8 MP-BGP、VRF、PE-CE路由
8.1 MP-BGP
8.1.1 命令
R2-PE1#show ip bgp vpnv4 all summary
BGP router identifier 2.2.2.2, local AS number 234
BGP table version is 17, main routing table version 17
6 network entries using 840 bytes of memory
6 path entries using 408 bytes of memory
5/4 BGP path/bestpath attribute entries using 620 bytes of memory
1 BGP rrinfo entries using 24 bytes of memory
2 BGP extended community entries using 80 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 2) using 32 bytes of memory
BGP using 2004 total bytes of memory
BGP activity 10/4 prefixes, 10/4 paths, scan interval 15 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
3.3.3.3 4 234 24 25 17 0 0 00:13:09 2
查询VPNV4的BGP邻居
R2-PE1#show ip bgp vpnv4 all labels
Network Next Hop In label/Out label
Route Distinguisher: 234:2 (cisco)
1.1.1.1/32 10.1.12.1 203/nolabel
5.5.5.5/32 4.4.4.4 nolabel/403
10.1.12.0/24 0.0.0.0 204/aggregate(cisco)
10.1.45.0/24 4.4.4.4 nolabel/404
Route Distinguisher: 234:4
5.5.5.5/32 4.4.4.4 nolabel/403
10.1.45.0/24 4.4.4.4 nolabel/404
查看VPNV4相关路由的标签,有入栈和出栈。
R4是针对客户还是针对不同路由捆绑不同的标签?
R5-CE2(config)#interface loopback 1
R5-CE2(config-if)#ip address 55.55.55.55 255.255.255.255
R5-CE2(config-if)#no shutdown
R5-CE2(config)#router ospf 1
R5-CE2(config-router)#network 55.55.55.55 0.0.0.0 area 0
R5引入新的55.55。55.55路由
R2-PE1#show ip bgp vpnv4 all labels
Network Next Hop In label/Out label
Route Distinguisher: 234:2 (cisco)
1.1.1.1/32 10.1.12.1 203/nolabel
5.5.5.5/32 4.4.4.4 nolabel/403
10.1.12.0/24 0.0.0.0 204/aggregate(cisco)
10.1.45.0/24 4.4.4.4 nolabel/404
55.55.55.55/32 4.4.4.4 nolabel/405
Route Distinguisher: 234:4
5.5.5.5/32 4.4.4.4 nolabel/403
10.1.45.0/24 4.4.4.4 nolabel/404
55.55.55.55/32 4.4.4.4 nolabel/405
为55.55.55.55分配的是405,为5.5.5.5分配的是403,所以很明显默认行为是不同VPN客户路由捆绑不同标签。也可以改成按客户分配同一个标签。
8.1.2 标签
抓包R3的F0/1接口,
R4-PE2#clear ip bgp vpnv4 unicast 234 soft out
两条,分别为5.5.5.5、55.55.55.55和10.1.45.0两条
可以看到捆绑的标签前缀,RD等属性
还可以查看扩展属性,如RT。
8.1.3 RR
RR没有RT,不用过滤路由
冗余性双RR架构,互相分担部分反射,通过RT来分担
使用BGP RR-GROUT抓取扩展RT值,如抓取1:1,1:3和1:5
8.1.4 多路径
允许多条等价BGP路径装载进路由表,做路由等价
8.1.5 多RD
一般情况下,一个VPN客户,分配一个RD值,当有两个出口线路到PE,这时PE1和PE2都需要创建VRF,面对同一个客户,一般会设定相同的RD值。
当PE1和PE2都发给RR时,RR收到同一个VPNV4的两个不同路径,依据13条路径选路规则,最终只有一条路由优选给PE3。
隐患:PE1和RR出现故障,RR需要重写收敛,PE3也需要收敛,重写学路由,丢包。最好的办法是RR把两条路由都反射被PE3。
使用不同的RD,虽然面对同一个VPN客户,这样RR收到两条不同的VPNV4前缀,就都返给了PE3。
8.1.6 配置命令
指邻居,但是不想建IPV4连接
导入路由时,在BGP进程下的IPV4 VRF 名称下面导入
在有些场景下,可能希望放入全部路由
8.1.7 查看配置
8.2 VRF配置
基本配置流程:
严格来首,一个VRF对应一个客户;
RD值:一个客户分配一个RD值,不同客户RD值不同
RT值:进出栈值;
没分配的接口默认属于全局路由表
8.2.1 配置命令
大小写敏感
分配RD值,注意格式,必须唯一
注意导入和导出对端对应,一条路由可以携带多个RT值,但是只要有一个RT值匹配,就可以导入进VRF
还可以用route-target both命令,前提是导入和导出命令一样的情况下。
可以是物理接口,也可以是逻辑接口,还可以是子接口
8.2.2 查看命令
R2-PE1#show ip vrf
Name Default RD Interfaces
cisco 234:2 Fa0/0
可以看到创建的VRF,接口及RD值
R2-PE1#show ip vrf detail
VRF cisco; default RD 234:2; default VPNID <not set>
Interfaces:
Fa0/0
Connected addresses are not in global routing table
Export VPN route-target communities
RT:234:2
Import VPN route-target communities
RT:234:4
No import route-map
No export route-map
VRF label distribution protocol: not configured
VRF label allocation mode: per-prefix
查看更详细的信息,包括导入和导出值
R2-PE1#show ip vrf interfaces
Interface IP-Address VRF Protocol
Fa0/0 10.1.12.2 cisco up
R2-PE1#show ip route vrf cisco
Routing Table: cisco
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/2] via 10.1.12.1, 06:20:31, FastEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
B 55.55.55.55 [200/2] via 4.4.4.4, 00:54:26
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [200/2] via 4.4.4.4, 01:09:56
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
B 10.1.45.0 [200/0] via 4.4.4.4, 01:09:56
查看VRF路由表,需要指定哪一张VRF
R2-PE1#show ip cef vrf cisco
Prefix Next Hop Interface
0.0.0.0/0 drop Null0 (default route handler entry)
0.0.0.0/32 receive
1.1.1.1/32 10.1.12.1 FastEthernet0/0
5.5.5.5/32 10.1.23.3 FastEthernet0/1
10.1.12.0/24 attached FastEthernet0/0
10.1.12.0/32 receive
10.1.12.1/32 10.1.12.1 FastEthernet0/0
10.1.12.2/32 receive
10.1.12.255/32 receive
10.1.45.0/24 10.1.23.3 FastEthernet0/1
55.55.55.55/32 10.1.23.3 FastEthernet0/1
224.0.0.0/24 receive
255.255.255.255/32 receive
还可以查看CEF表
R2-PE1#show ip cef vrf cisco 5.5.5.5 detail
5.5.5.5/32, version 12, epoch 0, cached adjacency 10.1.23.3
0 packets, 0 bytes
tag information set
local tag: VPN-route-head
fast tag rewrite with Fa0/1, 10.1.23.3, tags imposed: {301 403}
via 4.4.4.4, 0 dependencies, recursive
next hop 10.1.23.3, FastEthernet0/1 via 4.4.4.4/32
valid cached adjacency
tag rewrite with Fa0/1, 10.1.23.3, tags imposed: {301 403}
如查看具体路由标签信息,压入两层标签{301 403}
R2-PE1#telnet 1.1.1.1
Trying 1.1.1.1 ...
% Destination unreachable; gateway or host down
直接TELENT,是在全局路由表
R2-PE1#telnet 1.1.1.1 /vrf cisco
Trying 1.1.1.1 ... Open
Password required, but none set
[Connection to 1.1.1.1 closed by foreign host]
需要加VRF
R2-PE1#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
直接PING,使用的是全局路由表,是PING不同的
R2-PE1#ping vrf cisco ip 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/28/44 ms
需要管理VRF进行PING
R2-PE1#traceroute 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 * * *
2 * * *
3 * * *
TRACER不通
R2-PE1#traceroute vrf cisco 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 10.1.12.1 20 msec 36 msec 28 msec
加上VRF就可以了
8.3 PE-CE路由
8.3.1 BGP
建立两个IPV4-EBGP邻居关系,建立两个VRF,分别放到两个VRF路由表;
两个PE间建立MP-iBGP邻居关系,将两个VRF中的BGP路由关联RD值,附带上RT值,变成VPNV4前缀,不用重发布,直接发给对端PE,
对端进行RT过滤后,放入远端对应VRF路由表,剥离后变成IPV4前缀。
由于PE-CE运行的是EBGP,直接可以把路由更新给CE。
8.3.2 非BGP:双向重发布
PE-CE间非BGP路由,如OSPF
通过IGP学到路由后,放到不同路由表中,这时VRF中放的是OSPF路由,是不能直接传递给对端的PE的(PE间是MP-BGP关系)。
想把OSPF路由通过MP-BGP传递给对端,则需要重发布,即把OSPF路由重发布进BGP中,才能被BGP运载到对方
对端收到路由后,是BGP路由,路由根据RT被放进不用的VRF中,这时还是BGP条目,再次重发布,将BGP路由重发布到OSPF中。
才能传递给CE
8.3.3 支持的路由协议
常用的是EBGP,OSPF和静态路由
接着上次的试验环境,PE-CE运行的是OSPF,PE间是MP-BGP,P为RR。
8.3.3.1 静态路由
客户端,建立一条默认路由即可。
PE1端也需要配置静态路由,注意静态路由需要管理VRF,且有多少条,就得配多少条静态路由,直接建会建在全局路由表中。
为了让对端知道,静态路由还需要重发布进BGP中。
此处只修改CE1和PE1为静态,PE2和CE2维持原OSPF不变。
8.3.3.1.1 路由配置
R1-CE1(config)#no router ospf 1关闭之前的OSPF
R2-PE1#show running-config | section router ospf 1
router ospf 1 vrf cisco
log-adjacency-changes
redistribute bgp 234 subnets
network 10.1.12.2 0.0.0.0 area 0
R2中关于PE1上OSPF1的配置
R2-PE1(config)#no router ospf 1 vrf ciscoR2也关闭对应VRF中的OSPF
R2-PE1#show ip route vrf cisco
Routing Table: cisco
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
55.0.0.0/32 is subnetted, 1 subnets
B 55.55.55.55 [200/2] via 4.4.4.4, 00:00:46
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [200/2] via 4.4.4.4, 00:00:46
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
B 10.1.45.0 [200/0] via 4.4.4.4, 00:00:46
这时VRF表中没有了CE1的1.1.1.1路由
RR2-PE1(config)#ip route vrf cisco 1.1.1.1 255.255.255.255 10.1.12.1
PE1上也需要有回程路由,针对每一条都需要设置,工作量会比较大。注意是写入VRF中,不是写入全局路由表中,
注意:关联出接口,当一个PE关联多个客户时,且对端都一样时,就没发区分了。
R2-PE1#show ip route vrf cisco
Routing Table: cisco
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
S 1.1.1.1 [1/0] via 10.1.12.1
55.0.0.0/32 is subnetted, 1 subnets
B 55.55.55.55 [200/2] via 4.4.4.4, 00:31:07
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [200/2] via 4.4.4.4, 00:31:07
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
B 10.1.45.0 [200/0] via 4.4.4.4, 00:31:07
这时在VRF路由表中就能看到了
R2-PE1#ping vrf cisco 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/31/44 ms
这时PE1的VRF就可以PING通1.1.1.1
8.3.3.1.2 重发布
R2-PE1(config)#router bgp 234
R2-PE1(config-router)#address-family ipv4 vrf cisco
R2-PE1(config-router-af)#redistribute static
为了让PE1和P2,能学到静态路由,需要将静态路由重发布进BGP中
R4-PE2#show ip route vrf cisco
Routing Table: cisco
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [200/0] via 2.2.2.2, 00:00:31
55.0.0.0/32 is subnetted, 1 subnets
O 55.55.55.55 [110/2] via 10.1.45.5, 00:44:45, FastEthernet0/1
5.0.0.0/32 is subnetted, 1 subnets
O 5.5.5.5 [110/2] via 10.1.45.5, 00:44:45, FastEthernet0/1
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.45.0 is directly connected, FastEthernet0/1
这时PE4上就有了CE1的路由了
R5-CE2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O E2 1.1.1.1 [110/1] via 10.1.45.4, 00:01:10, FastEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
C 55.55.55.55 is directly connected, Loopback1
5.0.0.0/32 is subnetted, 1 subnets
C 5.5.5.5 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.45.0 is directly connected, FastEthernet0/0
PE2路由也传给了CE2
8.3.3.1.3 测试
R5-CE2#ping 1.1.1.1 source 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 116/126/136 ms
可以PING通了
R5-CE2#traceroute 1.1.1.1 source 5.5.5.5
Type escape sequence to abort.
Tracing the route to 1.1.1.1
1 10.1.45.4 16 msec 28 msec 32 msec
2 10.1.34.3 [MPLS: Labels 300/203 Exp 0] 124 msec 136 msec 128 msec
3 10.1.12.2 [MPLS: Label 203 Exp 0] 96 msec 80 msec 108 msec
4 10.1.12.1 128 msec 128 msec 128 msec
8.3.3.2 RIPV2
基本不用,了解即可,双向重发布
8.3.3.2.1 路由配置
R1-CE1(config)#no ip route 5.5.5.5 255.255.255.255 10.1.12.2去除之前静态路由
R2-PE1(config)#no ip route vrf cisco 1.1.1.1 255.255.255.255 10.1.12.1取消VRF中静态路由
R1-CE1(config)#router rip
R1-CE1(config-router)#version 2
R1-CE1(config-router)#no auto-summary
R1-CE1(config-router)#network 10.0.0.0
R1-CE1(config-router)#network 1.1.1.1
启动RIPV2
R2-PE1(config)#router rip
R2-PE1(config-router)#address-family ipv4 vrf cisco
R2-PE1(config-router-af)#network 10.0.0.0
在地址簇下配置RIPV2
R2-PE1#show ip route vrf cisco
Routing Table: cisco
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 10.1.12.1, 00:00:23, FastEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
B 55.55.55.55 [200/2] via 4.4.4.4, 01:10:21
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [200/2] via 4.4.4.4, 01:10:21
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
B 10.1.45.0 [200/0] via 4.4.4.4, 01:10:21
这时就能看到1.1.1.1的路由了
8.3.3.2.2 重发布
R2-PE1(config)#router rip
R2-PE1(config-router)#address-family ipv4 vrf cisco
R2-PE1(config-router-af)#version 2
R2-PE1(config-router-af)#redistribute bgp 234 metric 1
将BGP路由重发布进RIP,需要跟METRIC,因为RIP的总度量默认无穷大。同时带入MED属性值
R2-PE1(config)#router bgp 234
R2-PE1(config-router)#address-family ipv4 vrf cisco
R2-PE1(config-router-af)#no redistribute static
R2-PE1(config-router-af)#redistribute rip
将RIP重发布进BGP,先关闭之前的静态重发布。
R4-PE2#show ip route vrf cisco
Routing Table: cisco
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [200/1] via 2.2.2.2, 00:01:01
55.0.0.0/32 is subnetted, 1 subnets
O 55.55.55.55 [110/2] via 10.1.45.5, 01:24:01, FastEthernet0/1
5.0.0.0/32 is subnetted, 1 subnets
O 5.5.5.5 [110/2] via 10.1.45.5, 01:24:01, FastEthernet0/1
10.0.0.0/24 is subnetted, 2 subnets
B 10.1.12.0 [200/0] via 2.2.2.2, 00:01:01
C 10.1.45.0 is directly connected, FastEthernet0/1
PE2已经学到了1.1.1.1的路由
R5-CE2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O E2 1.1.1.1 [110/1] via 10.1.45.4, 00:01:33, FastEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
C 55.55.55.55 is directly connected, Loopback1
5.0.0.0/32 is subnetted, 1 subnets
C 5.5.5.5 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 2 subnets
O E2 10.1.12.0 [110/1] via 10.1.45.4, 00:01:33, FastEthernet0/0
C 10.1.45.0 is directly connected, FastEthernet0/0
CE2也学到了1.1.1.1的路由
8.3.3.2.3 测试
R1-CE1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
55.0.0.0/32 is subnetted, 1 subnets
R 55.55.55.55 [120/1] via 10.1.12.2, 00:00:04, FastEthernet0/0
5.0.0.0/32 is subnetted, 1 subnets
R 5.5.5.5 [120/1] via 10.1.12.2, 00:00:04, FastEthernet0/0
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
R 10.1.45.0 [120/1] via 10.1.12.2, 00:00:04, FastEthernet0/0
CE1有5.5.5.5的路由
R1-CE1#ping 5.5.5.5 source 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 108/121/128 ms
可以PING通了
R1-CE1#traceroute 5.5.5.5 source 1.1.1.1
Type escape sequence to abort.
Tracing the route to 5.5.5.5
1 10.1.12.2 24 msec 44 msec 28 msec
2 10.1.23.3 [MPLS: Labels 301/403 Exp 0] 128 msec 124 msec 116 msec
3 10.1.45.4 [MPLS: Label 403 Exp 0] 104 msec 92 msec 92 msec
4 10.1.45.5 124 msec 116 msec 140 msec
TRACEROUTE路径显示也正常
8.3.3.3 EIGRP
和EIGRP关联的AS号一定要配置,双向重发布
8.3.3.3.1 路由配置
本次两端都重新配置EIGRP
R1-CE1(config)#no router rip
R2-PE1(config)#no router rip
R4-PE2(config)#no router ospf 1 vrf cisco
R5-CE2(config)#no router ospf 1
清除两端现有协议
R1-CE1(config)#router eigrp 1
R1-CE1(config-router)#network 10.0.0.0
R1-CE1(config-router)#network 1.0.0.0
R1-CE1(config-router)#no auto-summary
R2-PE1(config)#router eigrp 1
R2-PE1(config-router)#address-family ipv4 vrf cisco
R2-PE1(config-router-af)#autonomous-system 1
R2-PE1(config-router-af)#network 10.0.0.0
R2-PE1#show ip route vrf cisco
Routing Table: cisco
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1 [90/156160] via 10.1.12.1, 00:00:27, FastEthernet0/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
PE1已经有1.1.1.1的路由了
EIGRP重发布进BGP
R2-PE1(config)#router bgp 234
R2-PE1(config-router)#address-family ipv4 vrf cisco
R2-PE1(config-router-af)#redistribute eigrp 1
R4-PE2#show ip route vrf cisco
Routing Table: cisco
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [200/156160] via 2.2.2.2, 00:00:20
10.0.0.0/24 is subnetted, 2 subnets
B 10.1.12.0 [200/0] via 2.2.2.2, 00:00:20
C 10.1.45.0 is directly connected, FastEthernet0/1
这时R4就学到了1.1.1.1的条目了
R4-PE2(config)#router eigrp 1
R4-PE2(config-router)#address-family ipv4 vrf cisco
R4-PE2(config-router-af)#autonomous-system 1
R4-PE2(config-router-af)#network 10.0.0.0
R4-PE2(config-router-af)#no auto-summary
Eigrp配置
R4-PE2(config)#router eigrp 1
R4-PE2(config-router)#address-family ipv4 vrf cisco
R4-PE2(config-router-af)#redistribute bgp 234 metric 100 100 255 1 100
BGP重发进EIGRP
R5-CE2(config)#router eigrp 1
RR5-CE2(config-router)#network 10.0.0.0
R5-CE2(config-router)#network 5.5.5.5
R5-CE2(config-router)#no auto-summary
CE2的EIGRP配置
R5-CE2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1 [90/158720] via 10.1.45.4, 00:00:41, FastEthernet0/0
55.0.0.0/32 is subnetted, 1 subnets
C 55.55.55.55 is directly connected, Loopback1
5.0.0.0/32 is subnetted, 1 subnets
C 5.5.5.5 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 2 subnets
D 10.1.12.0 [90/30720] via 10.1.45.4, 00:00:41, FastEthernet0/0
C 10.1.45.0 is directly connected, FastEthernet0/0
至此CE2也学到了1.1.1.1的路由
R1-CE1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
但是这时CE1还没有5.5.5.5的路由,因为还没有反向重发布
R4-PE2(config)#router bgp 234
R4-PE2(config-router)#address-family ipv4 vrf cisco
R4-PE2(config-router-af)#redistribute eigrp 1
EIGRP重发布进BGP
R2-PE1(config)#router eigrp 1
R2-PE1(config-router)#address-family ipv4 vrf cisco
R2-PE1(config-router-af)#redistribute bgp 234 metric 100 100 100 1 100
BGP重发布进EIGRP
R1-CE1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
5.0.0.0/32 is subnetted, 1 subnets
D 5.5.5.5 [90/158720] via 10.1.12.2, 00:00:31, FastEthernet0/0
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
D 10.1.45.0 [90/30720] via 10.1.12.2, 00:00:31, FastEthernet0/0
至此CE1也有了5.5.5.5的路由
8.3.3.3.2 测试
R1-CE1#ping 5.5.5.5 source 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 112/123/132 ms
R1-CE1#traceroute 5.5.5.5 source 1.1.1.1
Type escape sequence to abort.
Tracing the route to 5.5.5.5
1 10.1.12.2 28 msec 20 msec 32 msec
2 10.1.23.3 [MPLS: Labels 301/403 Exp 0] 124 msec 140 msec 116 msec
3 10.1.45.4 [MPLS: Label 403 Exp 0] 104 msec 80 msec 96 msec
4 10.1.45.5 128 msec 124 msec 124 msec
测试成功
8.3.3.3.3 SOO防止环路
R1从上边给R5后反射被R4,R4从下面也受到了R1的路由。
如果上边的路由更优,则R4优选上边路由,R4重发布进EIGRP,倒灌会R2,。
使用SOO扩展COMMUNITY属性值解决环路