MSR系列路由器MPLS 反射VPN功能的配置
关键词:MSR;MPLS;BGP;L3VPN;refrect
一、组网需求:
PEA和PEB是VPN站点接入路由器。PEA、PEB和Reflector建立MP-IBGP连接,vpn路由都由Reflector反射传播。
设备清单:MSR系列路由器3台
二、组网图:
三、配置步骤:
设备和版本:MSR系列、Version 5.20, Release 1509
PEA配置:
#
router id 3.3.3.3
#
ip vpn-instance
vpna
route-distinguisher 3:1
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
mpls lsr-id 3.3.3.3
#
mpls
#
mpls ldp
#
interface
Ethernet0/0
port link-mode route
ip address 1.3.0.3 255.255.255.0
mpls
mpls ldp
#
interface
Ethernet0/1
port link-mode route
ip binding vpn-instance
vpna
ip address 192.168.2.1 255.255.255.0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
bgp 1
undo synchronization
peer 1.1.1.1 as-number 1
peer 1.1.1.1 connect-interface LoopBack0
#
ipv4-family vpnv4
peer 1.1.1.1 enable
#
ipv4-family vpn-instance
vpna
import-route direct
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 1.3.0.0 0.0.0.255
#
Reflector配置:
#
router id 1.1.1.1
#
mpls lsr-id
1.1.1.1
#
mpls
#
mpls ldp
#
interface
Ethernet0/0
port link-mode route
ip address 1.2.0.1 255.255.255.0
mpls
mpls ldp
#
interface
Ethernet0/1
port link-mode route
ip address 1.3.0.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
bgp 1
undo synchronization
group 1 internal
peer 1 connect-interface LoopBack0
peer 2.2.2.2 group 1
peer 3.3.3.3 group 1
#
ipv4-family vpnv4
undo policy vpn-target //接收所有vpn路由
peer 1 enable
peer 1 reflect-client //配置反射组
peer 2.2.2.2 enable
peer 2.2.2.2 group 1
peer 3.3.3.3 enable
peer 3.3.3.3 group 1
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 1.3.0.0 0.0.0.255
network 1.2.0.0 0.0.0.255
#
PEB配置:
#
router id 2.2.2.2
#
ip vpn-instance
vpna
route-distinguisher 2:1
vpn-target 1:1 export-extcommunity
vpn-target 1:1 import-extcommunity
#
mpls lsr-id 2.2.2.2
#
mpls
#
mpls ldp
#
interface
Ethernet0/0
port link-mode route
ip address 1.2.0.2 255.255.255.0
mpls
mpls ldp
#
interface
Ethernet0/1
port link-mode route
ip binding vpn-instance
vpna
ip address 192.168.1.1 255.255.255.0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
bgp 1
undo synchronization
peer 1.1.1.1 as-number 1
peer 1.1.1.1 connect-interface LoopBack0
#
ipv4-family vpnv4
peer 1.1.1.1 enable
#
ipv4-family vpn-instance
vpna
network 192.168.1.0
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 1.2.0.0 0.0.0.255
#
四、配置关键点:
在MPLS L3VPN基本配置正确的基础上,配置主要在Reflector上,Reflector不需配置vpn实例,注意其BGP配置。
五、实验分析
在PEA和PEB上检查vpn路由及其标签。
PEA上查看vpn路由,注意默认路由:
[PEA]dis bg v a r
BGP Local
router ID is 3.3.3.3
Total
number of routes from all PE: 1
Route
Distinguisher: 2:1
Network
NextHop In/Out
Label MED LocPrf
*>i 2.1.1.1/32
2.2.2.2
NULL/1025
0
100
Total
routes of vpn-instance vpna:
2
Network
NextHop
In/Out Label
MED LocPrf
*>i 2.1.1.1/32
2.2.2.2 NULL/1025
0
100
*> 3.1.1.1/32
0.0.0.0
1024/NULL 0
PEB上查看vpn路由情况:
[PEB]dis bg v a r
BGP
Local router ID is 2.2.2.2
Total
number of routes from all PE: 1
Route
Distinguisher: 3:1
Network
NextHop
In/Out Label
MED LocPrf
*>i 3.1.1.1/32
3.3.3.3
NULL/1024
0
100
Total
routes of vpn-instance vpna:
2
Network
NextHop
In/Out Label
MED LocPrf
*> 2.1.1.1/32
0.0.0.0
1025/NULL 0
*>i 3.1.1.1/32
3.3.3.3
NULL/1024
0
100
SPE上查看vpn路由情况:
<SPE>dis bg v a r
BGP
Local router ID is 1.1.1.1
Total
number of routes from all PE: 2
Route
Distinguisher: 3:1
Network
NextHop
In/Out Label
MED LocPrf
*>i 3.1.1.1/32
3.3.3.3
NULL/1024
0
100
Route
Distinguisher: 2:1
Network
NextHop
In/Out Label
MED LocPrf