设为首页收藏本站language 语言切换
开启辅助访问 切换到宽版

鸿鹄论坛

 找回密码
 论坛注册

QQ登录

先注册再绑定QQ

鸿鹄论坛»鸿鹄论坛 ≡□≡思科认证≡□≡ CCIE学习资料 Inter-Provider MPLS Solutions 之option A
返回列表 发新帖
查看: 3476|回复: 2
收起左侧

[原创] Inter-Provider MPLS Solutions 之option A

[复制链接]
leilei_pc
发表于 2020-2-27 22:56:59 | 显示全部楼层 |阅读模式
OptionA又称作VRF-to-VRF方式,ASBR和ASBR通过背靠背的方式互连,ASBR同时也是各自所在AS的PE 。两个ASBR都把对端ASBR看作自己的CE设备,将会为每一个VPN创建VPN实例,通过划分子接口的方式,每个子接口分别绑定一个VPN 实例。因为OptionA的ASBR之间互为CE的关系,所以ASBR之间不需要任何标签(也可以理解为断裂的标签),不用运行LDP。ASBR之间可以运行多种路由协议,包括BGP , OSPF、静态等。目前,在实际网络中,使用静态路由配置居多。从转发层来看,针对某个VPN的数据包在ASBR之间是纯IP转发,不带任何标签,就像在CE和PE之间转发的一样。

QQ图片20200227224854.png

QQ图片20200227224950.png

QQ图片20200227225035.png

QQ图片20200227225125.png

QQ图片20200227225204.png

QQ图片20200227225259.png

优点:简单也是实用的,因为在ASBR之间不需要运行MPLS ,所以不要扩展协议和做特殊的配置,属于天然支持。在需要跨域的VPN数量比较少的情况下可以考虑使用。
缺点: ASBR需要为每个VPN 创建一个VPN实例,需要管理和维护所有VPN路由,如果VPN数量众多,将导致ASBR的VPNv4路由表空间过于庞大,资源开销大。如果跨多个域,配置的工作量很大,扩展性太差。


实验拓扑

QQ图片20200227225416.png

需求
1)网段以及IP地址如拓扑所示
2)运行各种协议如拓扑所示
3)实施VRF-to-VRF的VPN

VPN配置
*****************************Y-PE1*********************

hostname Y-PE1
!
mpls label range 100 199
mpls ldp router-id Loopback0 force
!
ip vrf Cust-A
rd 100:7
route-target export 100:100
route-target import 100:100
route-target import 100:200
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Ethernet0/0
ip address 10.1.12.1 255.255.255.0
mpls ip
!
interface Ethernet0/1
ip vrf forwarding Cust-A
ip address 202.100.1.1 255.255.255.0
!
router ospf 17 vrf Cust-A
router-id 11.11.11.11
redistribute bgp 100 subnets
network 202.100.1.0 0.0.0.255 area 0
!
router ospf 110
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 10.1.12.0 0.0.0.255 area 0
!
router bgp 100
bgp router-id 1.1.1.1
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
  neighbor 2.2.2.2 activate
  neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf Cust-A
  redistribute ospf 17 match internal external 1 external 2
exit-address-family
!

*****************************Y-RR1*********************

hostname Y-RR1
!
mpls label range 200 299
mpls ldp router-id Loopback0 force
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Ethernet0/0
ip address 10.1.12.2 255.255.255.0
mpls ip
!
interface Ethernet0/1
ip address 10.1.23.2 255.255.255.0
mpls ip
!
router ospf 110
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 10.1.12.0 0.0.0.255 area 0
network 10.1.23.0 0.0.0.255 area 0
!
router bgp 100
bgp router-id 2.2.2.2
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
  neighbor 1.1.1.1 activate
  neighbor 1.1.1.1 send-community extended
  neighbor 1.1.1.1 route-reflector-client
  neighbor 3.3.3.3 activate
  neighbor 3.3.3.3 send-community extended
  neighbor 3.3.3.3 route-reflector-client
exit-address-family
!

*****************************Y-ASBR1*********************

hostname Y-ASBR1
!
mpls label range 300 399
mpls ldp router-id Loopback0 force
!
ip vrf Yello-to-Blue
rd 100:100
route-target export 100:200
route-target import 200:100
route-target import 100:100
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface Ethernet0/0
ip vrf forwarding Yello-to-Blue
ip address 10.1.34.3 255.255.255.0
!
interface Ethernet0/1
ip address 10.1.23.3 255.255.255.0
mpls ip
!
router ospf 110
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 10.1.23.0 0.0.0.255 area 0
!
router bgp 100
bgp router-id 3.3.3.3
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
  neighbor 2.2.2.2 activate
  neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf Yello-to-Blue
  neighbor 10.1.34.4 remote-as 200
  neighbor 10.1.34.4 activate
exit-address-family
!

*****************************B-ASBR1*********************

hostname B-ASBR1
!
mpls label range 400 499
mpls ldp router-id Loopback0 force
!
ip vrf Blue-to-Yello
rd 200:200
route-target export 200:100
route-target import 100:200
route-target import 200:200
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface Ethernet0/0
ip vrf forwarding Blue-to-Yello
ip address 10.1.34.4 255.255.255.0
!
interface Ethernet0/1
ip address 10.1.45.4 255.255.255.0
mpls ip
!
router ospf 110
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 10.1.45.0 0.0.0.255 area 0
!
router bgp 200
bgp router-id 4.4.4.4
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 200
neighbor 5.5.5.5 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
  neighbor 5.5.5.5 activate
  neighbor 5.5.5.5 send-community extended
exit-address-family
!
address-family ipv4 vrf Blue-to-Yello
  neighbor 10.1.34.3 remote-as 100
  neighbor 10.1.34.3 activate
exit-address-family
!

*****************************B-PE1*********************

hostname B-PE1
!
mpls label range 500 599
mpls ldp router-id Loopback0 force
!
ip vrf Cust-A
rd 200:6
route-target export 200:200
route-target import 200:200
route-target import 200:100
!
interface Loopback0
ip address 5.5.5.5 255.255.255.255
!
interface Ethernet0/0
ip vrf forwarding Cust-A
ip address 61.128.1.5 255.255.255.0
!
interface Ethernet0/1
ip address 10.1.45.5 255.255.255.0
mpls ip
!
router ospf 110
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 10.1.45.0 0.0.0.255 area 0
!
router rip
!
address-family ipv4 vrf Cust-A
  redistribute bgp 200 metric transparent
  network 61.0.0.0
  no auto-summary
  version 2
exit-address-family
!
router bgp 200
bgp router-id 5.5.5.5
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 200
neighbor 4.4.4.4 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
  neighbor 4.4.4.4 activate
  neighbor 4.4.4.4 send-community extended
exit-address-family
!
address-family ipv4 vrf Cust-A
  redistribute rip
exit-address-family
!

*****************************CE1*********************

hostname CE1
!
interface Loopback0
ip address 7.7.7.7 255.255.255.255
!
interface Ethernet0/1
ip address 202.100.1.7 255.255.255.0
!
router ospf 17
router-id 7.7.7.7
network 7.7.7.7 0.0.0.0 area 0
network 202.100.1.0 0.0.0.255 area 0
!


*****************************CE2*********************

hostname CE2
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
!
interface Ethernet0/0
ip address 61.128.1.6 255.255.255.0
!
router rip
version 2
network 6.0.0.0
network 61.0.0.0
no auto-summary
!



QQ图片20200227225516.png

QQ图片20200227225559.png

QQ图片20200227225634.png


回复

使用道具 举报

zengjiawei
发表于 2020-2-28 10:02:35 | 显示全部楼层
这个属于 ISP 方向的内容吗?
沙发 2020-2-28 10:02:35 回复 收起回复
回复 支持 反对

使用道具 举报

leilei_pc
 楼主| 发表于 2020-2-28 20:22:19 | 显示全部楼层
zengjiawei 发表于 2020-2-28 10:02
这个属于 ISP 方向的内容吗?

是的
板凳 2020-2-28 20:22:19 回复 收起回复
回复 支持 反对

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 论坛注册

本版积分规则

QQ|Archiver|手机版|小黑屋|sitemap|鸿鹄论坛 ( 京ICP备14027439号 )  

GMT+8, 2025-4-27 14:57 , Processed in 0.127631 second(s), 26 queries , Redis On.  

  Powered by Discuz!

  © 2001-2025 HH010.COM

快速回复 返回顶部 返回列表