MPLS ***數據詳細轉發流程示意圖:
配置思路:
在自治系統AS100中配置IGP,使得兩臺PE路由器的lo 0接口路由可達;
兩臺PE路由器路由可達後,在兩臺PE路由器之間建立MP-iBGP鄰居關係,用來傳輸***V4路由;
AS100中所有P路由器和PE路由器運行MPLS,並使用LDP來給非BGP路由分發標籤;
在PE路由器和CE路由器之間運行ospf路由協議,使得PE路由器的VRF路由表可以學習到CE路由器的路由;
將PE路由器VRF學習到的路由重分發進BGP,使得對端PE路由器可以通過MP-iBGP鄰居關係學習到***V4路由;
將BGP路由在PE路由器上充分發進ce端ospf,使得CE路由器可以學習到相互的私有路由
上述拓撲基本配置
R1配置:
ip cef
!
ip vrf cisco
rd100:1
route-target export 100:2
route-target import 100:2
!
mpls label range 100 199
mpls label protocol ldp
interface Loopback0
ipaddress 1.1.1.1 255.255.255.255
!
interface Ethernet0/0
ipvrf forwarding cisco
ipaddress 10.1.15.1 255.255.255.0
half-duplex
!
interface Ethernet0/1
ipaddress 10.1.12.1 255.255.255.0
half-duplex
mplslabel protocol ldp
mplsip
!
router ospf 1 vrf cisco
log-adjacency-changes
redistribute bgp 100 subnets
network 10.1.15.0 0.0.0.255 area 0
!
router ospf 100
router-id 1.1.1.1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 10.1.12.0 0.0.0.255 area 0
!
router bgp 100
bgprouter-id 1.1.1.1
bgplog-neighbor-changes
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
!
address-family ipv4
neighbor 4.4.4.4 activate
noauto-summary
nosynchronization
exit-address-family
!
address-family ***v4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
exit-address-family
!
address-family ipv4 vrf cisco
redistribute ospf 1 vrf cisco match internalexternal 1 external 2
nosynchronization
exit-address-family
!
no ip http server
!
mpls ldp router-id Loopback0
R2配置:
ip cef
!
mpls label range 200 299
mpls label protocol ldp
!
interface Loopback0
ipaddress 2.2.2.2 255.255.255.255
!
interface Ethernet0/0
ipaddress 10.1.23.2 255.255.255.0
half-duplex
mplslabel protocol ldp
mplsip
!
interface Ethernet0/1
ipaddress 10.1.12.2 255.255.255.0
half-duplex
mplslabel protocol ldp
mplsip
!
router ospf 100
router-id 2.2.2.2
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 10.1.12.0 0.0.0.255 area 0
network 10.1.23.0 0.0.0.255 area 0
!
no ip http server
!
mpls ldp router-id Loopback0
R3配置:
ip cef
!
mpls label range 300 399
mpls label protocol ldp
!
interface Loopback0
ipaddress 3.3.3.3 255.255.255.255
!
interface Ethernet0/0
ipaddress 10.1.23.3 255.255.255.0
half-duplex
mplslabel protocol ldp
mplsip
!
interface Ethernet0/1
ipaddress 10.1.34.3 255.255.255.0
half-duplex
mplslabel protocol ldp
mplsip
!
router ospf 100
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 10.1.23.0 0.0.0.255 area 0
network 10.1.34.0 0.0.0.255 area 0
!
no ip http server
!
mpls ldp router-id Loopback0
R4配置:
ip cef
!
ip vrf cisco
rd100:4
route-target export 100:2
route-target import 100:2
!
mpls label range 400 499
mpls label protocol ldp
!
interface Loopback0
ipaddress 4.4.4.4 255.255.255.255
!
interface Ethernet0/0
ipvrf forwarding cisco
ip address10.1.46.4 255.255.255.0
half-duplex
!
interface Ethernet0/1
ipaddress 10.1.34.4 255.255.255.0
half-duplex
mplslabel protocol ldp
mplsip
!
router ospf 1 vrf cisco
log-adjacency-changes
redistribute bgp 100 subnets
network 10.1.46.0 0.0.0.255 area 0
!
router ospf 100
router-id 4.4.4.4
log-adjacency-changes
network 4.4.4.4 0.0.0.0 area 0
network 10.1.34.0 0.0.0.255 area 0
!
router bgp 100
bgplog-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
!
address-family ipv4
neighbor 1.1.1.1 activate
noauto-summary
nosynchronization
exit-address-family
!
address-family ***v4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf cisco
redistribute ospf 1 vrf cisco match internalexternal 1 external 2
nosynchronization
exit-address-family
!
mpls ldp router-id Loopback0
R5配置:
ip cef
interface Loopback0
ipaddress 5.5.5.5 255.255.255.255
!
interface Ethernet0/0
ipaddress 10.1.15.5 255.255.255.0
half-duplex
!
router ospf 1
router-id 5.5.5.5
log-adjacency-changes
network 5.5.5.5 0.0.0.0 area 0
network 10.1.15.0 0.0.0.255 area 0
R6配置:
ip cef
interface Loopback0
ipaddress 6.6.6.6 255.255.255.255
!
interface Ethernet0/0
ipaddress 10.1.46.6 255.255.255.0
half-duplex
!
router ospf 1
router-id 6.6.6.6
log-adjacency-changes
network 6.6.6.6 0.0.0.0 area 0
network10.1.46.0 0.0.0.255 area 0
分析:
當R1和R4建立MP-iBG鄰居關係後,R1在將從VRF cisco中學習到的路由5.5.5.5/32發送給R4時將攜帶RD 100:1,並且分配標籤爲106,如下:
R1#show ip bgp ***v4 rd 100:1 labels
Network Next Hop In label/Out label
RouteDistinguisher: 100:1(cisco)
5.5.5.5/32 10.1.15.5 106/nolabel
R4#SHOw ip bgp ***v4 rd 100:1 labels
Network Next Hop In label/Out label
Route Distinguisher: 100:1
5.5.5.5/32 1.1.1.1 nolabel/106
注意:BGP只會爲每一個***V4前綴分配一個標籤,這個標籤用來說明報文的下一跳是誰,也就是說如果***V4在MP-BGP傳輸的過程中,如果***V4前綴的下一跳不發生變化,那麼途徑的BGP路由器將沒有權利修改標籤。
以下是MP-iBGP在***v4路由更新時的調試信息:
*Mar 1 00:06:27.167: ***:bgp_***v4_alloc_tag route_tag_change for cisco:5.5.5.5/255.255.255.255
*Mar 1 00:06:27.167: ***:tag_***_find_route_tags: 100:1:5.5.5.5
*Mar 1 00:06:27.171: ***:intag=106, outtag=unknown, outtag owner=BGP
*Mar 1 00:04:29.171: ***: bgp_***v4_bnetinit: 100:4:6.6.6.6/32
*Mar 1 00:04:29.175: BGP: Accepted path from 4.4.4.4
*Mar 1 00:04:42.131: ***:bgp_***v4_bnetinit: 100:1:6.6.6.6/32
*Mar 1 00:04:42.283: ***:tag_***_find_route_tags: 100:1:6.6.6.6
*Mar 1 00:04:42.287: ***:intag=***-route, outtag=405, outtag owner=BGP
可以看到R1學習到的100:4:6.6.6.6的outlable標籤爲405,是R4所分配
R1給前綴100:1:5.5.5.5,分配的in lable 標籤爲106
在R5上查看,可以看到R5已經學習到了6.6.6.6/32的路由信息,R6同理會學到5.5.5.5/32的路由
R5#show ip route
Codes: C - connected, S - static, R - RIP,M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
5.0.0.0/32 is subnetted, 1 subnets
C 5.5.5.5 is directly connected, Loopback0
6.0.0.0/32 is subnetted, 1 subnets
O IA 6.6.6.6 [110/21] via10.1.15.1, 00:13:02, Ethernet0/0
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.15.0 is directly connected, Ethernet0/0
O IA 10.1.46.0 [110/11] via 10.1.15.1, 00:13:02, Ethernet0/0
你會發現從MP-iBGP重分發進入的路由是域間路由標識IA,原因如下:
爲OSPF工作的BGP擴展屬性使得OSPF路由可以完全的在遠端PE路由器上重建,路由類型讓遠端PE路由器瞭解到什麼類型的路由在OSPF中通告。如果是類型1和2或者3的話,遠程PE路由器將會通告一條域間彙總路由到OSPF中。
在PE路由器R1上查看VRF路由表:
R1#show ip route vrf cisco
Routing Table: cisco
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
5.0.0.0/32 is subnetted, 1 subnets
O 5.5.5.5 [110/11] via 10.1.15.5, 00:55:43, Ethernet0/0
6.0.0.0/32 is subnetted, 1 subnets
B 6.6.6.6 [200/11] via 4.4.4.4, 00:57:23
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.15.0 is directly connected, Ethernet0/0
B 10.1.46.0 [200/0] via 4.4.4.4, 00:57:23
可以看到去往6.6.6.6/32的路由爲BGP路由,並且下一跳爲4.4.4.4
查看6.6.6.6的*** 標籤:
R1#show ip bgp ***v4 rd 100:4 LAbels
Network Next Hop In label/Out label
Route Distinguisher: 100:4
6.6.6.6/32 4.4.4.4 nolabel/405
可以看到6.6.6.6的*** outlable標籤爲405,當數據在進入VRF cisco後將添加底部標籤405
查看4.4.4.4的LDP標籤
R1#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
100 Pop tag 10.1.23.0/24 0 Et0/1 10.1.12.2
101 203 10.1.34.0/24 0 Et0/1 10.1.12.2
102 Pop tag 2.2.2.2/32 0 Et0/1 10.1.12.2
103 201 3.3.3.3/32 0 Et0/1 10.1.12.2
104 202 4.4.4.4/32 0 Et0/1 10.1.12.2
105 Aggregate 10.1.15.0/24[V] 0
106 Untagged 5.5.5.5/32[V] 570 Et0/0 10.1.15.5
在加入底部標籤405後將數據將會壓入遞歸查詢到的下一跳4.4.4.4的出站標籤202,
在P路由器R2上查看路由表:
R2#show ip route
Codes: C - connected, S - static, R - RIP,M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/11] via 10.1.12.1, 00:13:16, Ethernet0/1
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/11] via 10.1.23.3, 00:13:16, Ethernet0/0
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/21] via 10.1.23.3, 00:13:16, Ethernet0/0
10.0.0.0/24 is subnetted, 3 subnets
C 10.1.12.0 is directly connected, Ethernet0/1
C 10.1.23.0 is directly connected, Ethernet0/0
O 10.1.34.0 [110/20] via 10.1.23.3, 00:13:17, Ethernet0/0
可以看到R2上不存在5.5.5.5和6.6.6.6的路由信息,所以在AS100中用戶數據的轉發只能靠標籤轉發來完成,二不是IP路由轉發
查看R2的標籤轉發信息庫,如下:
R2#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
200 Pop tag 1.1.1.1/32 14931 Et0/1 10.1.12.1
201 Pop tag 3.3.3.3/32 0 Et0/0 10.1.23.3
202 302 4.4.4.4/32 19345 Et0/0 10.1.23.3
203 Pop tag 10.1.34.0/24 0 Et0/0 10.1.23.3
可以看到R2對於路由4.4.4.4的本地標籤爲202,遠程標籤爲302,在數據進入p路由器R2後,將完全按照標籤進行轉發,而不是路由轉發,從而實現通信。
Ping測試:
R5#ping 6.6.6.6 source 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 6.6.6.6,timeout is 2 seconds:
Packet sent with a source address of5.5.5.5
!!!!!
Success rate is 100 percent (5/5),round-trip min/avg/max = 56/91/112 ms
可以看到沒有問題,能夠通信