MPLS VPN 实验手册cisco.docx

1、MPLS VPN 实验手册ciscoMPLS VPN 实验一、拓朴图说明：1、设备接互联地址：如R1与R2间的互联地址为10.1.12.0/24；LOOKBACK接口地址为：1.1.1.1/32；2、CORE内运行OSPF（进行号100,area 0）,激活MPLS；3、PE上创建VRF（VPNA），PE与CE间通过OSPF互联（进程号：1）；4、R2与R4两台PE间建立MP-IBGP邻接关系，（BGP AS234）5、完成PE-CE间的路由重发布；二、配置信息：R1：（CE1）R1#show run!hostname R1!ip cef!interface Loopback0 ip addr

2、ess 1.1.1.1 255.255.255.255 ip ospf network point-to-point!interface FastEthernet0/0 ip address 10.1.12.1 255.255.255.0 duplex auto speed auto mpls ip!interface FastEthernet0/1 no ip address shutdown duplex auto speed auto!router ospf 1 router-id 1.1.1.1 log-adjacency-changes network 1.1.1.1 0.0.0.0

3、 area 0 network 10.1.12.1 0.0.0.0 area 0!endR1# R2：（PE1）R2#R2#show run!hostname R2!ip cef!ip vrf vpna rd 1:1 route-target export 234:2 route-target import 234:4!mpls label range 200 299mpls ldp router-id Loopback0!interface Loopback0 ip address 2.2.2.2 255.255.255.255!interface FastEthernet0/0 ip vr

4、f forwarding vpna ip address 10.1.12.2 255.255.255.0 duplex auto speed auto!interface FastEthernet0/1 ip address 10.1.23.2 255.255.255.0 duplex auto speed auto mpls ip!router ospf 1 vrf vpna log-adjacency-changes redistribute bgp 234 subnets network 10.1.12.2 0.0.0.0 area 0!router ospf 100 router-id

5、 2.2.2.2 log-adjacency-changes network 2.2.2.2 0.0.0.0 area 0 network 10.1.23.2 0.0.0.0 area 0!router bgp 234 bgp router-id 2.2.2.2 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 4.4.4.4 remote-as 234 neighbor 4.4.4.4 update-source Loopback0 ! address-family vpnv4 neighbor 4.4.4.4 act

6、ivate neighbor 4.4.4.4 send-community extended exit-address-family ! address-family ipv4 vrf vpna redistribute ospf 1 vrf vpna match internal external 1 external 2 no auto-summary no synchronization exit-address-family!end R2# R3：（P）R3#R3#show run!hostname R3!ip cef!mpls label range 300 399mpls ldp

7、router-id Loopback0!interface Loopback0 ip address 3.3.3.3 255.255.255.255!interface FastEthernet0/0 ip address 10.1.23.3 255.255.255.0 duplex auto speed auto mpls ip!interface FastEthernet0/1 ip address 10.1.34.3 255.255.255.0 duplex auto speed auto mpls ip!router ospf 100 router-id 3.3.3.3 log-adj

8、acency-changes network 3.3.3.3 0.0.0.0 area 0 network 10.1.23.3 0.0.0.0 area 0 network 10.1.34.3 0.0.0.0 area 0!endR3# R4：（PE2）R4#R4#show runBuilding configuration.!hostname R4!ip cef!ip vrf vpna rd 1:1 route-target export 234:4 route-target import 234:2!mpls label range 400 499mpls ldp router-id Lo

9、opback0!interface Loopback0 ip address 4.4.4.4 255.255.255.255!interface FastEthernet0/0 ip address 10.1.34.4 255.255.255.0 duplex auto speed auto mpls ip!interface FastEthernet0/1 ip vrf forwarding vpna ip address 10.1.45.4 255.255.255.0 duplex auto speed auto!router ospf 1 vrf vpna log-adjacency-c

10、hanges redistribute bgp 234 subnets network 10.1.45.4 0.0.0.0 area 0!router ospf 100 router-id 4.4.4.4 log-adjacency-changes network 4.4.4.4 0.0.0.0 area 0 network 10.1.34.4 0.0.0.0 area 0!router bgp 234 bgp router-id 4.4.4.4 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 2.2.2.2 remo

11、te-as 234 neighbor 2.2.2.2 update-source Loopback0 ! address-family vpnv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community extended exit-address-family ! address-family ipv4 vrf vpna redistribute ospf 1 vrf vpna match internal external 1 external 2 no auto-summary no synchronization exit-ad

12、dress-family!end R5：（CE2）R5#R5#show runBuilding configuration.!hostname R5!ip cef!interface Loopback0 ip address 5.5.5.5 255.255.255.0 ip ospf network point-to-point!interface FastEthernet0/0 ip address 10.1.45.5 255.255.255.0 duplex auto speed auto!interface FastEthernet0/1 no ip address shutdown d

13、uplex auto speed auto!router ospf 1 router-id 5.5.5.5 log-adjacency-changes network 5.5.5.5 0.0.0.0 area 0 network 10.1.45.5 0.0.0.0 area 0!endR5# 三、相关检查命令：1、R2#sh ip ospf neighbor /查PE的OSPF邻居R2#sh ip ospf neighbor /查PE的OSPF邻居Neighbor ID Pri State Dead Time Address Interface3.3.3.3 1 FULL/DR 00:00:3

14、0 10.1.23.3 FastEthernet0/11.1.1.1 1 FULL/BDR 00:00:30 10.1.12.1 FastEthernet0/02、R2#sh mpls ldp neighbor /查PE上的MPLS邻居信息R2#sh mpls ldp neighbor /查PE上的MPLS邻居信息 Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0 TCP connection: 3.3.3.3.19951 - 2.2.2.2.646 State: Oper; Msgs sent/rcvd: 11/11; Downstre

15、am Up time: 00:03:23 LDP discovery sources: FastEthernet0/1, Src IP addr: 10.1.23.3 Addresses bound to peer LDP Ident: 10.1.23.3 3.3.3.3 10.1.34.3 3、R2#sh mpls forwarding-table /查PE上的MPLS标签转发表R2#sh mpls forwarding-table /查PE上的MPLS标签转发表Local Outgoing Prefix Bytes tag Outgoing Next Hop tag tag or VC o

16、r Tunnel Id switched interface 200 Pop tag 10.1.34.0/24 0 Fa0/1 10.1.23.3 201 Pop tag 3.3.3.3/32 0 Fa0/1 10.1.23.3 202 300 4.4.4.4/32 0 Fa0/1 10.1.23.3 203 Untagged 1.1.1.1/32V 3138 Fa0/0 10.1.12.1 204 Aggregate 10.1.12.0/24V 0 R2#4、R2#sh ip bgp vpnv4 all summary /查PE上的VPNV4邻居信息R2#sh ip bgp vpnv4 al

17、l summary /查PE上的VPNV4邻居信息：BGP router identifier 2.2.2.2, local AS number 234BGP table version is 9, main routing table version 94 network entries using 548 bytes of memory4 path entries using 272 bytes of memory5/4 BGP path/bestpath attribute entries using 620 bytes of memory2 BGP extended community

18、 entries using 80 bytes of memory0 BGP route-map cache entries using 0 bytes of memory0 BGP filter-list cache entries using 0 bytes of memoryBGP using 1520 total bytes of memoryBGP activity 4/0 prefixes, 4/0 paths, scan interval 15 secsNeighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxR

19、cd4.4.4.4 4 234 19 19 9 0 0 00:12:01 25、R2#sh ip bgp vpnv4 all /查PE上的VPNV4路由信息，可判断路由重发布是否正确R2#sh ip bgp vpnv4 all /查PE上的VPNV4路由信息，可判断路由重发布是否正确BGP table version is 9, local router ID is 2.2.2.2Status codes: s suppressed, d damped, h history, * valid, best, i - internal, r RIB-failure, S StaleOrigin c

20、odes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight PathRoute Distinguisher: 1:1 (default for vrf vpna)* 1.1.1.1/32 10.1.12.1 2 32768 ?*i5.5.5.0/24 4.4.4.4 2 100 0 ?* 10.1.12.0/24 0.0.0.0 0 32768 ?*i10.1.45.0/24 4.4.4.4 0 100 0 ?6、R2#sh ip ro vrf vpna /查看VRF下的路由表信息R2#sh ip r

21、o vrf vpna /查看VRF下的路由表信息Routing Table: vpnaCodes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su -

22、 IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static routeGateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnetsO 1.1.1.1 110/2 via 10.1.12.1, 00:17:52, FastEthernet0/0 5.0

23、.0.0/24 is subnetted, 1 subnetsB 5.5.5.0 200/2 via 4.4.4.4, 00:17:02 10.0.0.0/24 is subnetted, 2 subnetsC 10.1.12.0 is directly connected, FastEthernet0/0B 10.1.45.0 200/0 via 4.4.4.4, 00:17:02R2#7、R2#sh ip cef /查看CEF表R2#sh ip cef /查看CEF表Prefix Next Hop Interface0.0.0.0/0 drop Null0 (default route h

24、andler entry)0.0.0.0/32 receive2.2.2.2/32 receive3.3.3.3/32 10.1.23.3 FastEthernet0/14.4.4.4/32 10.1.23.3 FastEthernet0/110.1.23.0/24 attached FastEthernet0/110.1.23.0/32 receive10.1.23.2/32 receive10.1.23.3/32 10.1.23.3 FastEthernet0/110.1.23.255/32 receive10.1.34.0/24 10.1.23.3 FastEthernet0/1224.

25、0.0.0/4 drop224.0.0.0/24 receive255.255.255.255/32 receiveR2#8、R1#ping 5.5.5.5 source 1.1.1.1 /在CE1上带源地址拼CE2R1#ping 5.5.5.5 source 1.1.1.1 /在CE1上带源地址拼CE2Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:Packet sent with a source address of 1.1.1.1 !9、R1#tr

26、aceroute 5.5.5.5 source 1.1.1.1 /在CE1上带源地址路由跟踪CE2R1#traceroute 5.5.5.5 source 1.1.1.1 /在CE1上带源地址路由跟踪CE2Type escape sequence to abort.Tracing the route to 5.5.5.5 1 10.1.12.2 128 msec 188 msec 196 msec 2 10.1.23.3 MPLS: Labels 300/403 Exp 0 664 msec 600 msec 616 msec 3 10.1.45.4 MPLS: Label 403 Exp 0

27、 372 msec 408 msec 560 msec 4 10.1.45.5 624 msec 764 msec 576 msecR1#10、R1#show ip ospf neighbor /查看CE1上的OSPF邻居表R1#show ip ospf neighbor /查看CE1上的OSPF邻居表Neighbor ID Pri State Dead Time Address Interface10.1.12.2 1 FULL/DR 00:00:38 10.1.12.2 FastEthernet0/0R1#11、R1#sh ip ro /查CEF上的路由表R1#sh ip ro /查CEF

28、上的路由表Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2

29、 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static routeGateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnetsC 1.1.1.1 is directly connected, Loopback0 5.0.0.0/24 is subnetted, 1 subnetsO IA 5.5.5.0 110/3 via 10.1.12.2, 00:02:00, FastEthernet0/0 10.0.0.0/24 is subnetted, 2 subnetsC 10.1.12.0 is directly connected, FastEthernet0/0O IA 10.1.45.0 110/2 via 10.1.12.2, 00:02:00, FastEthernet0/0R1#