MPLS VPN的配置示例Word格式文档下载.docx
- 文档编号:16163197
- 上传时间:2022-11-21
- 格式:DOCX
- 页数:17
- 大小:68.54KB
MPLS VPN的配置示例Word格式文档下载.docx
《MPLS VPN的配置示例Word格式文档下载.docx》由会员分享,可在线阅读,更多相关《MPLS VPN的配置示例Word格式文档下载.docx(17页珍藏版)》请在冰豆网上搜索。
Cisco7200系列路由器.
PE路由器:
Cisco2691,或者3640系列路由器.
C和CE路由器
任何可以和PE交换路由信息的路由器都可以作为C和CE路由器.
缩写约定
P-Provider'
scorerouter.
PE-Provider'
sedgerouter.
CE-Customer'
C-Customer'
srouter.
我们将用下面的拓扑图进行举例说明:
配置
网络拓扑图
本文档使用下面的拓扑图,网络中有3台P路由器、2台PE路由器(Pescara和Pesaro),2个
VPN客户分别是Customer_A和Customer_B:
配置过程
启用ipcef
使用下面的过程启用ipcef.,为了提高性能,可以在支持的路由器上使用ipcefdistributed命令。
当在接口上配置了MPLS后(在接口上配置tag-switchingip).,还要在PE上完成下面的步骤:
1.在路由器上为每个相连的VPN创建一个VRF,使用命令ipvrf
配置ipvrf的时候:
o为每个VPN指定正确的RD.这是为了扩展IP地址之用,以便你可以识别IP地址属于哪个VPN.
rd
o配置MP-BGP的扩展communities的import和export值.这是用于过滤import和export过程的.
route-target[export|import|both]<
targetVPN
extendedcommunity>
2.在VPN各自的接口下使用ipvrfforwarding<
VPNrouting/forwardinginstancename>
命令,别忘了还需要配置IP地址
3.配置PE-CE间使用的路由协议,可是使用静态路由或者动态路由(RIP、OSPF、BGP).
配置MP-BGP
在PE路由器之间配置MP-BGP.有几种办法来配置BGP,例如路由反射器或者联盟.我们这儿使用直连的邻居进行举例.
1.声明彼此的邻居
2.为这台PE上的每个VPN配置address-familyipv4vrf<
VPNrouting/forwardinginstancename命令.
如果需要的话,完成下面的步骤
o重分布静态、RIP、或者OSPF路由
o重分布直连的路由
oActivate和CE路由器间的BGP邻居
3.进入address-familyvpnv4模式,完成下面的配置:
oActivatetheneighbors.Activate邻居
o指定必须使用扩展community,这是必须的.
本例中的5台路由器配置如下:
Pescara
Currentconfiguration:
!
version12.2
hostnamePescara
ipcef
---Customer_A的配置.
ipvrfCustomer_A
---启用Customer_A的VPN路由和转发表(VRF).
rd100:
110
---Routedistinguishercreatesroutingandforwarding
---tablesforaVRF.
route-targetexport100:
1000
---Createslistsofimportandexportroute-targetextended
---communitiesforthespecifiedVRF.
route-targetimport100:
---Customer_B配置.
ipvrfCustomer_B
120
2000
interfaceLoopback0
ipaddress10.10.10.4255.255.255.255
iprouterisis
interfaceLoopback101
ipvrfforwardingCustomer_A
---将一个接口或者自接口和一个VRF实例关联起来.
ipaddress200.0.4.1255.255.255.0
---Loopback101和102使用相同的IP地址200.0.4.1.这是准许的,因为它们属于2个不用
客户的VRF
noipdirected-broadcast
---Customer_B的配置.
interfaceLoopback102
ipvrfforwardingCustomer_B
interfaceSerial2/0
noipaddress
encapsulationframe-relay
nofair-queue
interfaceSerial2/0.1point-to-point
descriptionlinktoPauillac
bandwidth512
ipaddress10.1.1.14255.255.255.252
tag-switchingip
frame-relayinterface-dlci401
routerisis
net49.0001.0000.0000.0004.00
is-typelevel-1
routerbgp100
bgplog-neighbor-changes
---启用BGP邻居关系中断的记录.
neighbor10.10.10.6remote-as100
neighbor10.10.10.6update-sourceLoopback0
---配置BGP邻居.
---CustomerAandBcommands.
address-familyvpnv4
---进入address-familyvpnv4配置模式,配置和PE/P路由器间的MP-BGP路由会话。
neighbor10.10.10.6activate
neighbor10.10.10.6send-communityboth
---SendsthecommunityattributetoaBGPneighbor.
exit-address-family
---CustomerBcommands.
address-familyipv4vrfCustomer_B
---进入address-familyipv4的配置模式下,配置和CE间的路由会话,
redistributeconnected
noauto-summary
nosynchronization
---CustomerAcommands.
address-familyipv4vrfCustomer_A
ipclassless
end
Pesaro
version12.1
hostnamePesaro
110
ipaddress10.10.10.6255.255.255.255
ipaddress200.0.6.1255.255.255.0
interfaceLoopback111
ipaddress200.1.6.1255.255.255.0
interfaceSerial0/0
noipmroute-cache
random-detect
interfaceSerial0/0.1point-to-point
descriptionlinktoPomerol
ipaddress10.1.1.22255.255.255.252
frame-relayinterface-dlci603
net49.0001.0000.0000.0006.00
neighbor10.10.10.4remote-as100
neighbor10.10.10.4update-sourceLoopback0
neighbor10.10.10.4activate
neighbor10.10.10.4send-communityboth
Pomerol
version12.0
hostnamePomerol
ipaddress10.10.10.3255.255.255.255
interfaceSerial0/1
interfaceSerial0/1.1point-to-point
ipaddress10.1.1.6255.255.255.252
tag-switchingmtu1520
frame-relayinterface-dlci301
interfaceSerial0/1.2point-to-point
descriptionlinktoPulligny
ipaddress10.1.1.9255.255.255.252
frame-relayinterface-dlci303
interfaceSerial0/1.3point-to-point
descriptionlinktoPesaro
ipaddress10.1.1.21255.255.255.252
frame-relayinterface-dlci306
net49.0001.0000.0000.0003.00
Pulligny
hostnamePulligny
ipaddress10.10.10.2255.255.255.255
ipaddress10.1.1.2255.255.255.252
frame-relayinterface-dlci201
ipaddress10.1.1.10255.255.255.252
frame-relayinterface-dlci203
passive-interfaceLoopback0
net49.0001.0000.0000.0002.00
Pauillac
hostnamepauillac
ipaddress10.10.10.1255.255.255.255
bandwith512
ipaddress10.1.1.1255.255.255.252
frame-relayinterface-dlci102
interfaceSerial0/0.2point-to-point
descriptionlinktoPullignyipaddress10.1.1.5255.255.255.252
frame-relayinterface-dlci103
interfaceSerial0/0.3point-to-point
descriptionlinktoPescara
ipaddress10.1.1.13255.255.255.252
frame-relayinterface-dlci104
net49.0001.0000.0000.0001.00
检验
本节讲述了如何检查你的配置是否工作正常.
showipvrf-VerifiesthatthecorrectVRFexists.
showipvrfinterfaces-Verifiestheactivatedinterfaces.
showiproutevrfCustomer_A-VerifiestheroutinginformationonthePErouters.
traceroutevrfCustomer_A200.0.6.1-VerifiestheroutinginformationonthePErouters.
showipbgpvpnv4tag-VerifiestheBGP.
showipcefvrfCustomer_A200.0.6.1detail-VerifiestheroutinginformationonthePErouters.
更多的排错命令详见:
MPLSVPNSolutionTroubleshootingGuide.
下面的输出是命令showipvrf的结果
Pescara#showipvrf
NameDefaultRDInterfaces
Customer_A100:
110Loopback101
Customer_B100:
120Loopback102
下面的输出是命令showipvrfinterfaces的结果.
Pesaro#showipvrfinterfaces
InterfaceIP-AddressVRFProtocol
Loopback101200.0.6.1Customer_Aup
Loopback111200.1.6.1Customer_Aup
Loopback102200.0.6.1Customer_Bup
下面的showiproutevrf命令的结果显示在2个VPNl里面都有相同的网段200.0.6.0/24.这是因为两个VPN客户Customer_A和Customer_B使用了重叠的IP地址.
Pescara#showiproutevrfCustomer_A
Codes:
C-connected,S-static,I-IGRP,R-RIP,M-mobile,B-BGP
D-EIGRP,EX-EIGRPexternal,O-OSPF,IA-OSPFinterarea
N1-OSPFNSSAexternaltype1,N2-OSPFNSSAexternaltype2
E1-OSPFexternaltype1,E2-OSPFexternaltype2,E-EGP
i-IS-IS,L1-IS-ISlevel-1,L2-IS-ISlevel-2,ia-IS-ISinterarea
*-candidatedefault,U-per-userstaticroute,o-ODR
Gatewayoflastresortisnotset
C200.
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- MPLS VPN的配置示例 VPN 配置 示例