MPLS VPN 实验

目录

MPLS VPN 实验 

拓扑图

实验目的

基础配置

R2

R3

R4

公网部分配置IGP（ospf）

R2

R3

R4

激活MPLS

R2

R3

R4

VRF创建

R2

R4

将接口画入VRF空间

R2

R4

配置接口IP地址

R2

R4

站点1基本配置

站点2基本配置

通过静态路由在CE和PE上配置

启动BGP

建立MP-BGP邻居

发布站点1信息

发布直连路由以及静态路由

测试​编辑

发布站点2的路由信息

发布路由（neetwork发布）

测试

 连通性测试

---

MPLS VPN 实验 

拓扑图

实验目的

        站点1与站点2需要通过MPLS VPN搭建到一起         

R2、R4--- PE

R3 --- P

R1、R5 --- CE

基础配置

R2

[R2]display ip interface brief 
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 3
The number of interface that is DOWN in Protocol is 2
 
Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              unassigned           up         down      
GigabitEthernet0/0/1              23.0.0.1/24          up         up        
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         2.2.2.2/24           up         up(s)     
NULL0                             unassigned           up         up(s)     
[R2]

R3

[R3]display ip interface brief 
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 4
The number of interface that is DOWN in Protocol is 1
 
Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              23.0.0.2/24          up         up        
GigabitEthernet0/0/1              24.0.0.1/24          up         up        
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         3.3.3.3/24           up         up(s)     
NULL0                             unassigned           up         up(s)     
[R3]

R4

[R4]display ip interface brief 
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 4
The number of interface that is DOWN in Physical is 1
The number of interface that is UP in Protocol is 3
The number of interface that is DOWN in Protocol is 2
 
Interface                         IP Address/Mask      Physical   Protocol  
GigabitEthernet0/0/0              34.0.0.2/24          up         up        
GigabitEthernet0/0/1              unassigned           up         down      
GigabitEthernet0/0/2              unassigned           down       down      
LoopBack0                         4.4.4.4/24           up         up(s)     
NULL0                             unassigned           up         up(s)     
[R4]

公网部分配置IGP（ospf）

R2

[R2]ospf router-id 2.2.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 23.0.0.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 2.2.2.2 0.0.0.0

R3

[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 23.0.0.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 34.0.0.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 3.3.3.3 0.0.0.0

R4

[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 34.0.0.0 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 4.4.4.4 0.0.0.0

激活MPLS

R2

[R2]mpls lsr-id 2.2.2.2
[R2]mpls 
Info: Mpls starting, please wait... OK!
[R2-mpls]mpls ld
[R2-mpls-ldp]  int g 0/0/01
[R2-GigabitEthernet0/0/1]mpls 
[R2-GigabitEthernet0/0/1]mpls ld

R3

[R3]mpls lsr-id 3.3.3.3
[R3]mpls 
Info: Mpls starting, please wait... OK!
[R3-mpls]mpls ldp
[R3-mpls-ldp]int g 0/0/0
[R3-GigabitEthernet0/0/0]mpls 
[R3-GigabitEthernet0/0/0]mpls ldp
[R3-GigabitEthernet0/0/0]int g 0/0/1	
[R3-GigabitEthernet0/0/1]mpls 
[R3-GigabitEthernet0/0/1]mpls ldp 
[R3-GigabitEthernet0/0/1]

R4

[R4]mpls lsr-id 4.4.4.4
[R4]mpls 
Info: Mpls starting, please wait... OK!
[R4-mpls]mpls ldp
[R4-mpls-ldp]int g 0/0/0	
[R4-GigabitEthernet0/0/0]mpls 	
[R4-GigabitEthernet0/0/0]mpls ldp 
[R4-GigabitEthernet0/0/0]

VRF创建

R2

[R2]ip vpn-instance a --- VRF空间命名时大小写敏感
[R2-vpn-instance-a]
[R2-vpn-instance-a]route-distinguisher 100:1 --- 配置RD值
[R2-vpn-instance-a-af-ipv4]
[R2-vpn-instance-a-af-ipv4]vpn-target 100:1 export-extcommunity --- 配置出站RT
 EVT Assignment result: 
Info: VPN-Target assignment is successful.
[R2-vpn-instance-a-af-ipv4]vpn-target 100:2 import-extcommunity --- 配置入站RT
 IVT Assignment result: 
Info: VPN-Target assignment is successful.

R4

[R4]ip vpn-instance b
[R4-vpn-instance-b]
Apr 19 2023 11:44:15-08:00 R4 %%01LDP/4/SSNHOLDTMREXP(l)[1]:Sessions were delete
d because the session hold timer expired and the notification of the expiry was 
sent to the peer 3.3.3.3. 
[R4-vpn-instance-b]route-distinguisher 200:1	
[R4-vpn-instance-b-af-ipv4]vpn-target 100:2 export-extcommunity 
 EVT Assignment result: 
Info: VPN-Target assignment is successful.
[R4-vpn-instance-b-af-ipv4]vpn-target 100:1 import-extcommunity 
 IVT Assignment result: 
Info: VPN-Target assignment is successful.
[R4-vpn-instance-b-af-ipv4]

将接口画入VRF空间

R2

[R2-GigabitEthernet0/0/0]ip binding vpn-instance a
Info: All IPv4 related configurations on this interface are removed!
Info: All IPv6 related configurations on this interface are removed!
[R2-GigabitEthernet0/0/0]

R4

[R4-GigabitEthernet0/0/1]ip binding vpn-instance b
Apr 19 2023 11:46:19-08:00 R4 %%01IFNET/4/LINK_STATE(l)[5]:The line protocol IP 
on the interface GigabitEthernet0/0/1 has entered the DOWN state. 
Info: All IPv4 related configurations on this interface are removed!
Info: All IPv6 related configurations on this interface are removed!
[R4-GigabitEthernet0/0/1]

注意：

        画入后会清除之前配置的所有IPV4、IPV6

配置接口IP地址

R2

[R2-GigabitEthernet0/0/0]ip address 192.168.2.2 24

R4

[R4]int g 0/0/1
[R4-GigabitEthernet0/0/1]ip address 192.168.3.1 24

站点1基本配置

[R1]int g 0/0/0
[R1-GigabitEthernet0/0/0]ip ad	
[R1-GigabitEthernet0/0/0]ip address 192.168.2.1 24
[R1]int l 0
[R1-LoopBack0]ip address 192.168.1.1 24

站点2基本配置

[R5]int g 0/0/0
[R5-GigabitEthernet0/0/0]ip address 192.168.3.2 24
[R5-LoopBack0]ip address 192.168.4.1 24

通过静态路由在CE和PE上配置

[R1]ip route-static 192.168.3.0 24 192.168.2.2
[R1]ip route-static 192.168.4.0 24 192.168.2.2
 
[R2]ip route-static vpn-instance a 192.168.1.0 24 192.168.2.1
 
[R5]ip route-static 192.168.2.0 24 192.168.3.1
[R5]ip route-static 192.168.1.0 24 192.168.3.1
 
[R4]ip route-static vpn-instance b 192.168.4.0 24 192.168.3.2

启动BGP

        使用IBGP即可

[R2]bgp 1
[R2-bgp]router-id 2.2.2.2
[R2-bgp]peer 4.4.4.4 as 1
[R2-bgp]peer 4.4.4.4 connect-interface LoopBack 0
 
[R4]bgp 1
[R4-bgp]router-id 4.4.4.4
[R4-bgp]peer 2.2.2.2 as 1
[R4-bgp]peer 2.2.2.2 connect-interface LoopBack 0

建立MP-BGP邻居

        在BGPV4邻居关系建立好之后进入到VPNV4

[R2-bgp]ipv4-family vpnv4
[R2-bgp-af-vpnv4]
[R2-bgp-af-vpnv4]peer 4.4.4.4 enable --- 因为PE设备之间需要传递VPNV4路由 ，所以，在普通的BGPV4邻居关系建立的基础上，需要在VPNV4地址族中激活邻居关系
 
[R4-bgp]ipv4-family vpnv4
[R4-bgp-af-vpnv4]peer 2.2.2.2 enable

发布站点1信息

[R2-bgp]ipv4-family vpn-instance a --- 在VRF空间中发布路由信息

发布直连路由以及静态路由

[R2-bgp-a]import-route direct 
[R2-bgp-a]import-route static

测试

发布站点2的路由信息

[R4-bgp]ipv4-family vpn-instance b

发布路由（neetwork发布）

[R4-bgp-b]network 192.168.3.0 24
[R4-bgp-b]network 192.168.4.0 24

测试

 连通性测试