BGP/MPLS VPN配置实验

鸿鹄 · 发表于 2010-10-11 17:54:32

为了进一步了解BGP/MPLS VPN，先搭建一个MPLS Lab。

实验步骤：

1、准备P-network

1.1配置接口和IGP

1.2定义VPN

1.3配置PE-PE的路由会话

1.4配置PE-CE的路由会话

2、配置CE路由器

1.1配置接口和IGP

router P
!
ip cef
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Serial1/0
ip unnumbered Loopback0
mpls ip
!
interface Serial1/1
ip unnumbered Loopback0
mpls
!
router ospf 1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
Router PEA
!
ip cef
!
interface Loopback0
ip address 1.1.1.2 255.255.255.255
!
interface Serial1/1
ip unnumbered Loopback0
mpls ip
!
router ospf 1
log-adjacency-changes
network 1.1.1.2 0.0.0.0 area 0
Router PEB
!
ip cef
!
interface Loopback0
ip address 1.1.1.3 255.255.255.255
!
interface Serial1/0
ip unnumbered Loopback0
mpls ip
!
router ospf 1
log-adjacency-changes
network 1.1.1.3 0.0.0.0 area 0

主要完成下列任务：

在全局模式打开赛虎CEF，CEF是运行MPLS所必须的；

配置相应的IP地址和完成IGP（OSPF）的配置；

在接口启用MPLS交换。

1.2在PE定义VPN

主要完成下列任务：

定义vrf，定义不同的vpn路由选择和转发实例；

用RD（Router Distinguisher）标识VPN，为用户VPN创建路由选择和转发表；

从或者向vpn扩展公用体导入导出路由选择信息；

把VRF和接口或子接口关联起来。

Router PEA
!
ip vrf vpn-a
rd 65001:1
route-target export 65001:1
route-target import 65001:1
!
ip vrf vpn-b
rd 65001:2
route-target export 65001:2
route-target import 65001:2
interface Serial1/0
ip vrf forwarding vpn-a
ip address 172.16.3.1 255.255.255.0
!
interface Serial1/2
ip vrf forwarding vpn-b
ip address 172.16.5.1 255.255.255.252
Router PEB
!
ip vrf vpn-a
rd 65001:1
route-target export 65001:1
route-target import 65001:1
!
ip vrf vpn-b
rd 65001:2
route-target export 65001:2
route-target import 65001:2
!
interface Serial1/1
ip vrf forwarding vpn-a
ip address 172.16.4.1 255.255.255.0
!
interface Serial1/2
ip vrf forwarding vpn-b
ip address 172.16.5.5 255.255.255.252
! 1.3配置PE-PE的路由会话

配置PE-PE的路由主要完成下列任务：

启用BGP；

关闭ipv4单播前缀的通告；

配置PE的邻居PE；

激活IPv4到邻居的通告。

Router PEA
!
router bgp 4837
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 1.1.1.3 remote-as 4837
neighbor 1.1.1.3 update-source Loopback0
!
address-family vpnv4
neighbor 1.1.1.3 activate
neighbor 1.1.1.3 send-community extended
exit-address-family
!
Router PEB
!
router bgp 4837
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.2 remote-as 4837
neighbor 1.1.1.2 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 1.1.1.2 activate
neighbor 1.1.1.2 send-community extended
exit-address-family
!
1.4配置BGP4的PE-CE的路由选择会话
Router PEA
!
router bgp 4837
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 1.1.1.3 remote-as 4837
neighbor 1.1.1.3 update-source Loopback0
!
address-family vpnv4
neighbor 1.1.1.3 activate
neighbor 1.1.1.3 send-community extended
exit-address-family
!
address-family ipv4 vrf vpn-b
neighbor 172.16.5.2 remote-as 65003
neighbor 172.16.5.2 activate
no synchronization
network 172.16.5.0 mask 255.255.255.252
exit-address-family
!
address-family ipv4 vrf vpn-a
neighbor 172.16.3.2 remote-as 65001
neighbor 172.16.3.2 activate
no synchronization
network 172.16.3.0 mask 255.255.255.0
exit-address-family
Router PEB
router bgp 4837
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.2 remote-as 4837
neighbor 1.1.1.2 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 1.1.1.2 activate
neighbor 1.1.1.2 send-community extended
exit-address-family
!
address-family ipv4 vrf vpn-b
neighbor 172.16.5.6 remote-as 65004
neighbor 172.16.5.6 activate
no synchronization
network 172.16.5.4 mask 255.255.255.252
exit-address-family
!
address-family ipv4 vrf vpn-a
neighbor 172.16.4.2 remote-as 65002
neighbor 172.16.4.2 activate
no synchronization
network 172.16.4.0 mask 255.255.255.0
exit-address-family
!

zhenglong314 · 发表于 2012-5-7 09:48:44

zenglei0115 · 发表于 2012-6-19 20:08:52

谢谢分享谢谢楼主

Xiao_人物2010 · 发表于 2013-2-19 14:45:13

rui_411 · 发表于 2013-2-21 14:34:06

下来看一看

iry · 发表于 2013-5-22 14:46:12

humengzhe12 · 发表于 2013-9-14 00:30:32

有topo吗？、

ws854737990 · 发表于 2015-7-22 17:14:19

账号		自动登录	找回密码
密码			论坛注册

BGP/MPLS VPN配置实验

客服中心

投诉建议