06 MPLS VPN与EIGRP(SOO)
作者:互联网
1、配置底层IGP
2、配置MPLS LDP
3、配置MP-BGP
R2(config)#router bgp 100
R2(config-router)#neighbor 4.4.4.4 remote-as 100
R2(config-router)#neighbor 4.4.4.4 update-source loopback 0
R2(config-router)#neighbor 5.5.5.5 remote-as 100
R2(config-router)#neighbor 5.5.5.5 update-source loopback 0
R2(config-router)#address-family vpnv4 unicast
R2(config-router-af)#neighbor 4.4.4.4 activate
R2(config-router-af)#neighbor 5.5.5.5 activate
R4(config)#router bgp 100
R4(config-router)#neighbor 2.2.2.2 remote-as 100
R4(config-router)#neighbor 2.2.2.2 update-source loopback 0
R4(config-router)#neighbor 5.5.5.5 remote-as 100
R4(config-router)#neighbor 5.5.5.5 update-source loopback 0
R4(config-router)#address-family vpnv4 unicast
R4(config-router-af)#neighbor 2.2.2.2 activate
R4(config-router-af)#neighbor 5.5.5.5 activate
R5(config)#router bgp 100
R5(config-router)#neighbor 2.2.2.2 remote-as 100
R5(config-router)#neighbor 2.2.2.2 update-source loopback 0
R5(config-router)#neighbor 4.4.4.4 remote-as 100
R5(config-router)#neighbor 4.4.4.4 update-source loopback 0
R5(config-router)#address-family vpnv4 unicast
R5(config-router-af)#neighbor 2.2.2.2 activate
R5(config-router-af)#neighbor 4.4.4.4 activate
4、查看BGP邻居信息
R2(config)#do show ip bgp summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
4.4.4.4 4 100 8 7 1 0 0 00:02:57 0
5.5.5.5 4 100 4 3 1 0 0 00:01:06 0
R4#show ip bgp summary
BGP router identifier 4.4.4.4, local AS number 100
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2 4 100 8 8 1 0 0 00:03:22 0
5.5.5.5 4 100 4 3 1 0 0 00:01:21 0
R5#show ip bgp summary
BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2 4 100 3 5 1 0 0 00:01:46 0
4.4.4.4 4 100 3 4 1 0 0 00:01:37 0
5、配置VRF,以及RD、RT并绑定接口
R2(config)#vrf definition alex
R2(config-vrf)#rd 6:6
R2(config-vrf)#route-target both 8:8
R2(config-vrf)#address-family ipv4
R2(config-vrf-af)#exit
R2(config-vrf)#exit
R2(config)#interface ethernet 0/0
R2(config-if)#vrf forwarding alex
R2(config-if)#ip address 12.1.1.2 255.255.255.0
R4(config)#vrf definition alex
R4(config-vrf)#rd 6:6
R4(config-vrf)#route-target both 8:8
R4(config-vrf)#address-family ipv4
R4(config-vrf-af)#exit
R4(config-vrf)#exit
R4(config)#interface ethernet 0/2
R4(config-if)#vrf forwarding alex
R4(config-if)#ip address 47.1.1.4 255.255.255.0
R5(config)#vrf definition alex
R5(config-vrf)#rd 6:6
R5(config-vrf)#route-target both 8:8
R5(config-vrf)#address-family ipv4
R5(config-vrf-af)#exit
R5(config-vrf)#exit
R5(config)#interface ethernet 0/0
R5(config-if)#vrf forwarding alex
R5(config-if)#ip address 56.1.1.5 255.255.255.0
6、PE与CE之间部署EIGRP
R6(config)#router eigrp 1
R6(config-router)#neighbor 67.1.1.7 ethernet 0/1
R6(config-router)#neighbor 56.1.1.5 ethernet 0/0
R6(config-router)#network 67.1.1.6 0.0.0.0
R6(config-router)#network 56.1.1.6 0.0.0.0
R7(config)#router eigrp 1
R7(config-router)#neighbor 67.1.1.6 ethernet 0/1
R7(config-router)#neighbor 47.1.1.4 ethernet 0/2
R7(config-router)#network 67.1.1.7 0.0.0.0
R7(config-router)#network 47.1.1.7 0.0.0.0
R4(config)#router eigrp 100
R4(config-router)#address-family ipv4 vrf alex
R4(config-router-af)#neighbor 47.1.1.7 ethernet 0/2
R4(config-router-af)#network 47.1.1.4 0.0.0.0
R4(config-router-af)#no auto-summary
R4(config-router-af)#autonomous-system 1
R5(config)#router eigrp 100
R5(config-router)#address-family ipv4 vrf alex
R5(config-router-af)#neighbor 56.1.1.6 ethernet 0/0
R5(config-router-af)#network 56.1.1.5 0.0.0.0
R5(config-router-af)#no auto-summary
R5(config-router-af)#autonomous-system 1
7、在CE设备上查看EIGRP邻居
R6#show ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 56.1.1.5 Et0/0 10 00:02:09 9 100 0 3
0 67.1.1.7 Et0/1 14 00:05:31 4 100 0 4
R7#show ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 47.1.1.4 Et0/2 10 00:03:42 12 100 0 3
0 67.1.1.6 Et0/1 13 00:05:12 14 100 0 6
8、在R6上将环回口宣告进EIGRP
R6(config)#router eigrp 1
R6(config-router)#network 6.6.6.6 0.0.0.0
9、此时在R4上是可以学到这条路有的,以EIGRP的方式
R4#show ip route vrf alex eigrp
Routing Table: alex
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
6.0.0.0/32 is subnetted, 1 subnets
D 6.6.6.6 [90/435200] via 47.1.1.7, 00:01:30, Ethernet0/2
56.0.0.0/24 is subnetted, 1 subnets
D 56.1.1.0 [90/332800] via 47.1.1.7, 00:06:35, Ethernet0/2
67.0.0.0/24 is subnetted, 1 subnets
D 67.1.1.0 [90/307200] via 47.1.1.7, 00:06:40, Ethernet0/2
10、在R4和R5上双点双向重发布,产生VPNV4路由
R4(config)#router eigrp 100
R4(config-router)#address-family ipv4 vrf alex
R4(config-router-af)#redistribute bgp 100 metric 10000 10 10 10 10
R4(config-router-af)#exit
R4(config-router)#router bgp 100
R4(config-router)#address-family ipv4 vrf alex
R4(config-router-af)#redistribute eigrp 1
R5(config)#router eigrp 100
R5(config-router)#address-family ipv4 vrf alex
R5(config-router-af)#redistribute bgp 100 metric 10000 10 10 10 10
R5(config-router-af)#exit
R5(config-router)#exit
R5(config)#router bgp 100
R5(config-router)#address-family ipv4 vrf alex
R5(config-router-af)#redistribute eigr
R5(config-router-af)#redistribute eigrp 1
11、此时如果R6与R7之间的连路出现故障Down掉
R6(config)#interface ethernet 0/1
R6(config-if)#shutdown
12、此时R7从MPLS Core Network学习到的6.6.6.6的路由,但是对于站点来说,不会只有两台设备,这条路有可以在站点内部学习到,为了防止同站点路由在双向引入时,从MPLS Core Network传递回该站点,需要配置SOO
R7#show ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
6.0.0.0/32 is subnetted, 1 subnets
D 6.6.6.6 [90/435200] via 47.1.1.4, 00:00:07, Ethernet0/2
56.0.0.0/24 is subnetted, 1 subnets
D 56.1.1.0 [90/307200] via 47.1.1.4, 00:00:07, Ethernet0/2
13、在PE站点上配置SOO,然后调用到接口
R4(config)#route-map alex-soo permit
R4(config-route-map)#set extcommunity soo 66:66
R4(config-route-map)#exit
R4(config)#interface ethernet 0/2
R4(config-if)#ip vrf sitemap alex-soo #调用之后会导致邻居重新建立
R4(config-if)#
*Dec 30 01:40:25.568: %DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 47.1.1.7 (Ethernet0/2) is down: SoO changed
*Dec 30 01:40:27.951: %DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 47.1.1.7 (Ethernet0/2) is up: new adjacency
R5(config)#route-map alex-soo permit
R5(config-route-map)#set extcommunity soo 88:88 #配置不一样的SOO值
R5(config-route-map)#exit
R5(config)#interface ethernet 0/0
R5(config-if)#ip vrf sitemap alex-soo
14、此时在R4上收到的6.6.6.6的路由就是带扩展团体属性88:88
R4#show ip bgp vpnv4 all 6.6.6.6
BGP routing table entry for 6:6:6.6.6.6/32, version 21
Paths: (1 available, best #1, table alex)
Not advertised to any peer
Refresh Epoch 1
Local
5.5.5.5 (metric 21) from 5.5.5.5 (5.5.5.5)
Origin incomplete, metric 409600, localpref 100, valid, internal, best
Extended Community: SoO:88:88 RT:8:8 Cost:pre-bestpath:128:409600
0x8800:32768:0 0x8801:1:153600 0x8802:65281:256000 0x8803:65281:1500
0x8806:0:101058054
mpls labels in/out nolabel/18
rx pathid: 0, tx pathid: 0x0
15、在R7上查看EIGRP路由信息
R7#show ip eigrp topology 6.6.6.6 255.255.255.255
EIGRP-IPv4 Topology Entry for AS(1)/ID(7.7.7.7) for 6.6.6.6/32
State is Passive, Query origin flag is 1, 1 Successor(s), FD is 435200
Descriptor Blocks:
47.1.1.4 (Ethernet0/2), from 47.1.1.4, Send flag is 0x0
Composite metric is (435200/409600), route is Internal
Vector metric:
Minimum bandwidth is 10000 Kbit
Total delay is 7000 microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 2
Originating router is 6.6.6.6
Extended Community: SoO:88:88
16、此时R7也是可以收到该路由,并且这个扩展团体属性值通过EIGRP的TLV字段携带
17、在R4上修改SOO值为88:88
18、在R7上查看EIGRP路由信息
R7#show ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
19、此时在R4上查看EIGRP路由表
R4#show ip route vrf alex eigrp
Routing Table: alex
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
67.0.0.0/24 is subnetted, 1 subnets
D 67.1.1.0 [90/307200] via 47.1.1.7, 00:01:37, Ethernet0/2
20、在R4上查看EIGRP数据库
R4#show ip eigrp vrf alex topology
EIGRP-IPv4 Topology Table for AS(1)/ID(47.1.1.4) VRF(alex)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 67.1.1.0/24, 1 successors, FD is 307200
via 47.1.1.7 (307200/281600), Ethernet0/2
P 47.1.1.0/24, 1 successors, FD is 281600
via Connected, Ethernet0/2
P 56.1.1.0/24, 1 successors, FD is 281600
via VPNv4 Sourced (281600/0)
P 6.6.6.6/32, 1 successors, FD is 409600
via VPNv4 Sourced (409600/0)
21、在R4上查看VPNV4路由表
R4#show ip bgp vpnv4 vrf alex
BGP table version is 28, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 6:6 (default for vrf alex)
*>i 6.6.6.6/32 5.5.5.5 409600 100 0 ?
*> 47.1.1.0/24 0.0.0.0 0 32768 ?
*>i 56.1.1.0/24 5.5.5.5 0 100 0 ?
*> 67.1.1.0/24 47.1.1.7 307200 32768 ?
22、在R4上查看6.6.6.6的详细信息
R4#show ip bgp vpnv4 vrf alex 6.6.6.6
BGP routing table entry for 6:6:6.6.6.6/32, version 21
Paths: (1 available, best #1, table alex)
Not advertised to any peer
Refresh Epoch 1
Local
5.5.5.5 (metric 21) from 5.5.5.5 (5.5.5.5)
Origin incomplete, metric 409600, localpref 100, valid, internal, best
Extended Community: SoO:88:88 RT:8:8 Cost:pre-bestpath:128:409600
0x8800:32768:0 0x8801:1:153600 0x8802:65281:256000 0x8803:65281:1500
0x8806:0:101058054
mpls labels in/out nolabel/18
rx pathid: 0, tx pathid: 0x0
结论:
R5从CE收到的路由引入到MP-BGP,增加扩展团体属性自定义值SOO;
传递给R4,R4通过重分布,将MP-BGP路由引入到EIGRP;
EIGRP从MP-BGP扩展团体属性中提取SOO值(如果存在),并将SOO值附加到路由上,然后将其添加到EIGRP数据库,更新到路由表时,会测试每个路由的SOO值;
路由携带的SOO与接口下配置的SOO值匹配则过滤,不匹配则传递;
即:相同的SOO值,被PE认为是同站点;相同的SOO,路由将不能传递
标签:R4,R5,MPLS,EIGRP,vrf,router,100,VPN,config 来源: https://blog.csdn.net/weixin_50299079/article/details/115590607