其他分享
首页 > 其他分享> > 06 MPLS VPN与EIGRP(SOO)

06 MPLS VPN与EIGRP(SOO)

作者:互联网

在这里插入图片描述1、配置底层IGP
2、配置MPLS LDP
3、配置MP-BGP

R2(config)#router bgp 100
R2(config-router)#neighbor 4.4.4.4 remote-as 100
R2(config-router)#neighbor 4.4.4.4 update-source loopback 0
R2(config-router)#neighbor 5.5.5.5 remote-as 100
R2(config-router)#neighbor 5.5.5.5 update-source loopback 0
R2(config-router)#address-family vpnv4 unicast 
R2(config-router-af)#neighbor 4.4.4.4 activate 
R2(config-router-af)#neighbor 5.5.5.5 activate
R4(config)#router bgp 100       
R4(config-router)#neighbor 2.2.2.2 remote-as 100
R4(config-router)#neighbor 2.2.2.2 update-source loopback 0
R4(config-router)#neighbor 5.5.5.5 remote-as 100
R4(config-router)#neighbor 5.5.5.5 update-source loopback 0
R4(config-router)#address-family vpnv4 unicast 
R4(config-router-af)#neighbor 2.2.2.2 activate 
R4(config-router-af)#neighbor 5.5.5.5 activate 
R5(config)#router bgp 100
R5(config-router)#neighbor 2.2.2.2 remote-as 100
R5(config-router)#neighbor 2.2.2.2 update-source loopback 0
R5(config-router)#neighbor 4.4.4.4 remote-as 100
R5(config-router)#neighbor 4.4.4.4 update-source loopback 0
R5(config-router)#address-family vpnv4 unicast 
R5(config-router-af)#neighbor 2.2.2.2 activate 
R5(config-router-af)#neighbor 4.4.4.4 activate 

4、查看BGP邻居信息

R2(config)#do show ip bgp summary 
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
4.4.4.4         4          100       8       7        1    0    0 00:02:57        0
5.5.5.5         4          100       4       3        1    0    0 00:01:06        0
R4#show ip bgp summary 
BGP router identifier 4.4.4.4, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
2.2.2.2         4          100       8       8        1    0    0 00:03:22        0
5.5.5.5         4          100       4       3        1    0    0 00:01:21        0
R5#show ip bgp summary 
BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
2.2.2.2         4          100       3       5        1    0    0 00:01:46        0
4.4.4.4         4          100       3       4        1    0    0 00:01:37        0

5、配置VRF,以及RD、RT并绑定接口

R2(config)#vrf definition alex
R2(config-vrf)#rd 6:6  
R2(config-vrf)#route-target both 8:8
R2(config-vrf)#address-family ipv4 
R2(config-vrf-af)#exit
R2(config-vrf)#exit
R2(config)#interface ethernet 0/0
R2(config-if)#vrf forwarding alex
R2(config-if)#ip address 12.1.1.2 255.255.255.0
R4(config)#vrf definition alex
R4(config-vrf)#rd 6:6
R4(config-vrf)#route-target both 8:8
R4(config-vrf)#address-family ipv4 
R4(config-vrf-af)#exit
R4(config-vrf)#exit
R4(config)#interface ethernet 0/2 
R4(config-if)#vrf forwarding alex
R4(config-if)#ip address 47.1.1.4 255.255.255.0
R5(config)#vrf definition alex
R5(config-vrf)#rd 6:6 
R5(config-vrf)#route-target both 8:8
R5(config-vrf)#address-family ipv4 
R5(config-vrf-af)#exit
R5(config-vrf)#exit
R5(config)#interface ethernet 0/0
R5(config-if)#vrf forwarding alex
R5(config-if)#ip address 56.1.1.5 255.255.255.0

6、PE与CE之间部署EIGRP

R6(config)#router eigrp 1 
R6(config-router)#neighbor 67.1.1.7 ethernet 0/1 
R6(config-router)#neighbor 56.1.1.5 ethernet 0/0
R6(config-router)#network 67.1.1.6 0.0.0.0
R6(config-router)#network 56.1.1.6 0.0.0.0
R7(config)#router eigrp 1 
R7(config-router)#neighbor 67.1.1.6 ethernet 0/1
R7(config-router)#neighbor 47.1.1.4 ethernet 0/2 
R7(config-router)#network 67.1.1.7 0.0.0.0
R7(config-router)#network 47.1.1.7 0.0.0.0
R4(config)#router eigrp 100
R4(config-router)#address-family ipv4 vrf alex 
R4(config-router-af)#neighbor 47.1.1.7 ethernet 0/2 
R4(config-router-af)#network 47.1.1.4 0.0.0.0
R4(config-router-af)#no auto-summary 
R4(config-router-af)#autonomous-system 1
R5(config)#router eigrp 100
R5(config-router)#address-family ipv4 vrf alex
R5(config-router-af)#neighbor 56.1.1.6 ethernet 0/0
R5(config-router-af)#network 56.1.1.5 0.0.0.0
R5(config-router-af)#no auto-summary 
R5(config-router-af)#autonomous-system 1 

7、在CE设备上查看EIGRP邻居

R6#show ip eigrp neighbors 
EIGRP-IPv4 Neighbors for AS(1)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
1   56.1.1.5                Et0/0                    10 00:02:09    9   100  0  3
0   67.1.1.7                Et0/1                    14 00:05:31    4   100  0  4
R7#show ip eigrp neighbors 
EIGRP-IPv4 Neighbors for AS(1)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
1   47.1.1.4                Et0/2                    10 00:03:42   12   100  0  3
0   67.1.1.6                Et0/1                    13 00:05:12   14   100  0  6

8、在R6上将环回口宣告进EIGRP

R6(config)#router eigrp 1 
R6(config-router)#network 6.6.6.6 0.0.0.0

9、此时在R4上是可以学到这条路有的,以EIGRP的方式

R4#show ip route vrf alex eigrp 

Routing Table: alex
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      6.0.0.0/32 is subnetted, 1 subnets
D        6.6.6.6 [90/435200] via 47.1.1.7, 00:01:30, Ethernet0/2
      56.0.0.0/24 is subnetted, 1 subnets
D        56.1.1.0 [90/332800] via 47.1.1.7, 00:06:35, Ethernet0/2
      67.0.0.0/24 is subnetted, 1 subnets
D        67.1.1.0 [90/307200] via 47.1.1.7, 00:06:40, Ethernet0/2

10、在R4和R5上双点双向重发布,产生VPNV4路由

R4(config)#router eigrp 100
R4(config-router)#address-family ipv4 vrf alex 
R4(config-router-af)#redistribute bgp 100 metric 10000 10 10 10 10 
R4(config-router-af)#exit
R4(config-router)#router bgp 100
R4(config-router)#address-family ipv4 vrf alex 
R4(config-router-af)#redistribute eigrp 1 
R5(config)#router eigrp 100
R5(config-router)#address-family ipv4 vrf alex
R5(config-router-af)#redistribute bgp 100 metric 10000 10 10 10 10 
R5(config-router-af)#exit
R5(config-router)#exit
R5(config)#router bgp 100
R5(config-router)#address-family ipv4 vrf alex
R5(config-router-af)#redistribute eigr
R5(config-router-af)#redistribute eigrp 1 

11、此时如果R6与R7之间的连路出现故障Down掉

R6(config)#interface ethernet 0/1 
R6(config-if)#shutdown 

12、此时R7从MPLS Core Network学习到的6.6.6.6的路由,但是对于站点来说,不会只有两台设备,这条路有可以在站点内部学习到,为了防止同站点路由在双向引入时,从MPLS Core Network传递回该站点,需要配置SOO

R7#show ip route eigrp 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      6.0.0.0/32 is subnetted, 1 subnets
D        6.6.6.6 [90/435200] via 47.1.1.4, 00:00:07, Ethernet0/2
      56.0.0.0/24 is subnetted, 1 subnets
D        56.1.1.0 [90/307200] via 47.1.1.4, 00:00:07, Ethernet0/2

13、在PE站点上配置SOO,然后调用到接口

R4(config)#route-map alex-soo permit 
R4(config-route-map)#set extcommunity soo 66:66
R4(config-route-map)#exit
R4(config)#interface ethernet 0/2 
R4(config-if)#ip vrf sitemap alex-soo     #调用之后会导致邻居重新建立
R4(config-if)#
*Dec 30 01:40:25.568: %DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 47.1.1.7 (Ethernet0/2) is down: SoO changed
*Dec 30 01:40:27.951: %DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 47.1.1.7 (Ethernet0/2) is up: new adjacency
R5(config)#route-map alex-soo permit 
R5(config-route-map)#set extcommunity soo 88:88     #配置不一样的SOO值
R5(config-route-map)#exit
R5(config)#interface ethernet 0/0
R5(config-if)#ip vrf sitemap alex-soo

14、此时在R4上收到的6.6.6.6的路由就是带扩展团体属性88:88

R4#show ip bgp vpnv4 all 6.6.6.6
BGP routing table entry for 6:6:6.6.6.6/32, version 21
Paths: (1 available, best #1, table alex)
  Not advertised to any peer
  Refresh Epoch 1
  Local
    5.5.5.5 (metric 21) from 5.5.5.5 (5.5.5.5)
      Origin incomplete, metric 409600, localpref 100, valid, internal, best
      Extended Community: SoO:88:88 RT:8:8 Cost:pre-bestpath:128:409600 
        0x8800:32768:0 0x8801:1:153600 0x8802:65281:256000 0x8803:65281:1500 
        0x8806:0:101058054
      mpls labels in/out nolabel/18
      rx pathid: 0, tx pathid: 0x0

15、在R7上查看EIGRP路由信息

R7#show ip eigrp topology 6.6.6.6 255.255.255.255
EIGRP-IPv4 Topology Entry for AS(1)/ID(7.7.7.7) for 6.6.6.6/32
  State is Passive, Query origin flag is 1, 1 Successor(s), FD is 435200
  Descriptor Blocks:
  47.1.1.4 (Ethernet0/2), from 47.1.1.4, Send flag is 0x0
      Composite metric is (435200/409600), route is Internal
      Vector metric:
        Minimum bandwidth is 10000 Kbit
        Total delay is 7000 microseconds
        Reliability is 255/255
        Load is 1/255
        Minimum MTU is 1500
        Hop count is 2
        Originating router is 6.6.6.6
      Extended Community: SoO:88:88

16、此时R7也是可以收到该路由,并且这个扩展团体属性值通过EIGRP的TLV字段携带
17、在R4上修改SOO值为88:88
18、在R7上查看EIGRP路由信息

R7#show ip route eigrp 
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

19、此时在R4上查看EIGRP路由表

R4#show ip route vrf alex eigrp 

Routing Table: alex
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      67.0.0.0/24 is subnetted, 1 subnets
D        67.1.1.0 [90/307200] via 47.1.1.7, 00:01:37, Ethernet0/2

20、在R4上查看EIGRP数据库

R4#show ip eigrp vrf alex topology 
EIGRP-IPv4 Topology Table for AS(1)/ID(47.1.1.4) VRF(alex)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status 

P 67.1.1.0/24, 1 successors, FD is 307200
        via 47.1.1.7 (307200/281600), Ethernet0/2
P 47.1.1.0/24, 1 successors, FD is 281600
        via Connected, Ethernet0/2
P 56.1.1.0/24, 1 successors, FD is 281600
        via VPNv4 Sourced (281600/0)
P 6.6.6.6/32, 1 successors, FD is 409600
        via VPNv4 Sourced (409600/0)

21、在R4上查看VPNV4路由表

R4#show ip bgp vpnv4 vrf alex 
BGP table version is 28, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, 
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, 
              x best-external, a additional-path, c RIB-compressed, 
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 6:6 (default for vrf alex)
 *>i 6.6.6.6/32       5.5.5.5             409600    100      0 ?
 *>  47.1.1.0/24      0.0.0.0                  0         32768 ?
 *>i 56.1.1.0/24      5.5.5.5                  0    100      0 ?
 *>  67.1.1.0/24      47.1.1.7            307200         32768 ?

22、在R4上查看6.6.6.6的详细信息

R4#show ip bgp vpnv4 vrf alex 6.6.6.6 
BGP routing table entry for 6:6:6.6.6.6/32, version 21
Paths: (1 available, best #1, table alex)
  Not advertised to any peer
  Refresh Epoch 1
  Local
    5.5.5.5 (metric 21) from 5.5.5.5 (5.5.5.5)
      Origin incomplete, metric 409600, localpref 100, valid, internal, best
      Extended Community: SoO:88:88 RT:8:8 Cost:pre-bestpath:128:409600 
        0x8800:32768:0 0x8801:1:153600 0x8802:65281:256000 0x8803:65281:1500 
        0x8806:0:101058054
      mpls labels in/out nolabel/18
      rx pathid: 0, tx pathid: 0x0

结论:
R5从CE收到的路由引入到MP-BGP,增加扩展团体属性自定义值SOO;
传递给R4,R4通过重分布,将MP-BGP路由引入到EIGRP;
EIGRP从MP-BGP扩展团体属性中提取SOO值(如果存在),并将SOO值附加到路由上,然后将其添加到EIGRP数据库,更新到路由表时,会测试每个路由的SOO值;
路由携带的SOO与接口下配置的SOO值匹配则过滤,不匹配则传递;
即:相同的SOO值,被PE认为是同站点;相同的SOO,路由将不能传递

标签:R4,R5,MPLS,EIGRP,vrf,router,100,VPN,config
来源: https://blog.csdn.net/weixin_50299079/article/details/115590607