网的PE上配置OSPF协议,实现PE之间的互通
配置PE1。
Routing Tables: PublicDestinations : 9 Routes : 9Destination/Mask Proto Pre Cost Flags NextHop Interface1.1.1.9/32 OSPF 10 1 D 172.1.1.1 GigabitEthernet1/0/02.2.2.9/32 Direct 0 0 D 127.0.0.1 LoopBack1127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0172.1.1.0/24 Direct 0 0 D 172.1.1.2 GigabitEthernet1/0/0172.1.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0172.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack02.在骨干网的PE上配置MPLS基本能力和MPLS LDP,PE之间建立LDP LSP
配置PE1。
[PE1] mpls lsr-id 1.1.1.9[PE1] mpls[PE1-mpls] quit[PE1] mpls ldp[PE1-mpls-ldp] quit[PE1] interface gigabitethernet 3/0/0[PE1-GigabitEthernet3/0/0] mpls[PE1-GigabitEthernet3/0/0] mpls ldp[PE1-GigabitEthernet3/0/0] quitPE2的配置过程与PE1类似,不再赘述(略)。完成此步配置后,在PE上执行命令display mpls ldp session,应能看见PE之间的MPLS LDP会话状态为“Operational”。以PE2为例:[PE2] display mpls ldp sessionLDP Session(s) in Public NetworkCodes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)A '*' before a session means the session is being deleted.
PeerID Status LAM SsnRole SsnAge KASent/Rcv
1.1.1.9:0 Operational DU Active 0000:00:04 17/17
TOTAL: 1 session(s) Found.3.在PE设备上配置×××实例,将CE1、CE2接入PE1,将MCE接入PE2
配置PE1。
[PE1] ip vpn-instance vpna[PE1-vpn-instance-vpna] ipv4-family[PE1-vpn-instance-vpna-af-ipv4] route-distinguisher 100:1[PE1-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both[PE1-vpn-instance-vpna-af-ipv4] quit[PE1-vpn-instance-vpna] quit[PE1] ip vpn-instance vpnb[PE1-vpn-instance-vpnb] ipv4-family[PE1-vpn-instance-vpnb-af-ipv4] route-distinguisher 100:2[PE1-vpn-instance-vpnb-af-ipv4] vpn-target 222:2 both[PE1-vpn-instance-vpnb-af-ipv4] quit[PE1-vpn-instance-vpnb] quit[PE1] interface gigabitethernet 1/0/0[PE1-GigabitEthernet1/0/0] ip binding vpn-instance vpna[PE1-GigabitEthernet1/0/0] ip address 10.1.1.2 24[PE1-GigabitEthernet1/0/0] quit[PE1] interface gigabitethernet 2/0/0[PE1-GigabitEthernet2/0/0] ip binding vpn-instance vpnb[PE1-GigabitEthernet2/0/0] ip address 10.2.1.2 24[PE1-GigabitEthernet2/0/0] quit
配置PE2。
[PE2] ip vpn-instance vpna[PE2-vpn-instance-vpna] ipv4-family[PE2-vpn-instance-vpna-af-ipv4] route-distinguisher 200:1[PE2-vpn-instance-vpna-af-ipv4] vpn-target 111:1 both[PE2-vpn-instance-vpna-af-ipv4] quit[PE2-vpn-instance-vpna] quit[PE2] ip vpn-instance vpnb[PE2-vpn-instance-vpnb] ipv4-family[PE2-vpn-instance-vpnb-af-ipv4] route-distinguisher 200:2[PE2-vpn-instance-vpnb-af-ipv4] vpn-target 222:2 both[PE2-vpn-instance-vpnb-af-ipv4] quit[PE2-vpn-instance-vpnb] quit[PE2] interface gigabitethernet 2/0/0.1[PE2-GigabitEthernet2/0/0.1] dot1q termination vid 10[PE2-GigabitEthernet2/0/0.1] ip binding vpn-instance vpna[PE2-GigabitEthernet2/0/0.1] ip address 192.1.1.1 24[PE2-GigabitEthernet2/0/0.1] quit[PE2] interface gigabitethernet 2/0/0.2[PE2-GigabitEthernet2/0/0.2] dot1q termination vid 20[PE2-GigabitEthernet2/0/0.2] ip binding vpn-instance vpnb[PE2-GigabitEthernet2/0/0.2] ip address 192.2.1.1 24[PE2-GigabitEthernet2/0/0.2] quit
4.在MCE设备上配置×××实例,将CE3、CE4及PE2接入MCE
配置CE1。
[PE1] display bgp vpnv4 all peerBGP local router ID : 1.1.1.9Local AS number : 100Total number of peers : 3 Peers in established state : 3Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv2.2.2.9 4 100 288 287 0 01:19:16 Established 4Peer of IPv4-family for vpn instance :×××-Instance vpna, router ID 1.1.1.9:10.1.1.1 4 65410 9 11 0 00:04:14 Established 4×××-Instance vpnb, router ID 1.1.1.9:10.2.1.1 4 65420 9 12 0 00:04:09 Established 3
在PE2和MCE之间配置OSPF多实例 配置PE2。 [PE2] ospf 100 vpn-instance vpna[PE2-ospf-100] area 0[PE2-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255[PE2-ospf-100-area-0.0.0.0] quit[PE2-ospf-100] import-route bgp[PE2-ospf-100] quit[PE2] ospf 200 vpn-instance vpnb[PE2-ospf-200] area 0[PE2-ospf-200-area-0.0.0.0] network 192.2.1.0 0.0.0.255[PE2-ospf-200-area-0.0.0.0] quit[PE2-ospf-200] import-route bgp[PE2-ospf-200] quit[PE2] bgp 100[PE2-bgp] ipv4-family vpn-instance vpna[PE2-bgp-vpna] import-route ospf 100[PE2-bgp-vpna] quit[PE2-bgp] ipv4-family vpn-instance vpnb[PE2-bgp-vpnb] import-route ospf 200[PE2-bgp-vpnb] quit[PE2-bgp] quit 配置MCE。 [MCE] ospf 100 vpn-instance vpna[MCE-ospf-100] area 0[MCE-ospf-100-area-0.0.0.0] network 192.1.1.0 0.0.0.255[MCE-ospf-100-area-0.0.0.0] quit[MCE-ospf-100] quit[MCE] ospf 200 vpn-instance vpnb[MCE-ospf-200] area 0[MCE-ospf-200-area-0.0.0.0] network 192.2.1.0 0.0.0.255[MCE-ospf-200-area-0.0.0.0] quit[MCE-ospf-200] quit7.在MCE和CE3、CE4之间配置RIP-2 配置MCE。 [MCE] rip 100 vpn-instance vpna[MCE-rip-100] version 2[MCE-rip-100] network 10.0.0.0[MCE-rip-100] import-route ospf 100[MCE-rip-100] quit[MCE] rip 200 vpn-instance vpnb[MCE-rip-200] version 2[MCE-rip-200] network 10.0.0.0[MCE-rip-200] import-route ospf 200[MCE-rip-200] quit
配置CE3。
配置CE4。
8.在MCE上配置不进行环路检查,并引入RIP路由 [MCE] ospf 100 vpn-instance vpna[MCE-ospf-100] vpn-instance-capability simple[MCE-ospf-100] import-route rip 100[MCE-ospf-100] quit[MCE] ospf 200 vpn-instance vpnb[MCE-ospf-200] vpn-instance-capability simple[MCE-ospf-200] import-route rip 200[MCE-ospf-200] quit
9.检查配置结果 完成上述配置后,在MCE设备上执行命令display ip routing-table vpn-instance命令,可以看到去往对端CE的路由。以vpna为例:[MCE] display ip routing-table vpn-instance vpnaRoute Flags: R - relay, D - download to fib
Routing Tables: vpnaDestinations : 8 Routes : 8Destination/Mask Proto Pre Cost Flags NextHop Interface10.1.1.0/24 O_ASE 150 1 D 192.1.1.1 GigabitEthernet1/0/0.110.3.1.0/24 Direct 0 0 D 10.3.1.2 GigabitEthernet3/0/010.3.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet3/0/010.3.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet3/0/0192.1.1.0/24 Direct 0 0 D 192.1.1.2 GigabitEthernet1/0/0.1192.1.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0.1192.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/0.1255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0 在PE上执行display ip routing-table vpn-instance命令,可以看到去往对端CE的路由。以PE1上的vpna为例:[PE1] display ip routing-table vpn-instance vpnaRoute Flags: R - relay, D - download to fib
Routing Tables: vpnaDestinations : 6 Routes : 6Destination/Mask Proto Pre Cost Flags NextHop Interface10.1.1.0/24 Direct 0 0 D 10.1.1.2 GigabitEthernet1/0/010.1.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/010.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet1/0/010.3.1.0/24 IBGP 255 2 RD 2.2.2.9 GigabitEthernet3/0/0192.1.1.0/24 IBGP 255 0 RD 2.2.2.9 GigabitEthernet3/0/0255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0 CE1、CE3之间可以互通,CE2、CE4之间可以互通。以CE1为例:[CE1] ping 10.3.1.1PING 10.3.1.1: 56 data bytes, press CTRL_C to breakReply from 10.3.1.1: bytes=56 Sequence=1 ttl=252 time=125 msReply from 10.3.1.1: bytes=56 Sequence=2 ttl=252 time=125 msReply from 10.3.1.1: bytes=56 Sequence=3 ttl=252 time=125 msReply from 10.3.1.1: bytes=56 Sequence=4 ttl=252 time=125 msReply from 10.3.1.1: bytes=56 Sequence=5 ttl=252 time=125 ms--- 10.3.1.1 ping statistics ---5 packet(s) transmitted5 packet(s) received0.00% packet lossround-trip min/avg/max = 125/125/125 msCE1不能与CE2和CE4互通,CE3也不能与CE2和CE4互通。以CE1上ping CE4的显示为例。[CE1] ping 10.4.1.1PING 10.4.1.1: 56 data bytes, press CTRL_C to breakRequest time outRequest time outRequest time outRequest time outRequest time out
--- 10.4.1.1 ping statistics ---5 packet(s) transmitted0 packet(s) received100.00% packet loss
版权声明:本文内容由网络用户投稿,版权归原作者所有,本站不拥有其著作权,亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容,请联系我们jiasou666@gmail.com 处理,核实后本网站将在24小时内删除侵权内容。
相关文章
发表评论
暂时没有评论,来抢沙发吧~