好消息,超酷的在线虚拟网络实验室上线了!点击开始实验

为获得更好的浏览效果,建议您使用 Firefox 或者 Chrome 浏览器



 

6.1.8 BGP的AS号替换典型配置举例

 

组网需求

如图所示,CE 1CE 2同属于VPN 1,分别接入PE 1PE 2,并且CE 1CE 2复用AS600

 

组网图

 

配置步骤

 

1、配置基本MPLS L3VPN

l           MPLS骨干网上配置OSPFPEP之间能够学到对方Loopback接口的路由;

l           MPLS骨干网上配置MPLS基本能力和MPLS LDP,建立LDP LSP

l           PE之间建立MP-IBGP对等体关系,发布VPN-IPv4路由;

l           PE 2上配置VPN 1VPN实例,接入CE 2

l           PE 1上配置VPN 1VPN实例,接入CE 1

l           PE 1CE 1PE 2CE 2之间配置BGP,将CE的路由引入PE

 

完成上述配置后,在CE 2上执行display ip routing-table命令,可以看到CE 2能够学到CE 1接入PE 1的接口所在网段(10.1.1.0/24)的路由,但没有到达CE 1内部VPN(100.1.1.0/24)的路由。CE 1上也存在同样的现象。

 

<CE2> display ip routing-table

Routing Tables: Public

         Destinations : 8        Routes : 8

Destination/Mask    Proto  Pre  Cost       NextHop         Interface

10.1.1.0/24         BGP    255  0          10.2.1.2        GE4/1/1

10.1.1.1/32         BGP    255  0          10.2.1.2        GE4/1/1

10.2.1.0/24         Direct 0    0          10.2.1.1        GE4/1/1

10.2.1.1/32         Direct 0    0          127.0.0.1       InLoop0

10.2.1.2/32         Direct 0    0          10.2.1.2        GE4/1/1

127.0.0.0/8         Direct 0    0          127.0.0.1       InLoop0

127.0.0.1/32        Direct 0    0          127.0.0.1       InLoop0

200.1.1.0/24        Direct 0    0          200.1.1.1       InLoop0

200.1.1.1/32        Direct 0    0          127.0.0.1       InLoop0

 

PE上执行display ip routing-table vpn-instance命令,可以看到PE的VPN实例中有到达对端CE内部VPN的路由。

PE 2为例:

 

<PE2> display ip routing-table vpn-instance vpn1

Routing Tables: vpn1

         Destinations : 7        Routes : 7

Destination/Mask    Proto  Pre  Cost       NextHop         Interface

10.1.1.0/24         BGP    255  0          1.1.1.9         NULL0

10.1.1.1/32         BGP    255  0          1.1.1.9         NULL0

10.2.1.0/24         Direct 0    0          10.2.1.2        GE4/1/1

10.2.1.1/32         Direct 0    0          10.2.1.1        GE4/1/1

10.2.1.2/32         Direct 0    0          127.0.0.1       InLoop0

100.1.1.1/32        BGP    255  0          1.1.1.9         NULL0

200.1.1.1/32        BGP    255  0          10.2.1.1        GE4/1/1

 

PE 2上打开BGP的Update报文调试信息开关,可以看到PE 2发布了去往100.1.1.1/32的路由,AS路径信息为“100 600”。

<PE2> terminal monitor

<PE2> terminal debugging

<PE2> debugging bgp update vpn-instance vpn1 verbose

<PE2> refresh bgp vpn-instance vpn1 all export

 

*0.4402392 PE2 RM/7/RMDEBUG:

         BGP.vpn1: Send UPDATE to 10.2.1.1 for following destinations :

         Origin    : Incomplete

         AS Path   : 100 600

         Next Hop  : 10.2.1.2

         100.1.1.1/32,

 

CE 2上执行display bgp routing-table peer received-routes命令,可以看到CE 2没有接收100.1.1.1/32的路由。

 

<CE2> display bgp routing-table peer 10.2.1.2 received-routes

 Total Number of Routes: 4

 BGP Local router ID is 10.2.1.1

 Status codes: * - valid, > - best, d - damped,

               h - history,  i - internal, s - suppressed, S - Stale

               Origin : i - IGP, e - EGP, ? - incomplete

      Network          NextHop        MED     LocPrf    PrefVal Path/Ogn

 *>   10.1.1.0/24      10.2.1.2                           0      100?

 *>   10.1.1.1/32      10.2.1.2                           0      100?

 *    10.2.1.0/24      10.2.1.2        0                  0      100?

 *    10.2.1.1/32      10.2.1.2        0                  0      100?

 

2、配置BGP的AS号替换功能

# 在PE 2上配置BGP的AS号替换功能。

<PE2> system-view

[PE2] bgp 100

[PE2-bgp] ipv4-family vpn-instance vpn1

[PE2-bgp-vpn1] peer 10.2.1.1 substitute-as

[PE2-bgp-vpn1] quit

[PE2-bgp] quit

 

PE1上也同样配置。

 

结果检验

可以看到PE 2向CE 2发布的路由中,100.1.1.1/32的AS路径信息由“100 600”变为“100 100”:

*0.13498737 PE2 RM/7/RMDEBUG:

         BGP.vpn1: Send UPDATE to 10.2.1.1 for following destinations :

         Origin    : Incomplete

         AS Path   : 100 100

         Next Hop  : 10.2.1.2

         100.1.1.1/32

 

再次查看CE 2接收的路由信息和路由表:

<CE2> display bgp routing-table peer 10.2.1.2 received-routes

 Total Number of Routes: 5

 BGP Local router ID is 10.2.1.1

 Status codes: * - valid, > - best, d - damped,

               h - history,  i - internal, s - suppressed, S - Stale

               Origin : i - IGP, e - EGP, ? - incomplete

      Network          NextHop       MED      LocPrf    PrefVal Path/Ogn

 *>   10.1.1.0/24      10.2.1.2                           0      100?

 *>   10.1.1.1/32      10.2.1.2                           0      100?

 *    10.2.1.0/24      10.2.1.2       0                   0      100?

 *    10.2.1.1/32      10.2.1.2       0                   0      100?

 *>   100.1.1.1/32     10.2.1.2                           0      100 100?

 

<CE2> display ip routing-table

Routing Tables: Public

         Destinations : 9        Routes : 9

Destination/Mask    Proto  Pre  Cost       NextHop         Interface

10.1.1.0/24         BGP    255  0          10.2.1.2        GE4/1/1

10.1.1.1/32         BGP    255  0          10.2.1.2        GE4/1/1

10.2.1.0/24         Direct 0    0          10.2.1.1        GE4/1/1

10.2.1.1/32         Direct 0    0          127.0.0.1       InLoop0

10.2.1.2/32         Direct 0    0          10.2.1.2        GE4/1/1

100.1.1.1/32        BGP    255  0          10.2.1.2        GE4/1/1

127.0.0.0/8         Direct 0    0          127.0.0.1       InLoop0

127.0.0.1/32        Direct 0    0          127.0.0.1       InLoop0

200.1.1.1/32        Direct 0    0          127.0.0.1       InLoop0

 

PE 1上也配置BGP的AS号替换功能后,CE 1和CE 2的GigabitEthernet接口能够相互Ping通。

<CE1> ping –a 100.1.1.1 200.1.1.1

  PING 200.1.1.1: 56  data bytes, press CTRL_C to break

    Reply from 200.1.1.1: bytes=56 Sequence=1 ttl=253 time=109 ms

    Reply from 200.1.1.1: bytes=56 Sequence=2 ttl=253 time=67 ms

    Reply from 200.1.1.1: bytes=56 Sequence=3 ttl=253 time=66 ms

    Reply from 200.1.1.1: bytes=56 Sequence=4 ttl=253 time=85 ms

    Reply from 200.1.1.1: bytes=56 Sequence=5 ttl=253 time=70 ms

  --- 200.1.1.1 ping statistics ---

    5 packet(s) transmitted

    5 packet(s) received

    0.00% packet loss

    round-trip min/avg/max = 66/79/109 ms

 

 

配置文件

1、PE 1配置

#

ip vpn-instance vpn1

route-distinguisher 100:1

vpn-target 111:1 export-extcommunity

vpn-target 111:1 import-extcommunity

#

mpls lsr-id 1.1.1.9

#

mpls

lsp-trigger all

#

mpls ldp

#

interface loopback 0

ip address 1.1.1.9 255.255.255.255

#

interface GigabitEthernet 4/1/1

ip binding vpn-instance vpn1

ip address 10.1.1.2 255.255.255.0

#

interface GigabitEthernet4/1/2

ip address 20.1.1.1 255.255.255.0

mpls

mpls ldp

#

bgp 100

peer 3.3.3.9 as-number 100

peer 3.3.3.9 connect-interface loopback 0

#

ipv4-family vpnv4

peer 3.3.3.9 enable

#

ipv4-family vpn-instance vpn1

import-route direct

peer 10.1.1.1 as-number 600

peer 10.1.1.1 substitute-as

#

ospf 1

area 0.0.0.0

network 20.1.1.0 0.0.0.255

network 1.1.1.9 0.0.0.0

#

2、PE 2配置

#

ip vpn-instance vpn1

route-distinguisher 200:1

vpn-target 111:1 export-extcommunity

vpn-target 111:1 import-extcommunity

#

mpls lsr-id 3.3.3.9

#

mpls

lsp-trigger all

#

mpls ldp

#

interface loopback 0

ip address 3.3.3.9 255.255.255.255

#

interface GigabitEthernet 4/1/1

ip binding vpn-instance vpn1

ip address 10.2.1.2 255.255.255.0

#

interface GigabitEthernet4/1/2

ip address 30.1.1.2 255.255.255.0

mpls

mpls ldp

#

bgp 100

peer 1.1.1.9 as-number 100

peer 1.1.1.9 connect-interface loopback 0

#

ipv4-family vpnv4

peer 1.1.1.9 enable

#

ipv4-family vpn-instance vpn1

import-route direct

peer 10.2.1.1 as-number 600

peer 10.2.1.1 substitute-as

#

ospf 1

area 0.0.0.0

network 30.1.1.0 0.0.0.255

network 3.3.3.9 0.0.0.0

#

3、P 配置

#

mpls lsr-id 2.2.2.9

#

mpls

lsp-trigger all

#

mpls ldp

#

interface loopback 0

ip address 2.2.2.9 255.255.255.255

#

interface GigabitEthernet 4/1/1

ip address 20.1.1.2 255.255.255.0

mpls

mpls ldp

#

interface GigabitEthernet4/1/2

ip address 30.1.1.1 255.255.255.0

mpls

mpls ldp

#

ospf 1

area 0.0.0.0

network 20.1.1.0 0.0.0.255

network 30.1.1.0 0.0.0.255

network 2.2.2.9 0.0.0.0

#

4、CE1 配置

#

interface GigabitEthernet 4/1/1

ip address 10.1.1.1 255.255.255.0

#

interface GigabitEthernet 4/1/2

ip address 100.1.1.1 255.255.255.0

#

bgp 600

import-route direct

peer 10.1.1.2 as-number 100

#

5、CE2 配置

#

interface GigabitEthernet 4/1/1

ip address 10.2.1.1 255.255.255.0

#

interface GigabitEthernet 4/1/1

ip address 10.2.1.1 255.255.255.0

#

bgp 600

import-route direct

peer 10.2.1.2 as-number 100

#

 

 

 

X Close
X Close