kl800.com省心范文网

MPLS


L3 MPLS VPN 常用解决方案配置实例 Bioeng@21cn.com

L3 MPLS VPN常用解决方案配置实例 .............................................................................................................................. 1 一 MPLS VPN MCE配置实例 ............................................................................................................................................ 8 1 网络拓扑图............................................................................................................................................................... 8 2 拓扑说明................................................................................................................................................................... 8 3 设备配置................................................................................................................................................................... 9

3.1 3.2 3.3 3.4 3.5 3.6 4.1 4.2 4.3 4.4 4.5 4.5


PE1-AS1 设备配置 ........................................................................................................................................... 9 PE2-AS1 设备配置 ......................................................................................................................................... 11 PE3-AS1 设备配置 ......................................................................................................................................... 17 MCE1 设备配置 ............................................................................................................................................... 21 MCE2 设备配置 ............................................................................................................................................... 26 WWW设备配置 .................................................................................................................................................. 31 PE1-AS1 配置验证 ......................................................................................................................................... 33 PE2-AS1 配置验证 ......................................................................................................................................... 35 PE3-AS1 配置验证 ......................................................................................................................................... 37 MCE1 配置验证 ............................................................................................................................................... 38 MCE2 配置验证 ............................................................................................................................................... 40 WWW配置验证 .................................................................................................................................................. 41

4 配置验证................................................................................................................................................................. 33

MPLS VPN HUB&SPOKE .............................................................................................................................................. 42 1 MPLS VPN HUB&SPOKE WITH OSPF........................................................................................................................... 42

1.1 网络拓扑图 .................................................................................................................................................... 42 1.2 应用需求 ........................................................................................................................................................ 42 1.3 设备配置 ........................................................................................................................................................ 43
1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 P1-R1 设备配置 ........................................................................................................................................................43 PE2-R2 设备配置 ......................................................................................................................................................45 PE3-R3 设备配置 ......................................................................................................................................................49 PE4-R4 设备配置 ......................................................................................................................................................53 CE5-R5 设备配置 ......................................................................................................................................................56 CE6-R6 设备配置 ......................................................................................................................................................58 CE7-R7 设备配置 ......................................................................................................................................................60 CE8-R8 设备配置 ......................................................................................................................................................62 P1-R1 配置验证 ........................................................................................................................................................64 PE2-R2 配置验证 ......................................................................................................................................................64 PE3-R3 配置验证 ......................................................................................................................................................70 PE4-R4 配置验证 ......................................................................................................................................................74 CE5-R5 配置验证 ......................................................................................................................................................78 CE6-R6 配置验证 ......................................................................................................................................................80 CE7-R7 配置验证 ......................................................................................................................................................82 CE8-R8 配置验证 ......................................................................................................................................................84

1.4 配置验证 ........................................................................................................................................................ 64

1.5 实现原理及注意事项 .................................................................................................................................... 86
2 MPLS VPN HUB&SPOKE WITH BGP............................................................................................................................. 87

2.1 网络拓扑图 .................................................................................................................................................... 87

2.2 应用需求 ........................................................................................................................................................ 87 2.3 设备配置 ........................................................................................................................................................ 88
2.3.1 2.3.2 2.3.3 2.3.4 2.3.5 2.3.6 2.3.7 2.3.8 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.4.8 P1-R1 设备配置 ........................................................................................................................................................88 PE2-R2 设备配置 ......................................................................................................................................................90 PE3-R3 设备配置 ......................................................................................................................................................94 PE4-R4 设备配置 ......................................................................................................................................................97 CE5-R5 设备配置 ....................................................................................................................................................100 CE6-R6 设备配置 ....................................................................................................................................................103 CE7-R7 设备配置 ....................................................................................................................................................105 CE8-R8 设备配置 ....................................................................................................................................................107 P1-R1 配置验证 ......................................................................................................................................................109 PE2-R2 配置验证 ....................................................................................................................................................109 PE3-R3 配置验证 ....................................................................................................................................................115 PE4-R4 配置验证 ....................................................................................................................................................119 CE5-R5 配置验证 ....................................................................................................................................................122 CE6-R6 配置验证 ....................................................................................................................................................125 CE7-R7 配置验证 ....................................................................................................................................................127 CE8-R8 配置验证 ....................................................................................................................................................129

2.4 设备配置 ...................................................................................................................................................... 109

2.5 实现原理及注意事项 .................................................................................................................................. 131
三 MPLS VPN访问INTERNET组网 ................................................................................................................................ 133 1 MPLS VPN访问INTERNET方式一 .............................................................................................................................. 133

1.1 网络拓扑图 .................................................................................................................................................. 133 1.2 应用需求 ...................................................................................................................................................... 133 1.3 设备配置 ...................................................................................................................................................... 134
1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 PE1-RR设备配置 .....................................................................................................................................................134 PE2-RR设备配置 .....................................................................................................................................................136 PE3-Client设备配置 .............................................................................................................................................139 PE4-Client设备配置 .............................................................................................................................................142 PE5-IGW设备配置 ...................................................................................................................................................145 MCE1 设备配置 ........................................................................................................................................................147 MCE2 设备配置 ........................................................................................................................................................149 Internet设备配置 .................................................................................................................................................151 PE1-RR配置验证 .....................................................................................................................................................151 PE2-RR配置验证 .....................................................................................................................................................155 PE3-Client配置验证 .............................................................................................................................................159 PE4-Client配置验证 .............................................................................................................................................163 PE5-IGW配置验证 ...................................................................................................................................................167 MCE1 配置验证 ........................................................................................................................................................170 MCE2 配置验证 ........................................................................................................................................................173 Internet配置验证 .................................................................................................................................................175

1.4 配置验证 ...................................................................................................................................................... 151

2 MPLS VPN访问INTERNET方式二 .............................................................................................................................. 176

2.1 网络拓扑图 .................................................................................................................................................. 176

2.2 应用需求 ...................................................................................................................................................... 176 2.3 设备配置 ...................................................................................................................................................... 176
2.3.1 2.3.2 2.3.3 2.3.4 2.3.5 2.3.6 2.3.7 2.3.8 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.4.8 PE1-RR设备配置 .....................................................................................................................................................176 PE2-RR设备配置 .....................................................................................................................................................179 PE3-Client设备配置 .............................................................................................................................................182 PE4-Client设备配置 .............................................................................................................................................184 PE5-Client设备配置 .............................................................................................................................................187 MCE1 设备配置 ........................................................................................................................................................190 MCE2 设备配置 ........................................................................................................................................................192 Internet设备配置 .................................................................................................................................................193 PE1-RR设备验证 .....................................................................................................................................................194 PE2-RR设备验证 .....................................................................................................................................................196 PE3-Client设备验证 .............................................................................................................................................199 PE4-Client设备验证 .............................................................................................................................................201 PE5-Client设备验证 .............................................................................................................................................204 MCE1 设备验证 ........................................................................................................................................................206 MCE2 设备验证 ........................................................................................................................................................212 Interent设备验证 .................................................................................................................................................215

2.4 配置验证 ...................................................................................................................................................... 194

2.5 实现原理及注意事项 .................................................................................................................................. 216
3 MPLS VPN访问INTERNET方式三 .............................................................................................................................. 217

3.1 网络拓扑图 .................................................................................................................................................. 217 3.2 应用需求 ...................................................................................................................................................... 217 3.3 设备配置 ...................................................................................................................................................... 218
3.3.1 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.3.7 3.3.8 3.3.9 3.4.1 3.4.2 3.4.3 3.4.4 3.4.5 3.4.6 3.4.7 3.4.8 3.4.9 PE1-RR设备配置 .....................................................................................................................................................218 PE2-RR设备配置 .....................................................................................................................................................220 PE3-Client设备配置 .............................................................................................................................................223 PE4-Client设备配置 .............................................................................................................................................227 PE5-Client设备配置 .............................................................................................................................................232 MCE1 设备配置 ........................................................................................................................................................235 MCE2 设备配置 ........................................................................................................................................................238 IGW设备配置 ...........................................................................................................................................................241 Internet设备配置 .................................................................................................................................................244 PE1-RR配置验证 .....................................................................................................................................................245 PE2-RR配置验证 .....................................................................................................................................................248 PE3-Client配置验证 .............................................................................................................................................250 PE4-Client配置验证 .............................................................................................................................................253 PE5-Client配置验证 .............................................................................................................................................255 MCE1 配置验证 ........................................................................................................................................................257 MCE2 配置验证 ........................................................................................................................................................260 IGW配置验证 ...........................................................................................................................................................264 Internet配置验证 .................................................................................................................................................264

3.4 配置验证 ...................................................................................................................................................... 245



CISCO MPLS TE配置实例 ...................................................................................................................................... 265

1 MPLS TE(OSPF)配置实例 ................................................................................................................................. 265

1.1 网络拓扑图 .................................................................................................................................................. 265 1.2 网络拓扑说明 .............................................................................................................................................. 265 1.3 路由器配置 .................................................................................................................................................. 266
1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 R1 路由器配置 ........................................................................................................................................................266 R2 路由器配置 ........................................................................................................................................................267 R3 路由器配置 ........................................................................................................................................................269 R4 路由器配置 ........................................................................................................................................................269 R5 路由器配置 ........................................................................................................................................................271 R6 路由器配置 ........................................................................................................................................................272 R4 路由器状态信息 ................................................................................................................................................274 R6 路由器状态信息 ................................................................................................................................................278 R1 路由器状态信息 ................................................................................................................................................283 R2 路由器状态信息 ................................................................................................................................................286 R3 路由器状态信息 ................................................................................................................................................289 R5 路由器状态信息 ................................................................................................................................................290

1.4 配置验证 ...................................................................................................................................................... 274

1.5 隧道切换测试 .............................................................................................................................................. 292
2 MPLS TE(IS-IS)配置实例 ............................................................................................................................... 297

2.1 网络拓扑图 .................................................................................................................................................. 297 2.2 网络拓扑说明 .............................................................................................................................................. 298 2.3 路由器配置 .................................................................................................................................................. 299
2.3.1 2.3.2 2.3.3 2.3.4 2.3.5 2.3.6 2.4.1 2.4.2 R1 路由器配置 ........................................................................................................................................................299 R2 路由器配置 ........................................................................................................................................................300 R3 路由器配置 ........................................................................................................................................................301 R4 路由器配置 ........................................................................................................................................................302 R5 路由器配置 ........................................................................................................................................................304 R6 路由器配置 ........................................................................................................................................................304 R4 路由器状态信息 ................................................................................................................................................306 R6 路由器状态信息 ................................................................................................................................................309

2.4 配置验证 ...................................................................................................................................................... 306

2.5 隧道切换测试 .............................................................................................................................................. 312
3 MPLS TE FRR—LINK PROTECTION配置实例 ............................................................................................................ 321

3.1 网络拓扑图 .................................................................................................................................................. 321 3.2 网络拓扑说明 .............................................................................................................................................. 322 3.3 路由器配置 .................................................................................................................................................. 322
3.3.1 3.3.2 3.3.3 3.3.4 3.3.5 R1 路由器配置 ........................................................................................................................................................322 R2 路由器配置 ........................................................................................................................................................325 R4 路由器配置 ........................................................................................................................................................327 R5 路由器配置 ........................................................................................................................................................330 R6 路由器配置 ........................................................................................................................................................332

4 MPLS VPN OVER TE配置实例 ................................................................................................................................ 335

4.1 网络拓扑图 .................................................................................................................................................. 335 4.2 网络拓扑说明 .............................................................................................................................................. 335

4.3 设备配置 ...................................................................................................................................................... 336
4.3.1 4.3.2 4.3.3 4.3.4 4.3.5 4.3.6 4.4.1 4.4.2 4.4.3 4.4.4 4.4.5 4.4.6 R4_PE路由器配置 ...................................................................................................................................................336 R6_PE路由器配置 ...................................................................................................................................................340 R1_P路由器配置 .....................................................................................................................................................343 R2_P路由器配置 .....................................................................................................................................................345 R3_P路由器配置 .....................................................................................................................................................346 R5_P路由器配置 .....................................................................................................................................................347 R4_PE验证 ...............................................................................................................................................................348 R6_PE验证 ...............................................................................................................................................................355 R1_P验证 .................................................................................................................................................................363 R2_P验证 .................................................................................................................................................................364 R3_P验证 .................................................................................................................................................................365 R5_P验证 .................................................................................................................................................................366

4.4 配置验证 ...................................................................................................................................................... 348



MPLS VPN 跨域配置实例 ...................................................................................................................................... 368 1 VRF
TO

VRF模式..................................................................................................................................................... 368

1.1 网络拓扑图 .................................................................................................................................................. 368 1.2 应用需求 ...................................................................................................................................................... 369 1.3 设备配置 ...................................................................................................................................................... 369
1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 PE1-ASBR-A设备配置 .............................................................................................................................................369 PE1-ASBR-B设备配置 .............................................................................................................................................372 PE2-A设备配置 .......................................................................................................................................................376 PE2-B设备配置 .......................................................................................................................................................379 CE1-A设备配置 .......................................................................................................................................................383 CE1-B设备配置 .......................................................................................................................................................385 CE2-A设备配置 .......................................................................................................................................................386 CE2-B设备配置 .......................................................................................................................................................388 PE1-ASBR-A设备配置 .............................................................................................................................................390 PE1-ASBR-B设备配置 .............................................................................................................................................393 PE2-A设备配置 .......................................................................................................................................................397 PE2-B设备配置 .......................................................................................................................................................399 CE1-A设备配置 .......................................................................................................................................................401 CE1-B设备配置 .......................................................................................................................................................402 CE1-B设备配置 .......................................................................................................................................................404 CE2-B设备配置 .......................................................................................................................................................405

1.4 配置验证 ...................................................................................................................................................... 390

2 单跳MP-EBGP(不改变下一跳)模式 ................................................................................................................. 406

2.1 网络拓扑图 .................................................................................................................................................. 406 2.2 应用需求 ...................................................................................................................................................... 406 2.3 设备配置 ...................................................................................................................................................... 407
2.3.1 2.3.2 2.3.3 2.3.4 PE1-ASBR-A设备配置 .............................................................................................................................................407 PE1-ASBR-B设备配置 .............................................................................................................................................409 PE2-A设备配置 .......................................................................................................................................................412 PE2-B设备配置 .......................................................................................................................................................416

2.3.5 2.3.6 2.3.7 2.3.8 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.4.8

CE1-A设备配置 .......................................................................................................................................................419 CE2-A设备配置 .......................................................................................................................................................421 CE1-B设备配置 .......................................................................................................................................................423 CE2-B设备配置 .......................................................................................................................................................425 PE1-ASBR-A配置验证 .............................................................................................................................................427 PE2-ASBR-B配置验证 .............................................................................................................................................429 PE2-A配置验证 .......................................................................................................................................................431 PE2-B配置验证 .......................................................................................................................................................432 CE1-A配置验证 .......................................................................................................................................................435 CE2-A配置验证 .......................................................................................................................................................436 CE1-B配置验证 .......................................................................................................................................................437 CE2-B配置验证 .......................................................................................................................................................438

2.4 配置验证 ...................................................................................................................................................... 427

3 单跳MP-EBGP(改变下一跳)模式 ..................................................................................................................... 439

3.1 网络拓扑图 .................................................................................................................................................. 439 3.2 应用需求 ...................................................................................................................................................... 439 3.3 设备配置 ...................................................................................................................................................... 440
3.3.1 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.3.7 3.3.8 3.4.1 3.4.2 3.4.3 3.4.4 3.4.5 3.4.6 3.4.7 3.4.8 PE1-ASBR-A设备配置 .............................................................................................................................................440 PE1-ASBR-B设备配置 .............................................................................................................................................442 PE2-A设备配置 .......................................................................................................................................................445 PE2-B设备配置 .......................................................................................................................................................449 CE1-A设备配置 .......................................................................................................................................................452 CE2-A设备配置 .......................................................................................................................................................454 CE1-B设备配置 .......................................................................................................................................................456 CE2-B设备配置 .......................................................................................................................................................458 PE1-ASBR-A配置验证 .............................................................................................................................................460 PE1-ASBR-B配置验证 .............................................................................................................................................461 PE2-A配置验证 .......................................................................................................................................................463 PE2-B配置验证 .......................................................................................................................................................465 CE1-A配置验证 .......................................................................................................................................................468 CE2-A配置验证 .......................................................................................................................................................469 CE1-B配置验证 .......................................................................................................................................................470 CE2-B配置验证 .......................................................................................................................................................471

3.4 配置验证 ...................................................................................................................................................... 460

3 多跳MP-EBGP(不改变下一跳)模式 ................................................................................................................. 473

3.1 网络拓扑图 .................................................................................................................................................. 473 3.2 应用需求 ...................................................................................................................................................... 473 3.3 设备配置及配置验证 .................................................................................................................................. 474
3.3.1 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.3.7 ASBR_1_A设备配置及配置验证..............................................................................................................................474 ASBR_1_B设备配置及配置验证..............................................................................................................................478 RR_ASBR_A设备配置及配置验证............................................................................................................................481 RR_ASBR_B设备配置及配置验证............................................................................................................................486 PE_A设备配置及配置验证......................................................................................................................................491 PE_B设备配置及配置验证......................................................................................................................................497 MCE_A设备配置及配置验证....................................................................................................................................502

3.3.8

MCE_B设备配置及配置验证....................................................................................................................................507


1

MPLS VPN MCE 配置实例
网络拓扑图

2

拓扑说明

1)分支机构 1、分支机构 2 路由器为 MCE 设备,要求不同的 VPN 之间的用户不能互相访问,但跨设备 的同一 VPN 之间用户能够互相访问; 2)为了确保节点接入的可靠性,接入设备 MCE 采用双归属的方式组网;

3
3.1

设备配置
PE1-AS1 设备配置

hostname PE1_AS1 ! no ip domain lookup ! ip vrf vpn1 rd 1:1 route-target export 1:1 route-target import 1:1 ! ip vrf vpn2 rd 2:2 route-target export 2:2 route-target import 2:2 ! ip cef ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface FastEthernet0/0 no ip address duplex half ! interface FastEthernet0/0.1 encapsulation dot1Q 1 native ip vrf forwarding vpn1 ip address 172.16.1.1 255.255.255.252 ! interface FastEthernet0/0.2 encapsulation dot1Q 2 ip address 172.16.1.5 255.255.255.252 ! interface Serial1/0 ip address 10.10.10.1 255.255.255.252 mpls label protocol ldp tag-switching ip serial restart_delay 0 ! interface Serial1/1

ip address 10.10.10.5 255.255.255.252 mpls label protocol ldp tag-switching ip serial restart_delay 0 ! interface Ethernet2/0 no ip address duplex half ! interface Ethernet2/0.10 encapsulation dot1Q 10 ip vrf forwarding vpn1 ip address 172.16.1.9 255.255.255.252 ! interface Ethernet2/0.20 encapsulation dot1Q 20 ip vrf forwarding vpn2 ip address 172.16.1.13 255.255.255.252 ! router ospf 1 router-id 1.1.1.1 log-adjacency-changes redistribute static network 1.1.1.1 0.0.0.0 area 0.0.0.0 network 10.10.10.0 0.0.0.255 area 0.0.0.0 ! router ospf 10 vrf vpn1 log-adjacency-changes redistribute bgp 100 subnets network 172.16.1.0 0.0.0.3 area 0.0.0.0 network 172.16.1.8 0.0.0.3 area 0.0.0.0 ! router ospf 20 vrf vpn2 log-adjacency-changes redistribute bgp 100 subnets network 172.16.1.4 0.0.0.3 area 0.0.0.0 network 172.16.1.12 0.0.0.3 area 0.0.0.0 ! router bgp 100 no synchronization bgp log-neighbor-changes neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 neighbor 2.2.2.2 next-hop-self neighbor 3.3.3.3 remote-as 100

neighbor 3.3.3.3 update-source Loopback0 neighbor 3.3.3.3 next-hop-self no auto-summary ! address-family vpnv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 next-hop-self neighbor 2.2.2.2 send-community extended neighbor 3.3.3.3 activate neighbor 3.3.3.3 next-hop-self neighbor 3.3.3.3 send-community extended no auto-summary exit-address-family ! address-family ipv4 vrf vpn2 redistribute ospf 20 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf vpn1 redistribute ospf 10 no auto-summary no synchronization exit-address-family ! ! end

3.2

PE2-AS1 设备配置

PE2_AS1#show running-config Building configuration... Current configuration : 3669 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname PE2_AS1 ! logging queue-limit 100

! ip subnet-zero ! ! no ip domain lookup ! ip vrf vpn1 rd 1:1 route-target export 1:1 route-target import 1:1 ! ip vrf vpn2 rd 2:2 route-target export 2:2 route-target import 2:2 ! ip cef mpls ldp logging neighbor-changes ! ! ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface FastEthernet0/0 no ip address duplex half

! interface FastEthernet0/0.1 encapsulation dot1Q 1 native ip vrf forwarding vpn1 ip address 172.16.2.1 255.255.255.252 ! interface FastEthernet0/0.2 encapsulation dot1Q 2 ip vrf forwarding vpn2 ip address 172.16.2.5 255.255.255.252 ! interface Serial1/0 ip address 10.10.10.9 255.255.255.252 mpls label protocol ldp tag-switching ip serial restart_delay 0 ! interface Serial1/1 ip address 10.10.10.2 255.255.255.252 mpls label protocol ldp tag-switching ip serial restart_delay 0 ! interface Serial1/2 no ip address shutdown serial restart_delay 0 ! interface Serial1/3 no ip address shutdown serial restart_delay 0 ! interface Serial1/4 no ip address shutdown serial restart_delay 0 ! interface Serial1/5 no ip address shutdown serial restart_delay 0 ! interface Serial1/6 no ip address

shutdown serial restart_delay 0 ! interface Serial1/7 no ip address shutdown serial restart_delay 0 ! interface Ethernet2/0 no ip address duplex half ! interface Ethernet2/0.10 encapsulation dot1Q 10 ip vrf forwarding vpn1 ip address 172.16.2.9 255.255.255.252 ! interface Ethernet2/0.20 encapsulation dot1Q 20 ip vrf forwarding vpn2 ip address 172.16.2.13 255.255.255.252 ! interface Ethernet2/1 no ip address shutdown duplex half ! interface Ethernet2/2 no ip address shutdown duplex half ! interface Ethernet2/3 no ip address shutdown duplex half ! interface Ethernet2/4 no ip address shutdown duplex half ! interface Ethernet2/5 no ip address shutdown

duplex half ! interface Ethernet2/6 no ip address shutdown duplex half ! interface Ethernet2/7 no ip address shutdown duplex half ! router ospf 1 router-id 2.2.2.2 log-adjacency-changes network 2.2.2.2 0.0.0.0 area 0.0.0.0 network 10.10.10.0 0.0.0.255 area 0.0.0.0 ! router ospf 10 vrf vpn1 log-adjacency-changes redistribute bgp 100 subnets network 172.16.2.0 0.0.0.3 area 0.0.0.0 network 172.16.2.8 0.0.0.3 area 0.0.0.0 ! router ospf 20 vrf vpn2 log-adjacency-changes redistribute bgp 100 subnets network 172.16.2.4 0.0.0.3 area 0.0.0.0 network 172.16.2.12 0.0.0.3 area 0.0.0.0 ! router bgp 100 no synchronization bgp log-neighbor-changes neighbor 1.1.1.1 remote-as 100 neighbor 1.1.1.1 update-source Loopback0 neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 update-source Loopback0 no auto-summary ! address-family vpnv4 neighbor 1.1.1.1 activate neighbor 1.1.1.1 send-community extended neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-community extended no auto-summary

exit-address-family ! address-family ipv4 vrf vpn2 redistribute ospf 20 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf vpn1 redistribute ospf 10 no auto-summary no synchronization exit-address-family ! ip classless no ip http server no ip http secure-server ! ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 0 0 login

! ! end

3.3

PE3-AS1 设备配置

PE3_AS1#show running Building configuration... Current configuration : 3419 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname PE3_AS1 ! logging queue-limit 100 ! ip subnet-zero ! ! no ip domain lookup ! ip vrf internet rd 100:100 route-target export 100:100 route-target import 100:100 ! ip vrf vpn1 rd 1:1 route-target export 1:1 route-target import 1:1 ! ip vrf vpn2 rd 2:2 route-target export 2:2 route-target import 2:2 ! ip cef mpls ldp logging neighbor-changes ! !

! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface FastEthernet0/0 ip address 209.165.200.254 255.255.255.0 ip nat outside duplex half ! interface Serial1/0 ip address 10.10.10.10 255.255.255.252 ip nat inside mpls label protocol ldp tag-switching ip serial restart_delay 0 ! interface Serial1/1 ip address 10.10.10.6 255.255.255.252 ip nat inside mpls label protocol ldp tag-switching ip serial restart_delay 0 ! interface Serial1/2 no ip address shutdown serial restart_delay 0

! interface Serial1/3 no ip address shutdown serial restart_delay 0 ! interface Serial1/4 no ip address shutdown serial restart_delay 0 ! interface Serial1/5 no ip address shutdown serial restart_delay 0 ! interface Serial1/6 no ip address shutdown serial restart_delay 0 ! interface Serial1/7 no ip address shutdown serial restart_delay 0 ! router ospf 1 router-id 3.3.3.3 log-adjacency-changes network 3.3.3.3 0.0.0.0 area 0.0.0.0 network 10.10.10.0 0.0.0.255 area 0.0.0.0 ! router bgp 100 no synchronization no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 1.1.1.1 remote-as 100 neighbor 1.1.1.1 update-source Loopback0 neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 no auto-summary ! address-family ipv4 multicast no auto-summary no synchronization

exit-address-family ! address-family vpnv4 neighbor 1.1.1.1 activate neighbor 1.1.1.1 send-community both neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community both no auto-summary exit-address-family ! address-family ipv4 neighbor 1.1.1.1 activate neighbor 1.1.1.1 next-hop-self neighbor 2.2.2.2 activate neighbor 2.2.2.2 next-hop-self no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf vpn2 redistribute static no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf vpn1 redistribute static no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf internet no auto-summary no synchronization exit-address-family ! ip nat pool pool 209.165.200.100 209.165.200.200 netmask 255.255.255.0 ip nat inside source list 101 pool pool vrf vpn1 ip nat inside source list 102 pool pool vrf vpn2 ip classless no ip http server no ip http secure-server ! ! !

access-list 101 permit ip 192.168.1.0 0.0.0.255 209.165.201.0 0.0.0.255 access-list 101 permit ip 192.168.10.0 0.0.0.255 209.165.201.0 0.0.0.255 access-list 102 permit ip 192.168.2.0 0.0.0.255 209.165.201.0 0.0.0.255 access-list 102 permit ip 192.168.20.0 0.0.0.255 209.165.201.0 0.0.0.255 ! ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 0 0 login ! ! end

3.4

MCE1 设备配置

MCE1#show running Building configuration... Current configuration : 3172 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption

! hostname MCE1 ! logging queue-limit 100 ! ip subnet-zero ! ! no ip domain lookup ! ip vrf vpn1 rd 1:1 route-target export 1:1 route-target import 1:1 ! ip vrf vpn2 rd 2:2 route-target export 2:2 route-target import 2:2 ! ip cef mpls ldp logging neighbor-changes ! ! ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback1 ip vrf forwarding vpn1

ip address 192.168.1.1 255.255.255.0 ! interface Loopback2 ip vrf forwarding vpn2 ip address 192.168.2.1 255.255.255.0 ! interface FastEthernet0/0 no ip address duplex half ! interface FastEthernet0/0.1 encapsulation dot1Q 1 native ip vrf forwarding vpn1 ip address 172.16.1.2 255.255.255.252 ! interface FastEthernet0/0.2 encapsulation dot1Q 2 ip vrf forwarding vpn2 ip address 172.16.1.6 255.255.255.252 ! interface Ethernet1/0 no ip address duplex half ! interface Ethernet1/0.1 encapsulation dot1Q 100 ip vrf forwarding vpn1 ip address 172.16.3.1 255.255.255.252 ! interface Ethernet1/1 no ip address duplex half ! interface Ethernet1/1.2 encapsulation dot1Q 200 ip vrf forwarding vpn2 ip address 172.16.3.5 255.255.255.252 no cdp enable ! interface Ethernet1/2 no ip address shutdown duplex half ! interface Ethernet1/3

no ip address shutdown duplex half ! interface Ethernet1/4 no ip address shutdown duplex half ! interface Ethernet1/5 no ip address shutdown duplex half ! interface Ethernet1/6 no ip address shutdown duplex half ! interface Ethernet1/7 no ip address shutdown duplex half ! interface Ethernet2/0 no ip address duplex half ! interface Ethernet2/0.10 encapsulation dot1Q 10 ip vrf forwarding vpn1 ip address 172.16.2.10 255.255.255.252 ! interface Ethernet2/0.20 encapsulation dot1Q 20 ip vrf forwarding vpn2 ip address 172.16.2.14 255.255.255.252 ! interface Ethernet2/1 no ip address shutdown duplex half ! interface Ethernet2/2 no ip address

shutdown duplex half ! interface Ethernet2/3 no ip address shutdown duplex half ! interface Ethernet2/4 no ip address shutdown duplex half ! interface Ethernet2/5 no ip address shutdown duplex half ! interface Ethernet2/6 no ip address shutdown duplex half ! interface Ethernet2/7 no ip address shutdown duplex half ! router ospf 10 vrf vpn1 log-adjacency-changes capability vrf-lite network 172.16.1.0 0.0.0.3 area 0.0.0.0 network 172.16.2.8 0.0.0.3 area 0.0.0.0 network 172.16.3.0 0.0.0.3 area 0.0.0.0 network 192.168.1.0 0.0.0.255 area 0.0.0.0 ! router ospf 20 vrf vpn2 log-adjacency-changes capability vrf-lite network 172.16.1.4 0.0.0.3 area 0.0.0.0 network 172.16.2.12 0.0.0.3 area 0.0.0.0 network 172.16.3.4 0.0.0.3 area 0.0.0.0 network 192.168.2.0 0.0.0.255 area 0.0.0.0 ! ip classless

no ip http server no ip http secure-server ! ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 0 0 login ! ! end

3.5

MCE2 设备配置

MCE2#show running Building configuration... Current configuration : 3182 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec

no service password-encryption ! hostname MCE2 ! logging queue-limit 100 ! ip subnet-zero ! ! ! ip vrf vpn1 rd 1:1 route-target export 1:1 route-target import 1:1 ! ip vrf vpn2 rd 2:2 route-target export 2:2 route-target import 2:2 ! ip cef mpls ldp logging neighbor-changes ! ! ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback1 ip vrf forwarding vpn1

ip address 192.168.10.1 255.255.255.0 ! interface Loopback2 ip vrf forwarding vpn2 ip address 192.168.20.1 255.255.255.0 ! interface FastEthernet0/0 no ip address duplex half ! interface FastEthernet0/0.1 encapsulation dot1Q 1 native ip vrf forwarding vpn1 ip address 172.16.2.2 255.255.255.252 ! interface FastEthernet0/0.2 encapsulation dot1Q 2 ip vrf forwarding vpn2 ip address 172.16.2.6 255.255.255.252 ! interface Ethernet1/0 no ip address duplex half ! interface Ethernet1/0.1 encapsulation dot1Q 100 ip vrf forwarding vpn1 ip address 172.16.3.2 255.255.255.252 ! interface Ethernet1/0.2 encapsulation dot1Q 200 ip vrf forwarding vpn2 ip address 172.16.3.6 255.255.255.252 ! interface Ethernet1/1 no ip address duplex half ! interface Ethernet1/1.1 no cdp enable ! interface Ethernet1/2 no ip address shutdown duplex half

! interface Ethernet1/3 no ip address shutdown duplex half ! interface Ethernet1/4 no ip address shutdown duplex half ! interface Ethernet1/5 no ip address shutdown duplex half ! interface Ethernet1/6 no ip address shutdown duplex half ! interface Ethernet1/7 no ip address shutdown duplex half ! interface Ethernet2/0 no ip address duplex half ! interface Ethernet2/0.10 encapsulation dot1Q 10 ip vrf forwarding vpn1 ip address 172.16.1.10 255.255.255.252 ! interface Ethernet2/0.20 encapsulation dot1Q 20 ip vrf forwarding vpn2 ip address 172.16.1.14 255.255.255.252 ! interface Ethernet2/1 no ip address shutdown duplex half !

interface Ethernet2/2 no ip address shutdown duplex half ! interface Ethernet2/3 no ip address shutdown duplex half ! interface Ethernet2/4 no ip address shutdown duplex half ! interface Ethernet2/5 no ip address shutdown duplex half ! interface Ethernet2/6 no ip address shutdown duplex half ! interface Ethernet2/7 no ip address shutdown duplex half ! router ospf 10 vrf vpn1 log-adjacency-changes capability vrf-lite network 172.16.1.8 0.0.0.3 area 0.0.0.0 network 172.16.2.0 0.0.0.3 area 0.0.0.0 network 172.16.3.0 0.0.0.3 area 0.0.0.0 network 192.168.10.0 0.0.0.255 area 0.0.0.0 ! router ospf 20 vrf vpn2 log-adjacency-changes capability vrf-lite network 172.16.1.12 0.0.0.3 area 0.0.0.0 network 172.16.2.4 0.0.0.3 area 0.0.0.0 network 172.16.3.4 0.0.0.3 area 0.0.0.0 network 192.168.20.0 0.0.0.255 area 0.0.0.0

! ip classless no ip http server no ip http secure-server ! ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 0 0 login ! ! end

3.6

WWW 设备配置

www#show running Building configuration... Current configuration : 797 bytes ! version 12.2

service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname www ! logging queue-limit 100 ! ip subnet-zero ! ! no ip domain lookup ! ip cef mpls ldp logging neighbor-changes ! ! ! ! ! ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 209.165.201.1 255.255.255.0 ! interface FastEthernet0/0 ip address 209.165.200.1 255.255.255.0 duplex half ! ip classless no ip http server

no ip http secure-server ! ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 stopbits 1 line aux 0 stopbits 1 line vty 0 4 exec-timeout 0 0 login ! ! end

4
4.1

配置验证
PE1-AS1 配置验证

PE1_AS1#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

* - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets C O O C O C C 1.1.1.1 is directly connected, Loopback0 2.0.0.0/32 is subnetted, 1 subnets 2.2.2.2 [110/65] via 10.10.10.2, 01:35:44, Serial1/0 3.0.0.0/32 is subnetted, 1 subnets 3.3.3.3 [110/65] via 10.10.10.6, 01:35:44, Serial1/1 172.16.0.0/30 is subnetted, 1 subnets 172.16.1.4 is directly connected, FastEthernet0/0.2 10.0.0.0/30 is subnetted, 3 subnets 10.10.10.8 [110/128] via 10.10.10.2, 01:35:44, Serial1/0 [110/128] via 10.10.10.6, 01:35:44, Serial1/1 10.10.10.0 is directly connected, Serial1/0 10.10.10.4 is directly connected, Serial1/1

PE1_AS1#show ip route vrf vpn1\ % IP routing table vpn1\ does not exist PE1_AS1#show ip route vrf vpn1 Routing Table: vpn1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 192.168.10.0/32 is subnetted, 1 subnets O C O C O O O 192.168.10.1 [110/11] via 172.16.1.10, 02:55:08, Ethernet2/0.10 172.16.0.0/30 is subnetted, 5 subnets 172.16.1.8 is directly connected, Ethernet2/0.10 172.16.2.8 [110/11] via 172.16.1.2, 02:55:08, FastEthernet0/0.1 172.16.1.0 is directly connected, FastEthernet0/0.1 172.16.2.0 [110/11] via 172.16.1.10, 02:55:08, Ethernet2/0.10 172.16.3.0 [110/11] via 172.16.1.2, 02:55:08, FastEthernet0/0.1 192.168.1.0/32 is subnetted, 1 subnets 192.168.1.1 [110/2] via 172.16.1.2, 02:55:08, FastEthernet0/0.1 PE1_AS1#show ip route vrf vpn2

Routing Table: vpn2 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/30 is subnetted, 5 subnets C O O O O O O PE1_AS1# 172.16.1.12 is directly connected, Ethernet2/0.20 172.16.2.12 [110/21] via 172.16.1.14, 02:55:06, Ethernet2/0.20 172.16.1.4 [110/22] via 172.16.1.14, 02:55:06, Ethernet2/0.20 172.16.2.4 [110/11] via 172.16.1.14, 02:55:06, Ethernet2/0.20 172.16.3.4 [110/20] via 172.16.1.14, 02:55:06, Ethernet2/0.20 192.168.20.0/32 is subnetted, 1 subnets 192.168.20.1 [110/11] via 172.16.1.14, 02:55:06, Ethernet2/0.20 192.168.2.0/32 is subnetted, 1 subnets 192.168.2.1 [110/22] via 172.16.1.14, 02:55:06, Ethernet2/0.20

4.2

PE2-AS1 配置验证

PE2_AS1#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets O C O C 1.1.1.1 [110/65] via 10.10.10.1, 02:50:01, Serial1/1 2.0.0.0/32 is subnetted, 1 subnets 2.2.2.2 is directly connected, Loopback0 3.0.0.0/32 is subnetted, 1 subnets 3.3.3.3 [110/65] via 10.10.10.10, 02:50:01, Serial1/0 10.0.0.0/30 is subnetted, 3 subnets 10.10.10.8 is directly connected, Serial1/0

C O

10.10.10.0 is directly connected, Serial1/1 10.10.10.4 [110/128] via 10.10.10.1, 02:50:01, Serial1/1 [110/128] via 10.10.10.10, 02:50:01, Serial1/0 vpn1 ^

PE2_AS1#show ip route Translating "vpn1"

% Invalid input detected at '^' marker. PE2_AS1#show ip route Routing Table: vpn1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 192.168.10.0/32 is subnetted, 1 subnets O O C O C O O 192.168.10.1 [110/2] via 172.16.2.2, 04:09:23, FastEthernet0/0.1 172.16.0.0/30 is subnetted, 5 subnets 172.16.1.8 [110/11] via 172.16.2.2, 04:09:23, FastEthernet0/0.1 172.16.2.8 is directly connected, Ethernet2/0.10 172.16.1.0 [110/11] via 172.16.2.10, 04:09:23, Ethernet2/0.10 172.16.2.0 is directly connected, FastEthernet0/0.1 172.16.3.0 [110/11] via 172.16.2.2, 04:09:23, FastEthernet0/0.1 192.168.1.0/32 is subnetted, 1 subnets 192.168.1.1 [110/11] via 172.16.2.10, 04:09:23, Ethernet2/0.10 vrf vpn2 PE2_AS1#show ip route Routing Table: vpn2 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/30 is subnetted, 5 subnets vrf vpn1

O C O C O O O PE2_AS1#

172.16.1.12 [110/11] via 172.16.2.6, 04:09:15, FastEthernet0/0.2 172.16.2.12 is directly connected, Ethernet2/0.20 172.16.1.4 [110/11] via 172.16.2.14, 04:09:15, Ethernet2/0.20 172.16.2.4 is directly connected, FastEthernet0/0.2 172.16.3.4 [110/11] via 172.16.2.6, 04:09:15, FastEthernet0/0.2 192.168.20.0/32 is subnetted, 1 subnets 192.168.20.1 [110/2] via 172.16.2.6, 04:09:15, FastEthernet0/0.2 192.168.2.0/32 is subnetted, 1 subnets 192.168.2.1 [110/11] via 172.16.2.14, 04:09:15, Ethernet2/0.20

4.3

PE3-AS1 配置验证

PE3_AS1#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets O O C C C O C 1.1.1.1 [110/65] via 10.10.10.5, 02:56:32, Serial1/1 2.0.0.0/32 is subnetted, 1 subnets 2.2.2.2 [110/65] via 10.10.10.9, 02:56:32, Serial1/0 3.0.0.0/32 is subnetted, 1 subnets 3.3.3.3 is directly connected, Loopback0 209.165.200.0/24 is directly connected, FastEthernet0/0 10.0.0.0/30 is subnetted, 3 subnets 10.10.10.8 is directly connected, Serial1/0 10.10.10.0 [110/128] via 10.10.10.5, 02:56:32, Serial1/1 [110/128] via 10.10.10.9, 02:56:32, Serial1/0 10.10.10.4 is directly connected, Serial1/1 PE3_AS1#show ip route vrf vpn1 Routing Table: vpn1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

* - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 192.168.10.0/32 is subnetted, 1 subnets B B B B B B B 192.168.10.1 [200/2] via 2.2.2.2, 04:15:48 172.16.0.0/30 is subnetted, 5 subnets 172.16.1.8 [200/0] via 1.1.1.1, 04:22:29 172.16.2.8 [200/0] via 2.2.2.2, 04:22:29 172.16.1.0 [200/0] via 1.1.1.1, 04:22:29 172.16.2.0 [200/0] via 2.2.2.2, 04:22:29 172.16.3.0 [200/11] via 1.1.1.1, 04:16:05 192.168.1.0/32 is subnetted, 1 subnets 192.168.1.1 [200/2] via 1.1.1.1, 04:16:04 PE3_AS1#show ip route vrf vpn2 Routing Table: vpn2 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/30 is subnetted, 5 subnets B B B B B B B PE3_AS1# 172.16.1.12 [200/0] via 1.1.1.1, 04:22:31 172.16.2.12 [200/0] via 2.2.2.2, 04:22:31 172.16.1.4 [200/11] via 2.2.2.2, 04:16:20 172.16.2.4 [200/0] via 2.2.2.2, 04:22:31 172.16.3.4 [200/11] via 2.2.2.2, 04:15:41 192.168.20.0/32 is subnetted, 1 subnets 192.168.20.1 [200/2] via 2.2.2.2, 04:15:39 192.168.2.0/32 is subnetted, 1 subnets 192.168.2.1 [200/11] via 2.2.2.2, 04:16:20

4.4

MCE1 配置验证

MCE1# show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set MCE1#show ip route vrf vpn1 Routing Table: vpn1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 192.168.10.0/32 is subnetted, 1 subnets O O C C O C C 192.168.10.1 [110/11] via 172.16.3.2, 04:19:06, Ethernet1/0.1 172.16.0.0/30 is subnetted, 5 subnets 172.16.1.8 [110/11] via 172.16.1.1, 04:19:06, FastEthernet0/0.1 172.16.2.8 is directly connected, Ethernet2/0.10 172.16.1.0 is directly connected, FastEthernet0/0.1 172.16.2.0 [110/11] via 172.16.2.9, 04:19:06, Ethernet2/0.10 [110/11] via 172.16.3.2, 04:19:06, Ethernet1/0.1 172.16.3.0 is directly connected, Ethernet1/0.1 192.168.1.0/24 is directly connected, Loopback1

MCE1#show ip route vrf vpn2 Routing Table: vpn2 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set

172.16.0.0/30 is subnetted, 5 subnets O C C O C O C MCE1# 172.16.1.12 [110/21] via 172.16.2.13, 04:18:48, Ethernet2/0.20 172.16.2.12 is directly connected, Ethernet2/0.20 172.16.1.4 is directly connected, FastEthernet0/0.2 172.16.2.4 [110/11] via 172.16.2.13, 04:18:48, Ethernet2/0.20 172.16.3.4 is directly connected, Ethernet1/1.2 192.168.20.0/32 is subnetted, 1 subnets 192.168.20.1 [110/12] via 172.16.2.13, 04:18:48, Ethernet2/0.20 192.168.2.0/24 is directly connected, Loopback2

4.5

MCE2 配置验证

MCE2#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set MCE2#show ip router vrf vpn1 ^ % Invalid input detected at '^' marker. MCE2#show ip route vrf vpn1 Routing Table: vpn1 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C C 192.168.10.0/24 is directly connected, Loopback1 172.16.0.0/30 is subnetted, 5 subnets 172.16.1.8 is directly connected, Ethernet2/0.10

O O C C O

172.16.2.8 [110/11] via 172.16.2.1, 04:20:23, FastEthernet0/0.1 172.16.1.0 [110/11] via 172.16.3.1, 04:20:23, Ethernet1/0.1 [110/11] via 172.16.1.9, 04:20:23, Ethernet2/0.10 172.16.2.0 is directly connected, FastEthernet0/0.1 172.16.3.0 is directly connected, Ethernet1/0.1 192.168.1.0/32 is subnetted, 1 subnets 192.168.1.1 [110/11] via 172.16.3.1, 04:20:24, Ethernet1/0.1

MCE2#show ip route vrf vpn2 Routing Table: vpn2 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/30 is subnetted, 5 subnets C O O C C C O MCE2# 172.16.1.12 is directly connected, Ethernet2/0.20 172.16.2.12 [110/11] via 172.16.2.5, 04:20:18, FastEthernet0/0.2 172.16.1.4 [110/12] via 172.16.2.5, 04:20:18, FastEthernet0/0.2 172.16.2.4 is directly connected, FastEthernet0/0.2 172.16.3.4 is directly connected, Ethernet1/0.2 192.168.20.0/24 is directly connected, Loopback2 192.168.2.0/32 is subnetted, 1 subnets 192.168.2.1 [110/12] via 172.16.2.5, 04:20:18, FastEthernet0/0.2

4.5

WWW 配置验证

www#show ip rou www#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set

C C www#

209.165.200.0/24 is directly connected, FastEthernet0/0 209.165.201.0/24 is directly connected, Loopback0


1
1.1

MPLS VPN HUB&SPOKE
MPLS VPN HUB&SPOKE WITH OSPF
网络拓扑图

1.2

应用需求

Hub&Spoke 组网方式也称为中心服务器拓扑组网。中心 Site 称为 Hub-Site,它知道同一 VPN 所有其它 Site 的路由;不处于中心的 site 称为 Spoke-Site,它们的流量通过 HUB-Site 到达目的地。Hub-Site 是 Spoke-Site 的中枢节点。

某银行的网络包括各分公司网络与公司总部的网络,要求各分公司之间不能直接交换数据,必须通过总部 进行通信,以进行统一控制。采用 Hub&Spoke 拓扑,CE6、CE7、CE8 为 Spoke 站点,CE5 为银行数 据中心 Hub 站点,CE6、CE7、CE8 间的通信由 CE5 控制。 PE2 分别与 PE3、PE4 建立 IBGP 邻居关系,但 PE3 与 PE4 不建立 IBGP 邻居关系,不交换 VPN 路由信息; 在 PE2 上创建两个 VPN-instance,引入 VPN-target 属性为 6:6,7:7,8:8 的 VPN 路由,对发布的 VPN 路由设置 VPN-target 属性 200:200; 在 PE3 上创建二个 VPN-VRF:VRF CE6-R6,VRF-CE7-R7;二个 VPN VRF 引入 VPN-target 属性 为 200:200 的 VPN 路由,VRF-CE6-R6 发布的 VPN 路由设置 VPN-target 属性 6:6,VRF-CE7-R7 发 布的 VPN 路由设置 VPN-target 属性 7:7; 在 PE4 上创建一个 VPN-VRF:CE8-R8,引入 VPN-target 属性为 200:200 的 VPN 路由,对发布 的 VPN 路由设置 VPN-target 属性 8:8。 经过以上配置,CE6-R6,CE7-R7,CE8-R8 之间的互访都必须通过 CE5-R5 中转。

1.3
1.3.1

设备配置
P1-R1 设备配置

P1-R1#show running Building configuration... Current configuration : 1253 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname P1-R1 ! ! ip subnet-zero ! ! no ip domain lookup ! ip cef mpls label protocol ldp tag-switching tdp router-id Loopback0 force ! ! !

! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface FastEthernet0/0 no ip address shutdown duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Ethernet1/0 ip address 12.12.12.1 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/1 ip address 13.13.13.1 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/2 ip address 14.14.14.1 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip

! interface Ethernet1/3 no ip address shutdown half-duplex ! router ospf 1 router-id 1.1.1.1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

1.3.2

PE2-R2 设备配置

PE2-R2#show running Building configuration...

Current configuration : 2490 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname PE2-R2 ! ! ip subnet-zero ! ! no ip domain lookup ! ip vrf HUB rd 100:1000 route-target import 6:6 route-target import 7:7 route-target import 8:8 ! ip vrf SPOKE rd 200:200 route-target export 200:200 ! ip cef mpls label protocol ldp tag-switching tdp router-id Loopback0 force ! ! ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! !

interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface FastEthernet0/0 no ip address duplex auto speed auto ! interface FastEthernet0/0.1 encapsulation dot1Q 1 native ip vrf forwarding HUB ip address 25.25.25.1 255.255.255.252 ! interface FastEthernet0/0.2 encapsulation dot1Q 2 ip vrf forwarding SPOKE ip address 25.25.25.5 255.255.255.252 ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Ethernet1/0 ip address 12.12.12.2 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/1 no ip address shutdown half-duplex ! interface Ethernet1/2 no ip address shutdown half-duplex ! interface Ethernet1/3 no ip address shutdown half-duplex !

router ospf 1 router-id 2.2.2.2 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! router ospf 100 vrf HUB log-adjacency-changes redistribute bgp 100 subnets tag 0 network 25.25.25.0 0.0.0.3 area 0.0.0.0 ! router ospf 200 vrf SPOKE log-adjacency-changes network 25.25.25.4 0.0.0.3 area 0.0.0.0 ! router bgp 100 no synchronization bgp router-id 2.2.2.2 bgp log-neighbor-changes neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 update-source Loopback0 neighbor 4.4.4.4 remote-as 100 neighbor 4.4.4.4 update-source Loopback0 no auto-summary ! address-family ipv4 vrf SPOKE redistribute connected redistribute ospf 200 match internal external 1 external 2 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf HUB redistribute connected no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-community extended neighbor 4.4.4.4 activate neighbor 4.4.4.4 send-community extended no auto-summary exit-address-family !

ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end PE2-R2#

1.3.3

PE3-R3 设备配置

PE3-R3#show running Building configuration... Current configuration : 2213 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname PE3-R3

! ! ip subnet-zero ! ! no ip domain lookup ! ip vrf CE6-R6 rd 6:6 route-target export 6:6 route-target import 200:200 ! ip vrf CE7-R7 rd 7:7 route-target export 7:7 route-target import 200:200 ! ip cef mpls label protocol ldp tag-switching tdp router-id Loopback0 force ! ! ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface FastEthernet0/0 no ip address shutdown duplex auto speed auto !

interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Ethernet1/0 ip address 13.13.13.3 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/1 ip vrf forwarding CE6-R6 ip address 36.36.36.3 255.255.255.0 half-duplex ! interface Ethernet1/2 ip vrf forwarding CE7-R7 ip address 37.37.37.3 255.255.255.0 half-duplex ! interface Ethernet1/3 no ip address shutdown half-duplex ! router ospf 1 router-id 3.3.3.3 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! router ospf 6 vrf CE6-R6 log-adjacency-changes redistribute bgp 100 subnets network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! router ospf 7 vrf CE7-R7 log-adjacency-changes redistribute bgp 100 subnets network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! router bgp 100 no synchronization bgp router-id 3.3.3.3

bgp log-neighbor-changes neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 no auto-summary ! address-family ipv4 vrf CE7-R7 redistribute connected redistribute ospf 7 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf CE6-R6 redistribute connected redistribute ospf 6 no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community extended no auto-summary exit-address-family ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0

exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

1.3.4

PE4-R4 设备配置

PE4-R4#show running Building configuration... Current configuration : 1789 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname PE4-R4 ! ! ip subnet-zero ! ! no ip domain lookup ! ip vrf CE8-R8 rd 8:8 route-target export 8:8 route-target import 200:200 ! ip cef mpls label protocol ldp ! ! ! ! ! ! ! !

! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 4.4.4.4 255.255.255.255 ! interface FastEthernet0/0 ip vrf forwarding CE8-R8 ip address 48.48.48.4 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Ethernet1/0 ip address 14.14.14.4 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/1 no ip address shutdown half-duplex ! interface Ethernet1/2 no ip address shutdown half-duplex ! interface Ethernet1/3 no ip address shutdown half-duplex ! router ospf 1

router-id 4.4.4.4 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! router ospf 8 vrf CE8-R8 log-adjacency-changes redistribute bgp 100 subnets network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! router bgp 100 no synchronization bgp router-id 4.4.4.4 bgp log-neighbor-changes neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 no auto-summary ! address-family ipv4 vrf CE8-R8 redistribute connected redistribute ospf 8 no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community extended no auto-summary exit-address-family ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom

! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

1.3.5

CE5-R5 设备配置

CE5-R5#show running Building configuration... Current configuration : 937 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CE5-R5 ! ! ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! !

! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 172.16.50.1 255.255.255.0 ! interface FastEthernet0/0 no ip address duplex auto speed auto ! interface FastEthernet0/0.1 encapsulation dot1Q 1 native ip address 25.25.25.2 255.255.255.252 ! interface FastEthernet0/0.2 encapsulation dot1Q 2 ip address 25.25.25.6 255.255.255.252 ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default !

! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

1.3.6

CE6-R6 设备配置

CE6-R6#show running Building configuration... Current configuration : 768 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CE6-R6 ! ! ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! !

! ! ! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 172.16.60.1 255.255.255.0 ! interface FastEthernet0/0 ip address 36.36.36.6 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! !

! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

1.3.7

CE7-R7 设备配置

CE7-R7#show running Building configuration... Current configuration : 768 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CE7-R7 ! ! ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! ! ! !

mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 172.16.70.1 255.255.255.0 ! interface FastEthernet0/0 ip address 37.37.37.7 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0

line vty 0 4 exec-timeout 0 0 login ! ! end

1.3.8

CE8-R8 设备配置

CE8-R8#show running Building configuration... Current configuration : 768 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CE8-R8 ! ! ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! !

interface Loopback0 ip address 172.16.80.1 255.255.255.0 ! interface FastEthernet0/0 ip address 48.48.48.8 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! !

end

1.4
1.4.1

配置验证
P1-R1 配置验证

P1-R1#show ip ospf neighbor Neighbor ID 4.4.4.4 3.3.3.3 2.2.2.2 Pri 1 1 1 State FULL/BDR FULL/BDR FULL/BDR Dead Time 00:00:33 00:00:35 00:00:31 Address 14.14.14.4 13.13.13.3 12.12.12.2 Interface Ethernet1/2 Ethernet1/1 Ethernet1/0

P1-R1#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets C O O O C C C P1-R1# 1.1.1.1 is directly connected, Loopback0 2.0.0.0/32 is subnetted, 1 subnets 2.2.2.2 [110/11] via 12.12.12.2, 04:15:16, Ethernet1/0 3.0.0.0/32 is subnetted, 1 subnets 3.3.3.3 [110/11] via 13.13.13.3, 04:15:16, Ethernet1/1 4.0.0.0/32 is subnetted, 1 subnets 4.4.4.4 [110/11] via 14.14.14.4, 04:15:16, Ethernet1/2 12.0.0.0/24 is subnetted, 1 subnets 12.12.12.0 is directly connected, Ethernet1/0 13.0.0.0/24 is subnetted, 1 subnets 13.13.13.0 is directly connected, Ethernet1/1 14.0.0.0/24 is subnetted, 1 subnets 14.14.14.0 is directly connected, Ethernet1/2

1.4.2

PE2-R2 配置验证

PE2-R2#show ip ospf neighbor

Neighbor ID 172.16.50.1 0.2 172.16.50.1 0.1 1.1.1.1

Pri 1 1 1

State FULL/BDR FULL/BDR FULL/DR

Dead Time 00:00:32 00:00:32 00:00:38

Address 25.25.25.6 25.25.25.2 12.12.12.1

Interface FastEthernet0/ FastEthernet0/ Ethernet1/0

PE2-R2#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets O C O O C O O 1.1.1.1 [110/11] via 12.12.12.1, 04:19:39, Ethernet1/0 2.0.0.0/32 is subnetted, 1 subnets 2.2.2.2 is directly connected, Loopback0 3.0.0.0/32 is subnetted, 1 subnets 3.3.3.3 [110/21] via 12.12.12.1, 04:19:39, Ethernet1/0 4.0.0.0/32 is subnetted, 1 subnets 4.4.4.4 [110/21] via 12.12.12.1, 04:19:39, Ethernet1/0 12.0.0.0/24 is subnetted, 1 subnets 12.12.12.0 is directly connected, Ethernet1/0 13.0.0.0/24 is subnetted, 1 subnets 13.13.13.0 [110/20] via 12.12.12.1, 04:19:39, Ethernet1/0 14.0.0.0/24 is subnetted, 1 subnets 14.14.14.0 [110/20] via 12.12.12.1, 04:19:40, Ethernet1/0

PE2-R2# show ip bgp summary BGP router identifier 2.2.2.2, local AS number 100 BGP table version is 1, main routing table version 1 Neighbor 3.3.3.3 4.4.4.4 PE2-R2# PE2-R2#show ip bgp neighbor BGP neighbor is 3.3.3.3, remote AS 100, internal link BGP version 4, remote router ID 3.3.3.3 BGP state = Established, up for 04:22:08 V 4 4 AS MsgRcvd MsgSent 100 100 283 272 284 273 TblVer 1 1 InQ OutQ Up/Down 0 0 0 04:25:18 0 04:22:53 State/PfxRcd 0 0

Last read 00:00:08, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received IPv4 MPLS Label capability: Address family VPNv4 Unicast: advertised and received IPv4 MPLS Label capability: Received 280 messages, 0 notifications, 0 in queue Sent 281 messages, 0 notifications, 0 in queue Default minimum time between advertisement runs is 5 seconds For address family: IPv4 Unicast BGP table version 1, neighbor version 1 Index 1, Offset 0, Mask 0x2 Route refresh request: received 0, sent 0 0 accepted prefixes consume 0 bytes Prefix advertised 0, suppressed 0, withdrawn 0 For address family: VPNv4 Unicast BGP table version 33, neighbor version 33 Index 1, Offset 0, Mask 0x2 Route refresh request: received 2, sent 0 4 accepted prefixes consume 256 bytes Prefix advertised 22, suppressed 0, withdrawn 0 Connections established 1; dropped 0 Last reset never Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 2.2.2.2, Local port: 11014 Foreign host: 3.3.3.3, Foreign port: 179 Enqueued packets for retransmit: 0, input: 0 Event Timers (current time is 0xF2C90C): Timer Retrans TimeWait AckHold SendWnd KeepAlive GiveUp PmtuAger DeadWait iss: 4031352652 Starts 297 0 277 0 0 0 0 0 Wakeups 19 0 233 0 0 0 0 0 Next 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 sndnxt: 4031359543 sndwnd: 16080 mis-ordered: 0 (0 bytes)

snduna: 4031359543

irs: 3473306622

rcvnxt: 3473313131

rcvwnd:

16004

delrcvwnd:

380

SRTT: 540 ms, RTTO: 1121 ms, RTV: 581 ms, KRTT: 0 ms minRTT: 256 ms, maxRTT: 1276 ms, ACK hold: 200 ms Flags: higher precedence, nagle Datagrams (max data segment is 536 bytes): Rcvd: 476 (out of order: 0), with data: 277, total data bytes: 6508 Sent: 541 (retransmit: 19, fastretransmit: 0), with data: 277, total data bytes: 6890 BGP neighbor is 4.4.4.4, remote AS 100, internal link

BGP version 4, remote router ID 4.4.4.4 BGP state = Established, up for 04:19:45 Last read 00:00:46, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received IPv4 MPLS Label capability: Address family VPNv4 Unicast: advertised and received IPv4 MPLS Label capability: Received 269 messages, 0 notifications, 0 in queue Sent 270 messages, 0 notifications, 0 in queue Default minimum time between advertisement runs is 5 seconds For address family: IPv4 Unicast BGP table version 1, neighbor version 1 Index 2, Offset 0, Mask 0x4 Route refresh request: received 0, sent 0 0 accepted prefixes consume 0 bytes Prefix advertised 0, suppressed 0, withdrawn 0 For address family: VPNv4 Unicast BGP table version 33, neighbor version 33 Index 2, Offset 0, Mask 0x4 Route refresh request: received 0, sent 0 2 accepted prefixes consume 128 bytes Prefix advertised 12, suppressed 0, withdrawn 0 Connections established 1; dropped 0 Last reset never Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 2.2.2.2, Local port: 11015 Foreign host: 4.4.4.4, Foreign port: 179

Enqueued packets for retransmit: 0, input: 0 Event Timers (current time is 0xF2D47C): Timer Retrans TimeWait AckHold SendWnd KeepAlive GiveUp PmtuAger DeadWait iss: 2518791696 irs: 84936295 Starts 294 0 268 0 0 0 0 0 Wakeups 26 0 218 0 0 0 0 0

mis-ordered: 0 (0 bytes)

Next 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 sndnxt: 2518797602 rcvwnd: 16175 sndwnd: delrcvwnd: 16061 209

snduna: 2518797602 rcvnxt: 84942014

SRTT: 604 ms, RTTO: 1101 ms, RTV: 497 ms, KRTT: 0 ms minRTT: 300 ms, maxRTT: 1280 ms, ACK hold: 200 ms Flags: higher precedence, nagle Datagrams (max data segment is 536 bytes): Rcvd: 454 (out of order: 0), with data: 268, total data bytes: 5718 Sent: 516 (retransmit: 26, fastretransmit: 0), with data: 267, total data bytes: 5905 PE2-R2#show ip bgp vpnv4 vrf HUB BGP table version is 33, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 25.25.25.0/30 *>i36.36.36.0/24 *>i37.37.37.0/24 *>i48.48.48.0/24 *>i172.16.60.1/32 *>i172.16.70.1/32 *>i172.16.80.1/32 Next Hop 0.0.0.0 3.3.3.3 3.3.3.3 4.4.4.4 3.3.3.3 3.3.3.3 4.4.4.4 Metric LocPrf Weight Path 0 0 0 0 11 11 2 100 100 100 100 100 100 32768 ? 0 ? 0 ? 0 ? 0 ? 0 ? 0 ?

Route Distinguisher: 100:1000 (default for vrf HUB)

PE2-R2#show ip bgp vpnv4 vrf SPOKE BGP table version is 33, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure Origin codes: i - IGP, e - EGP, ? - incomplete

Network *> 25.25.25.0/30 *> 25.25.25.4/30 *> 36.36.36.0/24 *> 37.37.37.0/24 *> 48.48.48.0/24 *> 172.16.50.1/32 *> 172.16.60.1/32 *> 172.16.70.1/32 *> 172.16.80.1/32

Next Hop 25.25.25.6 0.0.0.0 25.25.25.6 25.25.25.6 25.25.25.6 25.25.25.6 25.25.25.6 25.25.25.6 25.25.25.6

Metric LocPrf Weight Path 2 0 1 1 1 2 11 11 2 32768 ? 32768 ? 32768 ? 32768 ? 32768 ? 32768 ? 32768 ? 32768 ? 32768 ?

Route Distinguisher: 200:200 (default for vrf SPOKE)

PE2-R2#show ip route vrf HUB Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets B B B O B B B C O 48.48.48.0 [200/0] via 4.4.4.4, 04:20:22 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [200/0] via 3.3.3.3, 04:22:08 172.16.0.0/32 is subnetted, 4 subnets 172.16.60.1 [200/11] via 3.3.3.3, 04:15:22 172.16.50.1 [110/2] via 25.25.25.2, 04:17:48, FastEthernet0/0.1 172.16.80.1 [200/2] via 4.4.4.4, 04:08:20 172.16.70.1 [200/11] via 3.3.3.3, 04:11:50 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [200/0] via 3.3.3.3, 04:22:08 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 is directly connected, FastEthernet0/0.1 25.25.25.4 [110/2] via 25.25.25.2, 04:17:49, FastEthernet0/0.1

PE2-R2#show ip route vrf SPOKE Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route

Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets O E2 O E2 O E2 O O E2 O E2 O E2 O C PE2-R2# 48.48.48.0 [110/1] via 25.25.25.6, 03:32:28, FastEthernet0/0.2 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [110/1] via 25.25.25.6, 03:32:28, FastEthernet0/0.2 172.16.0.0/32 is subnetted, 4 subnets 172.16.60.1 [110/11] via 25.25.25.6, 03:32:28, FastEthernet0/0.2 172.16.50.1 [110/2] via 25.25.25.6, 04:17:57, FastEthernet0/0.2 172.16.80.1 [110/2] via 25.25.25.6, 03:32:28, FastEthernet0/0.2 172.16.70.1 [110/11] via 25.25.25.6, 03:32:28, FastEthernet0/0.2 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [110/1] via 25.25.25.6, 03:32:28, FastEthernet0/0.2 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [110/2] via 25.25.25.6, 04:17:58, FastEthernet0/0.2 25.25.25.4 is directly connected, FastEthernet0/0.2

1.4.3

PE3-R3 配置验证

PE3-R3#show ip ospf neighbor Neighbor ID 172.16.70.1 172.16.60.1 1.1.1.1 Pri 1 1 1 State FULL/BDR FULL/BDR FULL/DR Dead Time 00:00:38 00:00:39 00:00:34 Address 37.37.37.7 36.36.36.6 13.13.13.1 Interface Ethernet1/2 Ethernet1/1 Ethernet1/0

PE3-R3#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets O O C 1.1.1.1 [110/11] via 13.13.13.1, 03:30:46, Ethernet1/0 2.0.0.0/32 is subnetted, 1 subnets 2.2.2.2 [110/21] via 13.13.13.1, 03:30:46, Ethernet1/0 3.0.0.0/32 is subnetted, 1 subnets 3.3.3.3 is directly connected, Loopback0 4.0.0.0/32 is subnetted, 1 subnets

O O C O PE3-R3#

4.4.4.4 [110/21] via 13.13.13.1, 03:30:46, Ethernet1/0 12.0.0.0/24 is subnetted, 1 subnets 12.12.12.0 [110/20] via 13.13.13.1, 03:30:46, Ethernet1/0 13.0.0.0/24 is subnetted, 1 subnets 13.13.13.0 is directly connected, Ethernet1/0 14.0.0.0/24 is subnetted, 1 subnets 14.14.14.0 [110/20] via 13.13.13.1, 03:30:47, Ethernet1/0

PE3-R3#show ip bgp summary BGP router identifier 3.3.3.3, local AS number 100 BGP table version is 1, main routing table version 1 Neighbor 2.2.2.2 V 4 AS MsgRcvd MsgSent 100 286 285 TblVer 1 InQ OutQ Up/Down 0 0 04:27:05 State/PfxRcd 0

PE3-R3#show ip bgp neighbor BGP neighbor is 2.2.2.2, remote AS 100, internal link BGP version 4, remote router ID 2.2.2.2 BGP state = Established, up for 04:27:14 Last read 00:00:14, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received IPv4 MPLS Label capability: Address family VPNv4 Unicast: advertised and received IPv4 MPLS Label capability: Received 286 messages, 0 notifications, 0 in queue Sent 285 messages, 0 notifications, 0 in queue Default minimum time between advertisement runs is 5 seconds For address family: IPv4 Unicast BGP table version 1, neighbor version 1 Index 1, Offset 0, Mask 0x2 Route refresh request: received 0, sent 0 0 accepted prefixes consume 0 bytes Prefix advertised 0, suppressed 0, withdrawn 0 For address family: VPNv4 Unicast BGP table version 39, neighbor version 39 Index 1, Offset 0, Mask 0x2 Route refresh request: received 0, sent 2 9 accepted prefixes consume 576 bytes Prefix advertised 12, suppressed 0, withdrawn 0 Connections established 1; dropped 0

Last reset never Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 3.3.3.3, Local port: 179 Foreign host: 2.2.2.2, Foreign port: 11014 Enqueued packets for retransmit: 0, input: 0 Event Timers (current time is 0xF5E6EC): Timer Retrans TimeWait AckHold SendWnd KeepAlive GiveUp PmtuAger DeadWait iss: 3473306622 irs: 4031352652 Starts 301 0 282 0 0 0 0 0 Wakeups 18 0 152 0 0 0 0 0 Next 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 sndnxt: 3473313226 rcvwnd: 15985 sndwnd: delrcvwnd: 15909 399 mis-ordered: 0 (0 bytes)

snduna: 3473313226 rcvnxt: 4031359638

SRTT: 674 ms, RTTO: 1147 ms, RTV: 473 ms, KRTT: 0 ms minRTT: 276 ms, maxRTT: 2036 ms, ACK hold: 200 ms Flags: passive open, nagle, gen tcbs Datagrams (max data segment is 536 bytes): Rcvd: 567 (out of order: 0), with data: 282, total data bytes: 6985 Sent: 463 (retransmit: 18, fastretransmit: 0), with data: 282, total data bytes: 6603 PE3-R3#show ip bgp vpnv4 vrf CE6-R6 BGP table version is 39, local router ID is 3.3.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure Origin codes: i - IGP, e - EGP, ? - incomplete Network *>i25.25.25.0/30 *>i25.25.25.4/30 * i36.36.36.0/24 *> *>i37.37.37.0/24 *>i48.48.48.0/24 *>i172.16.50.1/32 * i172.16.60.1/32 Next Hop 2.2.2.2 2.2.2.2 2.2.2.2 0.0.0.0 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 Metric LocPrf Weight Path 2 0 1 0 1 1 2 11 100 100 100 100 100 100 100 0 ? 0 ? 0 ? 32768 ? 0 ? 0 ? 0 ? 0 ?

Route Distinguisher: 6:6 (default for vrf CE6-R6)

*> *>i172.16.70.1/32 *>i172.16.80.1/32

36.36.36.6 2.2.2.2 2.2.2.2

11 11 2 100 100

32768 ? 0 ? 0 ?

PE3-R3#show ip bgp vpnv4 vrf CE7-R7 BGP table version is 39, local router ID is 3.3.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure Origin codes: i - IGP, e - EGP, ? - incomplete Network *>i25.25.25.0/30 *>i25.25.25.4/30 *>i36.36.36.0/24 * i37.37.37.0/24 *> *>i48.48.48.0/24 *>i172.16.50.1/32 *>i172.16.60.1/32 * i172.16.70.1/32 *> *>i172.16.80.1/32 PE3-R3# PE3-R3#show ip route vrf CE6-R6 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets B C O B B B 48.48.48.0 [200/1] via 2.2.2.2, 00:25:32 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 is directly connected, Ethernet1/1 172.16.0.0/32 is subnetted, 4 subnets 172.16.60.1 [110/11] via 36.36.36.6, 03:32:27, Ethernet1/1 172.16.50.1 [200/2] via 2.2.2.2, 04:23:06 172.16.80.1 [200/2] via 2.2.2.2, 00:25:32 172.16.70.1 [200/11] via 2.2.2.2, 00:25:32 37.0.0.0/24 is subnetted, 1 subnets Next Hop 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 0.0.0.0 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 37.37.37.7 2.2.2.2 Metric LocPrf Weight Path 2 0 1 1 0 1 2 11 11 11 2 100 100 100 100 100 100 100 100 100 0 ? 0 ? 0 ? 0 ? 32768 ? 0 ? 0 ? 0 ? 0 ? 32768 ? 0 ?

Route Distinguisher: 7:7 (default for vrf CE7-R7)

B B B

37.37.37.0 [200/1] via 2.2.2.2, 00:25:32 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [200/2] via 2.2.2.2, 04:23:06 25.25.25.4 [200/0] via 2.2.2.2, 04:27:37

PE3-R3#show ip route vrf CE7-R7 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets B B B B B O C B B PE3-R3# 48.48.48.0 [200/1] via 2.2.2.2, 00:25:40 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [200/1] via 2.2.2.2, 00:25:40 172.16.0.0/32 is subnetted, 4 subnets 172.16.60.1 [200/11] via 2.2.2.2, 00:25:40 172.16.50.1 [200/2] via 2.2.2.2, 04:23:14 172.16.80.1 [200/2] via 2.2.2.2, 00:25:40 172.16.70.1 [110/11] via 37.37.37.7, 03:32:35, Ethernet1/2 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 is directly connected, Ethernet1/2 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [200/2] via 2.2.2.2, 04:23:14 25.25.25.4 [200/0] via 2.2.2.2, 04:27:46

1.4.4

PE4-R4 配置验证

PE4-R4#show ip ospf neighbor Neighbor ID 172.16.80.1 0 1.1.1.1 1 FULL/DR 00:00:35 14.14.14.1 Ethernet1/0 PE4-R4#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 Pri 1 State FULL/BDR Dead Time 00:00:30 Address 48.48.48.8 Interface FastEthernet0/

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets O O O C O O C 1.1.1.1 [110/11] via 14.14.14.1, 04:50:29, Ethernet1/0 2.0.0.0/32 is subnetted, 1 subnets 2.2.2.2 [110/21] via 14.14.14.1, 04:50:29, Ethernet1/0 3.0.0.0/32 is subnetted, 1 subnets 3.3.3.3 [110/21] via 14.14.14.1, 04:50:29, Ethernet1/0 4.0.0.0/32 is subnetted, 1 subnets 4.4.4.4 is directly connected, Loopback0 12.0.0.0/24 is subnetted, 1 subnets 12.12.12.0 [110/20] via 14.14.14.1, 04:50:29, Ethernet1/0 13.0.0.0/24 is subnetted, 1 subnets 13.13.13.0 [110/20] via 14.14.14.1, 04:50:29, Ethernet1/0 14.0.0.0/24 is subnetted, 1 subnets 14.14.14.0 is directly connected, Ethernet1/0 PE4-R4#show ip bgp summary BGP router identifier 4.4.4.4, local AS number 100 BGP table version is 1, main routing table version 1 Neighbor 2.2.2.2 V 4 AS MsgRcvd MsgSent 100 301 300 TblVer 1 InQ OutQ Up/Down 0 0 04:50:34 State/PfxRcd 0

PE4-R4#show ip bgp neighbor BGP neighbor is 2.2.2.2, remote AS 100, internal link BGP version 4, remote router ID 2.2.2.2 BGP state = Established, up for 04:50:42 Last read 00:00:41, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received IPv4 MPLS Label capability: Address family VPNv4 Unicast: advertised and received IPv4 MPLS Label capability: Received 301 messages, 0 notifications, 0 in queue Sent 300 messages, 0 notifications, 0 in queue Default minimum time between advertisement runs is 5 seconds For address family: IPv4 Unicast BGP table version 1, neighbor version 1 Index 1, Offset 0, Mask 0x2 Route refresh request: received 0, sent 0

0 accepted prefixes consume 0 bytes Prefix advertised 0, suppressed 0, withdrawn 0 For address family: VPNv4 Unicast BGP table version 23, neighbor version 23 Index 1, Offset 0, Mask 0x2 Route refresh request: received 0, sent 0 9 accepted prefixes consume 576 bytes Prefix advertised 6, suppressed 0, withdrawn 0 Connections established 1; dropped 0 Last reset never Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 4.4.4.4, Local port: 179 Foreign host: 2.2.2.2, Foreign port: 11015 Enqueued packets for retransmit: 0, input: 0 Event Timers (current time is 0x10B7800): Timer Retrans TimeWait AckHold SendWnd KeepAlive GiveUp PmtuAger DeadWait iss: 84936295 Starts 319 0 298 0 0 0 0 0 snduna: Wakeups 19 0 160 0 0 0 0 0 84942603 sndnxt: rcvwnd: Next 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 84942603 16023 sndwnd: delrcvwnd: 16137 361 mis-ordered: 0 (0 bytes)

irs: 2518791696

rcvnxt: 2518798191

SRTT: 557 ms, RTTO: 826 ms, RTV: 269 ms, KRTT: 0 ms minRTT: 256 ms, maxRTT: 1968 ms, ACK hold: 200 ms Flags: passive open, nagle, gen tcbs Datagrams (max data segment is 536 bytes): Rcvd: 582 (out of order: 0), with data: 298, total data bytes: 6494 Sent: 498 (retransmit: 19, fastretransmit: 0), with data: 299, total data bytes: 6307 PE4-R4# PE4-R4#show ip bgp vpnv4 vrf CE8-R8 BGP table version is 23, local router ID is 4.4.4.4 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure Origin codes: i - IGP, e - EGP, ? - incomplete Network *>i25.25.25.0/30 *>i25.25.25.4/30 *>i36.36.36.0/24 *>i37.37.37.0/24 * i48.48.48.0/24 *> *>i172.16.50.1/32 *>i172.16.60.1/32 *>i172.16.70.1/32 * i172.16.80.1/32 *> Next Hop 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 0.0.0.0 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 48.48.48.8 Metric LocPrf Weight Path 2 0 1 1 1 0 2 11 11 2 2 100 100 100 100 100 100 100 100 100 0 ? 0 ? 0 ? 0 ? 0 ? 32768 ? 0 ? 0 ? 0 ? 0 ? 32768 ?

Route Distinguisher: 8:8 (default for vrf CE8-R8)

PE4-R4#show ip route vrf CE8-R8 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets C B B B O B B B B PE4-R4# 48.48.48.0 is directly connected, FastEthernet0/0 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [200/1] via 2.2.2.2, 00:51:41 172.16.0.0/32 is subnetted, 4 subnets 172.16.60.1 [200/11] via 2.2.2.2, 00:51:41 172.16.50.1 [200/2] via 2.2.2.2, 04:49:13 172.16.80.1 [110/2] via 48.48.48.8, 04:40:06, FastEthernet0/0 172.16.70.1 [200/11] via 2.2.2.2, 00:51:41 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [200/1] via 2.2.2.2, 00:51:41 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [200/2] via 2.2.2.2, 04:49:13 25.25.25.4 [200/0] via 2.2.2.2, 04:51:44

1.4.5

CE5-R5 配置验证

CE5-R5#show ip ospf neighbor Neighbor ID 25.25.25.5 0.2 25.25.25.1 0.1 CE5-R5#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets O E2 O E2 O E2 C O E2 O E2 O E2 C C CE5-R5# CE5-R5#traceroute Protocol [ip]: Target IP address: 172.16.60.1 Source address: 172.16.50.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: 48.48.48.0 [110/1] via 25.25.25.1, 04:05:16, FastEthernet0/0.1 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [110/1] via 25.25.25.1, 04:05:16, FastEthernet0/0.1 172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks 172.16.60.1/32 [110/11] via 25.25.25.1, 04:05:16, FastEthernet0/0.1 172.16.50.0/24 is directly connected, Loopback0 172.16.80.1/32 [110/2] via 25.25.25.1, 04:05:16, FastEthernet0/0.1 172.16.70.1/32 [110/11] via 25.25.25.1, 04:05:16, FastEthernet0/0.1 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [110/1] via 25.25.25.1, 04:05:16, FastEthernet0/0.1 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 is directly connected, FastEthernet0/0.1 25.25.25.4 is directly connected, FastEthernet0/0.2 1 FULL/DR 00:00:30 25.25.25.1 FastEthernet0/ Pri 1 State FULL/DR Dead Time 00:00:30 Address 25.25.25.5 Interface FastEthernet0/

Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.60.1 1 25.25.25.1 288 msec 288 msec 312 msec 2 12.12.12.1 [MPLS: Labels 17/23 Exp 0] 1800 msec 1964 msec 1896 msec 3 36.36.36.3 [MPLS: Label 23 Exp 0] 792 msec 548 msec 600 msec 4 36.36.36.6 744 msec 1032 msec 1104 msec CE5-R5#traceroute Protocol [ip]: Target IP address: 172.16.70.1 Source address: 172.16.50.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.70.1 1 25.25.25.1 332 msec 288 msec 360 msec 2 12.12.12.1 [MPLS: Labels 17/24 Exp 0] 1976 msec 2060 msec 1848 msec 3 37.37.37.3 [MPLS: Label 24 Exp 0] 600 msec 476 msec 592 msec 4 37.37.37.7 728 msec 960 msec 1128 msec CE5-R5#traceroute Protocol [ip]: Target IP address: 172.16.80.1 Source address: 172.16.50.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.80.1 1 25.25.25.1 168 msec 264 msec 240 msec 2 12.12.12.1 [MPLS: Labels 18/22 Exp 0] 1752 msec 1748 msec 2016 msec 3 48.48.48.4 [MPLS: Label 22 Exp 0] 696 msec 644 msec 696 msec

4 48.48.48.8 960 msec 744 msec 816 msec CE5-R5#

1.4.6

CE6-R6 配置验证

CE6-R6#show ip ospf neighbor Neighbor ID 36.36.36.3 0 CE6-R6#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets O E2 C C O E2 O E2 O E2 O E2 O E2 O E2 CE6-R6# CE6-R6#traceroute Protocol [ip]: Target IP address: 172.16.50.1 Source address: 172.16.60.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: 48.48.48.0 [110/1] via 36.36.36.3, 00:59:54, FastEthernet0/0 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 is directly connected, FastEthernet0/0 172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks 172.16.60.0/24 is directly connected, Loopback0 172.16.50.1/32 [110/2] via 36.36.36.3, 04:55:14, FastEthernet0/0 172.16.80.1/32 [110/2] via 36.36.36.3, 00:59:54, FastEthernet0/0 172.16.70.1/32 [110/11] via 36.36.36.3, 00:59:54, FastEthernet0/0 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [110/1] via 36.36.36.3, 00:59:54, FastEthernet0/0 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [110/2] via 36.36.36.3, 04:55:15, FastEthernet0/0 25.25.25.4 [110/1] via 36.36.36.3, 04:55:15, FastEthernet0/0 Pri 1 State FULL/DR Dead Time 00:00:30 Address 36.36.36.3 Interface FastEthernet0/

Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.50.1 1 36.36.36.3 216 msec 120 msec 264 msec 2 13.13.13.1 [MPLS: Labels 16/24 Exp 0] 1520 msec 1988 msec 1944 msec 3 25.25.25.5 [MPLS: Label 24 Exp 0] 576 msec 956 msec 816 msec 4 25.25.25.6 696 msec 840 msec 816 msec CE6-R6#traceroute Protocol [ip]: Target IP address: 172.16.70.1 Source address: 172.16.60.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.70.1 1 36.36.36.3 216 msec 264 msec 168 msec 2 13.13.13.1 [MPLS: Labels 16/29 Exp 0] 1824 msec 1832 msec 2124 msec 3 25.25.25.5 [MPLS: Label 29 Exp 0] 816 msec 860 msec 1452 msec 4 25.25.25.6 948 msec 792 msec 912 msec 5 25.25.25.1 936 msec 1080 msec 1032 msec 6 12.12.12.1 [MPLS: Labels 17/24 Exp 0] 2952 msec 3116 msec 2832 msec 7 37.37.37.3 [MPLS: Label 24 Exp 0] 1248 msec 1532 msec 1704 msec 8 37.37.37.7 2184 msec 1992 msec 1800 msec CE6-R6#traceroute Protocol [ip]: Target IP address: 172.16.80.1 Source address: 172.16.60.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort.

Tracing the route to 172.16.80.1 1 36.36.36.3 336 msec 312 msec 192 msec 2 13.13.13.1 [MPLS: Labels 16/28 Exp 0] 1968 msec 1156 msec 2136 msec 3 25.25.25.5 [MPLS: Label 28 Exp 0] 840 msec 744 msec 744 msec 4 25.25.25.6 936 msec 816 msec 900 msec 5 25.25.25.1 840 msec 984 msec 816 msec 6 12.12.12.1 [MPLS: Labels 18/22 Exp 0] 3024 msec 2924 msec 2616 msec 7 48.48.48.4 [MPLS: Label 22 Exp 0] 3408 msec 1460 msec 1800 msec 8 48.48.48.8 1968 msec 1800 msec 2452 msec CE6-R6#

1.4.7

CE7-R7 配置验证

CE7-R7#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets O E2 O E2 O E2 O E2 O E2 C C O E2 O E2 48.48.48.0 [110/1] via 37.37.37.3, 01:09:25, FastEthernet0/0 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [110/1] via 37.37.37.3, 01:09:25, FastEthernet0/0 172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks 172.16.60.1/32 [110/11] via 37.37.37.3, 01:09:25, FastEthernet0/0 172.16.50.1/32 [110/2] via 37.37.37.3, 05:01:16, FastEthernet0/0 172.16.80.1/32 [110/2] via 37.37.37.3, 01:09:25, FastEthernet0/0 172.16.70.0/24 is directly connected, Loopback0 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 is directly connected, FastEthernet0/0 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [110/2] via 37.37.37.3, 05:01:16, FastEthernet0/0 25.25.25.4 [110/1] via 37.37.37.3, 05:01:17, FastEthernet0/0

CE7-R7#show ip ospf neighbor Neighbor ID 37.37.37.3 0 Pri 1 State FULL/DR Dead Time 00:00:33 Address 37.37.37.3 Interface FastEthernet0/

CE7-R7# CE7-R7#traceroute Protocol [ip]: Target IP address: 172.16.50.1 Source address: 172.16.70.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.50.1 1 37.37.37.3 240 msec 336 msec 288 msec 2 13.13.13.1 [MPLS: Labels 16/24 Exp 0] 1992 msec 1940 msec 1800 msec 3 25.25.25.5 [MPLS: Label 24 Exp 0] 816 msec 860 msec 888 msec 4 25.25.25.6 912 msec 2508 msec 2336 msec CE7-R7#traceroute Protocol [ip]: Target IP address: 172.16.60.1 Source address: 172.16.70.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.60.1 1 37.37.37.3 144 msec 312 msec 240 msec 2 13.13.13.1 [MPLS: Labels 16/27 Exp 0] 2112 msec 1892 msec 1848 msec 3 25.25.25.5 [MPLS: Label 27 Exp 0] 864 msec 984 msec 912 msec 4 25.25.25.6 1200 msec 720 msec 744 msec 5 25.25.25.1 1000 msec 872 msec 816 msec 6 12.12.12.1 [MPLS: Labels 17/23 Exp 0] 2736 msec 2636 msec 3072 msec 7 36.36.36.3 [MPLS: Label 23 Exp 0] 1584 msec 1616 msec 1776 msec 8 36.36.36.6 1872 msec 2328 msec 1536 msec CE7-R7#traceroute Protocol [ip]: Target IP address: 172.16.80.1

Source address: 172.16.70.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.80.1 1 37.37.37.3 288 msec 456 msec 144 msec 2 13.13.13.1 [MPLS: Labels 16/28 Exp 0] 2040 msec 1868 msec 2188 msec 3 25.25.25.5 [MPLS: Label 28 Exp 0] 1212 msec 844 msec 816 msec 4 25.25.25.6 792 msec 960 msec 936 msec 5 25.25.25.1 2536 msec 1976 msec 1104 msec 6 12.12.12.1 [MPLS: Labels 18/22 Exp 0] 2928 msec 2876 msec 3168 msec 7 48.48.48.4 [MPLS: Label 22 Exp 0] 1488 msec 1488 msec 1844 msec 8 48.48.48.8 1800 msec 2460 msec 1776 msec CE7-R7#

1.4.8

CE8-R8 配置验证

CE8-R8#show ip ospf neighbor Neighbor ID 48.48.48.4 0 CE8-R8#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets C O E2 48.48.48.0 is directly connected, FastEthernet0/0 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [110/1] via 48.48.48.4, 01:15:58, FastEthernet0/0 172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks Pri 1 State FULL/DR Dead Time 00:00:39 Address 48.48.48.4 Interface FastEthernet0/

O E2 O E2 C O E2 O E2 O E2 O E2 CE8-R8#

172.16.60.1/32 [110/11] via 48.48.48.4, 01:15:58, FastEthernet0/0 172.16.50.1/32 [110/2] via 48.48.48.4, 05:04:33, FastEthernet0/0 172.16.80.0/24 is directly connected, Loopback0 172.16.70.1/32 [110/11] via 48.48.48.4, 01:15:58, FastEthernet0/0 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [110/1] via 48.48.48.4, 01:15:58, FastEthernet0/0 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [110/2] via 48.48.48.4, 05:04:34, FastEthernet0/0 25.25.25.4 [110/1] via 48.48.48.4, 05:04:53, FastEthernet0/0

CE8-R8#traceroute Protocol [ip]: Target IP address: 172.16.50.1 Source address: 172.16.80.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.50.1 1 48.48.48.4 288 msec 264 msec 252 msec 2 14.14.14.1 [MPLS: Labels 16/24 Exp 0] 1936 msec 2008 msec 2092 msec 3 25.25.25.5 [MPLS: Label 24 Exp 0] 768 msec 908 msec 1032 msec 4 25.25.25.6 768 msec 1056 msec 960 msec CE8-R8#traceroute Protocol [ip]: Target IP address: 172.16.60.1 Source address: 172.16.80.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.60.1 1 48.48.48.4 360 msec 216 msec 240 msec 2 14.14.14.1 [MPLS: Labels 16/27 Exp 0] 2040 msec 2204 msec 2088 msec 3 25.25.25.5 [MPLS: Label 27 Exp 0] 1128 msec 764 msec 1248 msec

4 25.25.25.6 912 msec 1128 msec 1056 msec 5 25.25.25.1 744 msec 984 msec 864 msec 6 12.12.12.1 [MPLS: Labels 17/23 Exp 0] 3096 msec 2924 msec 3140 msec 7 36.36.36.3 [MPLS: Label 23 Exp 0] 1488 msec 1316 msec 1872 msec 8 36.36.36.6 2136 msec 1824 msec 1896 msec CE8-R8#traceroute Protocol [ip]: Target IP address: 172.16.70.1 Source address: 172.16.80.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.70.1 1 48.48.48.4 264 msec 360 msec 144 msec 2 14.14.14.1 [MPLS: Labels 16/29 Exp 0] 1480 msec 2120 msec 2016 msec 3 25.25.25.5 [MPLS: Label 29 Exp 0] 1144 msec 868 msec 744 msec 4 25.25.25.6 936 msec 792 msec 576 msec 5 25.25.25.1 720 msec 888 msec 1200 msec 6 12.12.12.1 [MPLS: Labels 17/24 Exp 0] 3048 msec 2984 msec 2880 msec 7 37.37.37.3 [MPLS: Label 24 Exp 0] 1392 msec 1988 msec 1492 msec 8 37.37.37.7 1508 msec 1728 msec 1608 msec CE8-R8#

1.5

实现原理及注意事项

1)实现原理:PE2-R2 接收所有从 PE3-R3、PE4-R4 来的私网路由(CE6-R6,CE7-R7,CE8-R8) ,PE2-R2 的 F0/0.1 绑定到 HUB,那么 CE5-R5 接收到了所有 PE3-R3、PE4-R4 的私网路由,并合成 一个路由表;又因为 PE2-R2 的 F0/0.2 绑定到 SPOKE,所以 CE5-R5 把所有的路由发给 PE2-R2,并携带 RT200:200 发送给 PE 邻居。 2)注意事项:PE2-R2 的两个私网接口和 CE5-R5 运行的路由协议是 OSPF,在这种配置下一定要考虑到的 一个细节就是 TAG,PE2-R2 私网路由通过 ospf 协议从 F0/0.1 发送给 CE5-R5 时,bgp 会把 自己的 as-path 自动加入到 ospf 的 tag 部分, CE5-R5 再把这些携带 TAG 的路由发送给 PE2-R2 时,PE2-R2 会读取私网 OSPF 来的 TAG 标记,如果里面包含自己的 as-path 时,PE2-R2 会 忽略掉这些路由。解决的办法就是让 bgp 引入到私网 ospf 时手工修改携带的 tag 信息。 router ospf 100 vrf HUB log-adjacency-changes redistribute bgp 100 subnets tag 0 network 25.25.25.0 0.0.0.3 area 0.0.0.0

2
2.1

MPLS VPN HUB&SPOKE WITH BGP
网络拓扑图

2.2

应用需求

Hub&Spoke 组网方式也称为中心服务器拓扑组网。中心 Site 称为 Hub-Site,它知道同一 VPN 所有其它 Site 的路由;不处于中心的 site 称为 Spoke-Site,它们的流量通过 HUB-Site 到达目的地。Hub-Site 是 Spoke-Site 的中枢节点。 某银行的网络包括各分公司网络与公司总部的网络,要求各分公司之间不能直接交换数据,必须通过总部 进行通信,以进行统一控制。采用 Hub&Spoke 拓扑,CE6、CE7、CE8 为 Spoke 站点,CE5 为银行数 据中心 Hub 站点,CE6、CE7、CE8 间的通信由 CE5 控制。 PE2 分别与 PE3、PE4 建立 IBGP 邻居关系,但 PE3 与 PE4 不建立 IBGP 邻居关系,不交换 VPN 路由信息;

在 PE2 上创建两个 VPN-instance,引入 VPN-target 属性为 6:6,7:7,8:8 的 VPN 路由,对发布的 VPN 路由设置 VPN-target 属性 200:200; 在 PE3 上创建二个 VPN-VRF:VRF CE6-R6,VRF-CE7-R7;二个 VPN VRF 引入 VPN-target 属性 为 200:200 的 VPN 路由,VRF-CE6-R6 发布的 VPN 路由设置 VPN-target 属性 6:6,VRF-CE7-R7 发 布的 VPN 路由设置 VPN-target 属性 7:7; 在 PE4 上创建一个 VPN-VRF:CE8-R8,引入 VPN-target 属性为 200:200 的 VPN 路由,对发布 的 VPN 路由设置 VPN-target 属性 8:8。 经过以上配置,CE6-R6,CE7-R7,CE8-R8 之间的互访都必须通过 CE5-R5 中转。

2.3
2.3.1

设备配置
P1-R1 设备配置

P1-R1#show running Building configuration... Current configuration : 1253 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname P1-R1 ! ! ip subnet-zero ! ! no ip domain lookup ! ip cef mpls label protocol ldp tag-switching tdp router-id Loopback0 force ! ! ! ! ! ! ! ! !

! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface FastEthernet0/0 no ip address shutdown duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Ethernet1/0 ip address 12.12.12.1 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/1 ip address 13.13.13.1 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/2 ip address 14.14.14.1 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/3 no ip address shutdown half-duplex !

router ospf 1 router-id 1.1.1.1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

2.3.2

PE2-R2 设备配置

PE2-R2#show running Building configuration... Current configuration : 2444 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec

no service password-encryption ! hostname PE2-R2 ! ! ip subnet-zero ! ! no ip domain lookup ! ip vrf HUB rd 100:1000 route-target import 6:6 route-target import 7:7 route-target import 8:8 ! ip vrf SPOKE rd 200:200 route-target export 200:200 ! ip cef mpls label protocol ldp tag-switching tdp router-id Loopback0 force ! ! ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface FastEthernet0/0 no ip address duplex auto

speed auto ! interface FastEthernet0/0.1 encapsulation dot1Q 1 native ip vrf forwarding HUB ip address 25.25.25.1 255.255.255.252 ! interface FastEthernet0/0.2 encapsulation dot1Q 2 ip vrf forwarding SPOKE ip address 25.25.25.5 255.255.255.252 ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Ethernet1/0 ip address 12.12.12.2 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/1 no ip address shutdown half-duplex ! interface Ethernet1/2 no ip address shutdown half-duplex ! interface Ethernet1/3 no ip address shutdown half-duplex ! router ospf 1 router-id 2.2.2.2 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! router bgp 100

no synchronization bgp router-id 2.2.2.2 bgp log-neighbor-changes neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 update-source Loopback0 neighbor 4.4.4.4 remote-as 100 neighbor 4.4.4.4 update-source Loopback0 no auto-summary ! address-family ipv4 vrf SPOKE redistribute connected neighbor 25.25.25.6 remote-as 65005 neighbor 25.25.25.6 activate neighbor 25.25.25.6 as-override neighbor 25.25.25.6 allowas-in no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf HUB redistribute connected neighbor 25.25.25.2 remote-as 65005 neighbor 25.25.25.2 activate neighbor 25.25.25.2 as-override no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-community extended neighbor 4.4.4.4 activate neighbor 4.4.4.4 send-community extended no auto-summary exit-address-family ! ip classless ip http server ! ! ! ! ! call rsvp-sync !

! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

2.3.3

PE3-R3 设备配置

PE3-R3#show running Building configuration... Current configuration : 2053 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname PE3-R3 ! ! ip subnet-zero ! ! no ip domain lookup ! ip vrf CE6-R6 rd 6:6 route-target export 6:6 route-target import 200:200

! ip vrf CE7-R7 rd 7:7 route-target export 7:7 route-target import 200:200 ! ip cef mpls label protocol ldp tag-switching tdp router-id Loopback0 force ! ! ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface FastEthernet0/0 no ip address shutdown duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Ethernet1/0 ip address 13.13.13.3 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip

! interface Ethernet1/1 ip vrf forwarding CE6-R6 ip address 36.36.36.3 255.255.255.0 half-duplex ! interface Ethernet1/2 ip vrf forwarding CE7-R7 ip address 37.37.37.3 255.255.255.0 half-duplex ! interface Ethernet1/3 no ip address shutdown half-duplex ! router ospf 1 router-id 3.3.3.3 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! router bgp 100 no synchronization bgp router-id 3.3.3.3 bgp log-neighbor-changes neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 no auto-summary ! address-family ipv4 vrf CE7-R7 redistribute connected neighbor 37.37.37.7 remote-as 65007 neighbor 37.37.37.7 activate no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf CE6-R6 redistribute connected neighbor 36.36.36.6 remote-as 65006 neighbor 36.36.36.6 activate no auto-summary no synchronization exit-address-family !

address-family vpnv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community extended no auto-summary exit-address-family ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

2.3.4

PE4-R4 设备配置

PE4-R4#show running Building configuration... Current configuration : 1709 bytes ! version 12.2 service timestamps debug datetime msec

service timestamps log datetime msec no service password-encryption ! hostname PE4-R4 ! ! ip subnet-zero ! ! no ip domain lookup ! ip vrf CE8-R8 rd 8:8 route-target export 8:8 route-target import 200:200 ! ip cef mpls label protocol ldp ! ! ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 4.4.4.4 255.255.255.255 ! interface FastEthernet0/0 ip vrf forwarding CE8-R8 ip address 48.48.48.4 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address

shutdown duplex auto speed auto ! interface Ethernet1/0 ip address 14.14.14.4 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/1 no ip address shutdown half-duplex ! interface Ethernet1/2 no ip address shutdown half-duplex ! interface Ethernet1/3 no ip address shutdown half-duplex ! router ospf 1 router-id 4.4.4.4 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! router bgp 100 no synchronization bgp router-id 4.4.4.4 bgp log-neighbor-changes neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 no auto-summary ! address-family ipv4 vrf CE8-R8 redistribute connected neighbor 48.48.48.8 remote-as 65008 neighbor 48.48.48.8 activate no auto-summary no synchronization exit-address-family

! address-family vpnv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community extended no auto-summary exit-address-family ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

2.3.5

CE5-R5 设备配置

CE5-R5#show running Building configuration... Current configuration : 1044 bytes ! version 12.2

service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CE5-R5 ! ! ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 172.16.50.1 255.255.255.0 ! interface FastEthernet0/0 no ip address duplex auto speed auto ! interface FastEthernet0/0.1 encapsulation dot1Q 1 native ip address 25.25.25.2 255.255.255.252 ! interface FastEthernet0/0.2 encapsulation dot1Q 2 ip address 25.25.25.6 255.255.255.252 !

interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! router bgp 65005 no synchronization bgp log-neighbor-changes network 172.16.50.0 mask 255.255.255.0 neighbor 25.25.25.1 remote-as 100 neighbor 25.25.25.5 remote-as 100 no auto-summary ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

2.3.6

CE6-R6 设备配置

CE6-R6#show running Building configuration... Current configuration : 840 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CE6-R6 ! ! ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 172.16.60.1 255.255.255.0 ! interface FastEthernet0/0 ip address 36.36.36.6 255.255.255.0 duplex auto speed auto

! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! router bgp 65006 no synchronization bgp log-neighbor-changes network 172.16.60.0 mask 255.255.255.0 neighbor 36.36.36.3 remote-as 100 no auto-summary ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

2.3.7

CE7-R7 设备配置

CE7-R7#show running Building configuration... Current configuration : 840 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CE7-R7 ! ! ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 172.16.70.1 255.255.255.0 ! interface FastEthernet0/0 ip address 37.37.37.7 255.255.255.0 duplex auto speed auto

! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! router bgp 65007 no synchronization bgp log-neighbor-changes network 172.16.70.0 mask 255.255.255.0 neighbor 37.37.37.3 remote-as 100 no auto-summary ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

2.3.8

CE8-R8 设备配置

CE8-R8#show running Building configuration... Current configuration : 840 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CE8-R8 ! ! ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! ! ! ! mta receive maximum-recipients 0 ! ! ! ! interface Loopback0 ip address 172.16.80.1 255.255.255.0 ! interface FastEthernet0/0 ip address 48.48.48.8 255.255.255.0 duplex auto speed auto

! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! router bgp 65008 no synchronization bgp log-neighbor-changes network 172.16.80.0 mask 255.255.255.0 neighbor 48.48.48.4 remote-as 100 no auto-summary ! ip classless ip http server ! ! ! ! ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 exec-timeout 0 0 login ! ! end

2.4
2.4.1

设备配置
P1-R1 配置验证

P1-R1#show ip ospf neighbor Neighbor ID 4.4.4.4 3.3.3.3 2.2.2.2 Pri 1 1 1 State FULL/BDR FULL/BDR FULL/BDR Dead Time 00:00:33 00:00:35 00:00:31 Address 14.14.14.4 13.13.13.3 12.12.12.2 Interface Ethernet1/2 Ethernet1/1 Ethernet1/0

P1-R1#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets C O O O C C C P1-R1# 1.1.1.1 is directly connected, Loopback0 2.0.0.0/32 is subnetted, 1 subnets 2.2.2.2 [110/11] via 12.12.12.2, 04:15:16, Ethernet1/0 3.0.0.0/32 is subnetted, 1 subnets 3.3.3.3 [110/11] via 13.13.13.3, 04:15:16, Ethernet1/1 4.0.0.0/32 is subnetted, 1 subnets 4.4.4.4 [110/11] via 14.14.14.4, 04:15:16, Ethernet1/2 12.0.0.0/24 is subnetted, 1 subnets 12.12.12.0 is directly connected, Ethernet1/0 13.0.0.0/24 is subnetted, 1 subnets 13.13.13.0 is directly connected, Ethernet1/1 14.0.0.0/24 is subnetted, 1 subnets 14.14.14.0 is directly connected, Ethernet1/2

2.4.2

PE2-R2 配置验证

PE2-R2#show ip ospf neighbor Neighbor ID 172.16.50.1 Pri 1 State FULL/BDR Dead Time 00:00:32 Address 25.25.25.6 Interface FastEthernet0/

0.2 172.16.50.1 0.1 1.1.1.1 1 FULL/DR 00:00:38 12.12.12.1 Ethernet1/0 PE2-R2#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets O C O O C O O 1.1.1.1 [110/11] via 12.12.12.1, 04:19:39, Ethernet1/0 2.0.0.0/32 is subnetted, 1 subnets 2.2.2.2 is directly connected, Loopback0 3.0.0.0/32 is subnetted, 1 subnets 3.3.3.3 [110/21] via 12.12.12.1, 04:19:39, Ethernet1/0 4.0.0.0/32 is subnetted, 1 subnets 4.4.4.4 [110/21] via 12.12.12.1, 04:19:39, Ethernet1/0 12.0.0.0/24 is subnetted, 1 subnets 12.12.12.0 is directly connected, Ethernet1/0 13.0.0.0/24 is subnetted, 1 subnets 13.13.13.0 [110/20] via 12.12.12.1, 04:19:39, Ethernet1/0 14.0.0.0/24 is subnetted, 1 subnets 14.14.14.0 [110/20] via 12.12.12.1, 04:19:40, Ethernet1/0 1 FULL/BDR 00:00:32 25.25.25.2 FastEthernet0/

PE2-R2# show ip bgp summary BGP router identifier 2.2.2.2, local AS number 100 BGP table version is 1, main routing table version 1 Neighbor 3.3.3.3 4.4.4.4 PE2-R2# PE2-R2#show ip bgp neighbor BGP neighbor is 3.3.3.3, remote AS 100, internal link BGP version 4, remote router ID 3.3.3.3 BGP state = Established, up for 04:22:08 Last read 00:00:08, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: V 4 4 AS MsgRcvd MsgSent 100 100 283 272 284 273 TblVer 1 1 InQ OutQ Up/Down 0 0 0 04:25:18 0 04:22:53 State/PfxRcd 0 0

Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received IPv4 MPLS Label capability: Address family VPNv4 Unicast: advertised and received IPv4 MPLS Label capability: Received 280 messages, 0 notifications, 0 in queue Sent 281 messages, 0 notifications, 0 in queue Default minimum time between advertisement runs is 5 seconds For address family: IPv4 Unicast BGP table version 1, neighbor version 1 Index 1, Offset 0, Mask 0x2 Route refresh request: received 0, sent 0 0 accepted prefixes consume 0 bytes Prefix advertised 0, suppressed 0, withdrawn 0 For address family: VPNv4 Unicast BGP table version 33, neighbor version 33 Index 1, Offset 0, Mask 0x2 Route refresh request: received 2, sent 0 4 accepted prefixes consume 256 bytes Prefix advertised 22, suppressed 0, withdrawn 0 Connections established 1; dropped 0 Last reset never Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 2.2.2.2, Local port: 11014 Foreign host: 3.3.3.3, Foreign port: 179 Enqueued packets for retransmit: 0, input: 0 Event Timers (current time is 0xF2C90C): Timer Retrans TimeWait AckHold SendWnd KeepAlive GiveUp PmtuAger DeadWait iss: 4031352652 irs: 3473306622 Starts 297 0 277 0 0 0 0 0 Wakeups 19 0 233 0 0 0 0 0 Next 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 sndnxt: 4031359543 rcvwnd: 16004 sndwnd: delrcvwnd: 16080 380 mis-ordered: 0 (0 bytes)

snduna: 4031359543 rcvnxt: 3473313131

SRTT: 540 ms, RTTO: 1121 ms, RTV: 581 ms, KRTT: 0 ms minRTT: 256 ms, maxRTT: 1276 ms, ACK hold: 200 ms Flags: higher precedence, nagle Datagrams (max data segment is 536 bytes): Rcvd: 476 (out of order: 0), with data: 277, total data bytes: 6508 Sent: 541 (retransmit: 19, fastretransmit: 0), with data: 277, total data bytes: 6890 BGP neighbor is 4.4.4.4, remote AS 100, internal link

BGP version 4, remote router ID 4.4.4.4 BGP state = Established, up for 04:19:45 Last read 00:00:46, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received IPv4 MPLS Label capability: Address family VPNv4 Unicast: advertised and received IPv4 MPLS Label capability: Received 269 messages, 0 notifications, 0 in queue Sent 270 messages, 0 notifications, 0 in queue Default minimum time between advertisement runs is 5 seconds For address family: IPv4 Unicast BGP table version 1, neighbor version 1 Index 2, Offset 0, Mask 0x4 Route refresh request: received 0, sent 0 0 accepted prefixes consume 0 bytes Prefix advertised 0, suppressed 0, withdrawn 0 For address family: VPNv4 Unicast BGP table version 33, neighbor version 33 Index 2, Offset 0, Mask 0x4 Route refresh request: received 0, sent 0 2 accepted prefixes consume 128 bytes Prefix advertised 12, suppressed 0, withdrawn 0 Connections established 1; dropped 0 Last reset never Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 2.2.2.2, Local port: 11015 Foreign host: 4.4.4.4, Foreign port: 179 Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes)

Event Timers (current time is 0xF2D47C): Timer Retrans TimeWait AckHold SendWnd KeepAlive GiveUp PmtuAger DeadWait iss: 2518791696 irs: 84936295 Starts 294 0 268 0 0 0 0 0 Wakeups 26 0 218 0 0 0 0 0 Next 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 sndnxt: 2518797602 rcvwnd: 16175 sndwnd: delrcvwnd: 16061 209

snduna: 2518797602 rcvnxt: 84942014

SRTT: 604 ms, RTTO: 1101 ms, RTV: 497 ms, KRTT: 0 ms minRTT: 300 ms, maxRTT: 1280 ms, ACK hold: 200 ms Flags: higher precedence, nagle Datagrams (max data segment is 536 bytes): Rcvd: 454 (out of order: 0), with data: 268, total data bytes: 5718 Sent: 516 (retransmit: 26, fastretransmit: 0), with data: 267, total data bytes: 5905 PE2-R2#show ip bgp vpnv4 vrf HUB BGP table version is 33, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 25.25.25.0/30 *>i36.36.36.0/24 *>i37.37.37.0/24 *>i48.48.48.0/24 *>i172.16.60.1/32 *>i172.16.70.1/32 *>i172.16.80.1/32 Next Hop 0.0.0.0 3.3.3.3 3.3.3.3 4.4.4.4 3.3.3.3 3.3.3.3 4.4.4.4 Metric LocPrf Weight Path 0 0 0 0 11 11 2 100 100 100 100 100 100 32768 ? 0 ? 0 ? 0 ? 0 ? 0 ? 0 ?

Route Distinguisher: 100:1000 (default for vrf HUB)

PE2-R2#show ip bgp vpnv4 vrf SPOKE BGP table version is 33, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 200:200 (default for vrf SPOKE)

*> 25.25.25.0/30 *> 25.25.25.4/30 *> 36.36.36.0/24 *> 37.37.37.0/24 *> 48.48.48.0/24 *> 172.16.50.1/32 *> 172.16.60.1/32 *> 172.16.70.1/32 *> 172.16.80.1/32

25.25.25.6 0.0.0.0 25.25.25.6 25.25.25.6 25.25.25.6 25.25.25.6 25.25.25.6 25.25.25.6 25.25.25.6

2 0 1 1 1 2 11 11 2

32768 ? 32768 ? 32768 ? 32768 ? 32768 ? 32768 ? 32768 ? 32768 ? 32768 ?

PE2-R2#show ip route vrf HUB Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets B B B O B B B C O 48.48.48.0 [200/0] via 4.4.4.4, 04:20:22 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [200/0] via 3.3.3.3, 04:22:08 172.16.0.0/32 is subnetted, 4 subnets 172.16.60.1 [200/11] via 3.3.3.3, 04:15:22 172.16.50.1 [110/2] via 25.25.25.2, 04:17:48, FastEthernet0/0.1 172.16.80.1 [200/2] via 4.4.4.4, 04:08:20 172.16.70.1 [200/11] via 3.3.3.3, 04:11:50 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [200/0] via 3.3.3.3, 04:22:08 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 is directly connected, FastEthernet0/0.1 25.25.25.4 [110/2] via 25.25.25.2, 04:17:49, FastEthernet0/0.1

PE2-R2#show ip route vrf SPOKE Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set

48.0.0.0/24 is subnetted, 1 subnets O E2 O E2 O E2 O O E2 O E2 O E2 O C PE2-R2# 48.48.48.0 [110/1] via 25.25.25.6, 03:32:28, FastEthernet0/0.2 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [110/1] via 25.25.25.6, 03:32:28, FastEthernet0/0.2 172.16.0.0/32 is subnetted, 4 subnets 172.16.60.1 [110/11] via 25.25.25.6, 03:32:28, FastEthernet0/0.2 172.16.50.1 [110/2] via 25.25.25.6, 04:17:57, FastEthernet0/0.2 172.16.80.1 [110/2] via 25.25.25.6, 03:32:28, FastEthernet0/0.2 172.16.70.1 [110/11] via 25.25.25.6, 03:32:28, FastEthernet0/0.2 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [110/1] via 25.25.25.6, 03:32:28, FastEthernet0/0.2 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [110/2] via 25.25.25.6, 04:17:58, FastEthernet0/0.2 25.25.25.4 is directly connected, FastEthernet0/0.2

2.4.3

PE3-R3 配置验证

PE3-R3#show ip ospf neighbor Neighbor ID 172.16.70.1 172.16.60.1 1.1.1.1 Pri 1 1 1 State FULL/BDR FULL/BDR FULL/DR Dead Time 00:00:38 00:00:39 00:00:34 Address 37.37.37.7 36.36.36.6 13.13.13.1 Interface Ethernet1/2 Ethernet1/1 Ethernet1/0

PE3-R3#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets O O C O 1.1.1.1 [110/11] via 13.13.13.1, 03:30:46, Ethernet1/0 2.0.0.0/32 is subnetted, 1 subnets 2.2.2.2 [110/21] via 13.13.13.1, 03:30:46, Ethernet1/0 3.0.0.0/32 is subnetted, 1 subnets 3.3.3.3 is directly connected, Loopback0 4.0.0.0/32 is subnetted, 1 subnets 4.4.4.4 [110/21] via 13.13.13.1, 03:30:46, Ethernet1/0 12.0.0.0/24 is subnetted, 1 subnets

O C O PE3-R3#

12.12.12.0 [110/20] via 13.13.13.1, 03:30:46, Ethernet1/0 13.0.0.0/24 is subnetted, 1 subnets 13.13.13.0 is directly connected, Ethernet1/0 14.0.0.0/24 is subnetted, 1 subnets 14.14.14.0 [110/20] via 13.13.13.1, 03:30:47, Ethernet1/0

PE3-R3#show ip bgp summary BGP router identifier 3.3.3.3, local AS number 100 BGP table version is 1, main routing table version 1 Neighbor 2.2.2.2 V 4 AS MsgRcvd MsgSent 100 286 285 TblVer 1 InQ OutQ Up/Down 0 0 04:27:05 State/PfxRcd 0

PE3-R3#show ip bgp neighbor BGP neighbor is 2.2.2.2, remote AS 100, internal link BGP version 4, remote router ID 2.2.2.2 BGP state = Established, up for 04:27:14 Last read 00:00:14, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received IPv4 MPLS Label capability: Address family VPNv4 Unicast: advertised and received IPv4 MPLS Label capability: Received 286 messages, 0 notifications, 0 in queue Sent 285 messages, 0 notifications, 0 in queue Default minimum time between advertisement runs is 5 seconds For address family: IPv4 Unicast BGP table version 1, neighbor version 1 Index 1, Offset 0, Mask 0x2 Route refresh request: received 0, sent 0 0 accepted prefixes consume 0 bytes Prefix advertised 0, suppressed 0, withdrawn 0 For address family: VPNv4 Unicast BGP table version 39, neighbor version 39 Index 1, Offset 0, Mask 0x2 Route refresh request: received 0, sent 2 9 accepted prefixes consume 576 bytes Prefix advertised 12, suppressed 0, withdrawn 0 Connections established 1; dropped 0 Last reset never Connection state is ESTAB, I/O status: 1, unread input bytes: 0

Local host: 3.3.3.3, Local port: 179 Foreign host: 2.2.2.2, Foreign port: 11014 Enqueued packets for retransmit: 0, input: 0 Event Timers (current time is 0xF5E6EC): Timer Retrans TimeWait AckHold SendWnd KeepAlive GiveUp PmtuAger DeadWait iss: 3473306622 irs: 4031352652 Starts 301 0 282 0 0 0 0 0 Wakeups 18 0 152 0 0 0 0 0 Next 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 sndnxt: 3473313226 rcvwnd: 15985 sndwnd: delrcvwnd: 15909 399 mis-ordered: 0 (0 bytes)

snduna: 3473313226 rcvnxt: 4031359638

SRTT: 674 ms, RTTO: 1147 ms, RTV: 473 ms, KRTT: 0 ms minRTT: 276 ms, maxRTT: 2036 ms, ACK hold: 200 ms Flags: passive open, nagle, gen tcbs Datagrams (max data segment is 536 bytes): Rcvd: 567 (out of order: 0), with data: 282, total data bytes: 6985 Sent: 463 (retransmit: 18, fastretransmit: 0), with data: 282, total data bytes: 6603 PE3-R3#show ip bgp vpnv4 vrf CE6-R6 BGP table version is 39, local router ID is 3.3.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure Origin codes: i - IGP, e - EGP, ? - incomplete Network *>i25.25.25.0/30 *>i25.25.25.4/30 * i36.36.36.0/24 *> *>i37.37.37.0/24 *>i48.48.48.0/24 *>i172.16.50.1/32 * i172.16.60.1/32 *> *>i172.16.70.1/32 Next Hop 2.2.2.2 2.2.2.2 2.2.2.2 0.0.0.0 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 36.36.36.6 2.2.2.2 Metric LocPrf Weight Path 2 0 1 0 1 1 2 11 11 11 100 100 100 100 100 100 100 100 0 ? 0 ? 0 ? 32768 ? 0 ? 0 ? 0 ? 0 ? 32768 ? 0 ?

Route Distinguisher: 6:6 (default for vrf CE6-R6)

*>i172.16.80.1/32

2.2.2.2

2

100

0 ?

PE3-R3#show ip bgp vpnv4 vrf CE7-R7 BGP table version is 39, local router ID is 3.3.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure Origin codes: i - IGP, e - EGP, ? - incomplete Network *>i25.25.25.0/30 *>i25.25.25.4/30 *>i36.36.36.0/24 * i37.37.37.0/24 *> *>i48.48.48.0/24 *>i172.16.50.1/32 *>i172.16.60.1/32 * i172.16.70.1/32 *> *>i172.16.80.1/32 PE3-R3# PE3-R3#show ip route vrf CE6-R6 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets B C O B B B B 48.48.48.0 [200/1] via 2.2.2.2, 00:25:32 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 is directly connected, Ethernet1/1 172.16.0.0/32 is subnetted, 4 subnets 172.16.60.1 [110/11] via 36.36.36.6, 03:32:27, Ethernet1/1 172.16.50.1 [200/2] via 2.2.2.2, 04:23:06 172.16.80.1 [200/2] via 2.2.2.2, 00:25:32 172.16.70.1 [200/11] via 2.2.2.2, 00:25:32 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [200/1] via 2.2.2.2, 00:25:32 25.0.0.0/30 is subnetted, 2 subnets Next Hop 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 0.0.0.0 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 37.37.37.7 2.2.2.2 Metric LocPrf Weight Path 2 0 1 1 0 1 2 11 11 11 2 100 100 100 100 100 100 100 100 100 0 ? 0 ? 0 ? 0 ? 32768 ? 0 ? 0 ? 0 ? 0 ? 32768 ? 0 ?

Route Distinguisher: 7:7 (default for vrf CE7-R7)

B B

25.25.25.0 [200/2] via 2.2.2.2, 04:23:06 25.25.25.4 [200/0] via 2.2.2.2, 04:27:37

PE3-R3#show ip route vrf CE7-R7 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets B B B B B O C B B PE3-R3# 48.48.48.0 [200/1] via 2.2.2.2, 00:25:40 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [200/1] via 2.2.2.2, 00:25:40 172.16.0.0/32 is subnetted, 4 subnets 172.16.60.1 [200/11] via 2.2.2.2, 00:25:40 172.16.50.1 [200/2] via 2.2.2.2, 04:23:14 172.16.80.1 [200/2] via 2.2.2.2, 00:25:40 172.16.70.1 [110/11] via 37.37.37.7, 03:32:35, Ethernet1/2 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 is directly connected, Ethernet1/2 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [200/2] via 2.2.2.2, 04:23:14 25.25.25.4 [200/0] via 2.2.2.2, 04:27:46

2.4.4

PE4-R4 配置验证

PE4-R4#show ip ospf neighbor Neighbor ID 172.16.80.1 0 1.1.1.1 1 FULL/DR 00:00:35 14.14.14.1 Ethernet1/0 PE4-R4#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR Pri 1 State FULL/BDR Dead Time 00:00:30 Address 48.48.48.8 Interface FastEthernet0/

P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets O O O C O O C 1.1.1.1 [110/11] via 14.14.14.1, 04:50:29, Ethernet1/0 2.0.0.0/32 is subnetted, 1 subnets 2.2.2.2 [110/21] via 14.14.14.1, 04:50:29, Ethernet1/0 3.0.0.0/32 is subnetted, 1 subnets 3.3.3.3 [110/21] via 14.14.14.1, 04:50:29, Ethernet1/0 4.0.0.0/32 is subnetted, 1 subnets 4.4.4.4 is directly connected, Loopback0 12.0.0.0/24 is subnetted, 1 subnets 12.12.12.0 [110/20] via 14.14.14.1, 04:50:29, Ethernet1/0 13.0.0.0/24 is subnetted, 1 subnets 13.13.13.0 [110/20] via 14.14.14.1, 04:50:29, Ethernet1/0 14.0.0.0/24 is subnetted, 1 subnets 14.14.14.0 is directly connected, Ethernet1/0 PE4-R4#show ip bgp summary BGP router identifier 4.4.4.4, local AS number 100 BGP table version is 1, main routing table version 1 Neighbor 2.2.2.2 V 4 AS MsgRcvd MsgSent 100 301 300 TblVer 1 InQ OutQ Up/Down 0 0 04:50:34 State/PfxRcd 0

PE4-R4#show ip bgp neighbor BGP neighbor is 2.2.2.2, remote AS 100, internal link BGP version 4, remote router ID 2.2.2.2 BGP state = Established, up for 04:50:42 Last read 00:00:41, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received IPv4 MPLS Label capability: Address family VPNv4 Unicast: advertised and received IPv4 MPLS Label capability: Received 301 messages, 0 notifications, 0 in queue Sent 300 messages, 0 notifications, 0 in queue Default minimum time between advertisement runs is 5 seconds For address family: IPv4 Unicast BGP table version 1, neighbor version 1 Index 1, Offset 0, Mask 0x2 Route refresh request: received 0, sent 0 0 accepted prefixes consume 0 bytes Prefix advertised 0, suppressed 0, withdrawn 0

For address family: VPNv4 Unicast BGP table version 23, neighbor version 23 Index 1, Offset 0, Mask 0x2 Route refresh request: received 0, sent 0 9 accepted prefixes consume 576 bytes Prefix advertised 6, suppressed 0, withdrawn 0 Connections established 1; dropped 0 Last reset never Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 4.4.4.4, Local port: 179 Foreign host: 2.2.2.2, Foreign port: 11015 Enqueued packets for retransmit: 0, input: 0 Event Timers (current time is 0x10B7800): Timer Retrans TimeWait AckHold SendWnd KeepAlive GiveUp PmtuAger DeadWait iss: 84936295 Starts 319 0 298 0 0 0 0 0 snduna: Wakeups 19 0 160 0 0 0 0 0 84942603 sndnxt: rcvwnd: Next 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 84942603 16023 sndwnd: delrcvwnd: 16137 361 mis-ordered: 0 (0 bytes)

irs: 2518791696

rcvnxt: 2518798191

SRTT: 557 ms, RTTO: 826 ms, RTV: 269 ms, KRTT: 0 ms minRTT: 256 ms, maxRTT: 1968 ms, ACK hold: 200 ms Flags: passive open, nagle, gen tcbs Datagrams (max data segment is 536 bytes): Rcvd: 582 (out of order: 0), with data: 298, total data bytes: 6494 Sent: 498 (retransmit: 19, fastretransmit: 0), with data: 299, total data bytes: 6307 PE4-R4# PE4-R4#show ip bgp vpnv4 vrf CE8-R8 BGP table version is 23, local router ID is 4.4.4.4 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure Origin codes: i - IGP, e - EGP, ? - incomplete

Network *>i25.25.25.0/30 *>i25.25.25.4/30 *>i36.36.36.0/24 *>i37.37.37.0/24 * i48.48.48.0/24 *> *>i172.16.50.1/32 *>i172.16.60.1/32 *>i172.16.70.1/32 * i172.16.80.1/32 *>

Next Hop 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 0.0.0.0 2.2.2.2 2.2.2.2 2.2.2.2 2.2.2.2 48.48.48.8

Metric LocPrf Weight Path 2 0 1 1 1 0 2 11 11 2 2 100 100 100 100 100 100 100 100 100 0 ? 0 ? 0 ? 0 ? 0 ? 32768 ? 0 ? 0 ? 0 ? 0 ? 32768 ?

Route Distinguisher: 8:8 (default for vrf CE8-R8)

PE4-R4#show ip route vrf CE8-R8 Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets C B B B O B B B B PE4-R4# 48.48.48.0 is directly connected, FastEthernet0/0 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [200/1] via 2.2.2.2, 00:51:41 172.16.0.0/32 is subnetted, 4 subnets 172.16.60.1 [200/11] via 2.2.2.2, 00:51:41 172.16.50.1 [200/2] via 2.2.2.2, 04:49:13 172.16.80.1 [110/2] via 48.48.48.8, 04:40:06, FastEthernet0/0 172.16.70.1 [200/11] via 2.2.2.2, 00:51:41 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [200/1] via 2.2.2.2, 00:51:41 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [200/2] via 2.2.2.2, 04:49:13 25.25.25.4 [200/0] via 2.2.2.2, 04:51:44

2.4.5

CE5-R5 配置验证

CE5-R5#show ip ospf neighbor

Neighbor ID 25.25.25.5 0.2 25.25.25.1 0.1

Pri 1 1

State FULL/DR FULL/DR

Dead Time 00:00:30 00:00:30

Address 25.25.25.5 25.25.25.1

Interface FastEthernet0/ FastEthernet0/

CE5-R5#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets O E2 O E2 O E2 C O E2 O E2 O E2 C C CE5-R5# CE5-R5#traceroute Protocol [ip]: Target IP address: 172.16.60.1 Source address: 172.16.50.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. 48.48.48.0 [110/1] via 25.25.25.1, 04:05:16, FastEthernet0/0.1 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [110/1] via 25.25.25.1, 04:05:16, FastEthernet0/0.1 172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks 172.16.60.1/32 [110/11] via 25.25.25.1, 04:05:16, FastEthernet0/0.1 172.16.50.0/24 is directly connected, Loopback0 172.16.80.1/32 [110/2] via 25.25.25.1, 04:05:16, FastEthernet0/0.1 172.16.70.1/32 [110/11] via 25.25.25.1, 04:05:16, FastEthernet0/0.1 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [110/1] via 25.25.25.1, 04:05:16, FastEthernet0/0.1 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 is directly connected, FastEthernet0/0.1 25.25.25.4 is directly connected, FastEthernet0/0.2

Tracing the route to 172.16.60.1 1 25.25.25.1 288 msec 288 msec 312 msec 2 12.12.12.1 [MPLS: Labels 17/23 Exp 0] 1800 msec 1964 msec 1896 msec 3 36.36.36.3 [MPLS: Label 23 Exp 0] 792 msec 548 msec 600 msec 4 36.36.36.6 744 msec 1032 msec 1104 msec CE5-R5#traceroute Protocol [ip]: Target IP address: 172.16.70.1 Source address: 172.16.50.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.70.1 1 25.25.25.1 332 msec 288 msec 360 msec 2 12.12.12.1 [MPLS: Labels 17/24 Exp 0] 1976 msec 2060 msec 1848 msec 3 37.37.37.3 [MPLS: Label 24 Exp 0] 600 msec 476 msec 592 msec 4 37.37.37.7 728 msec 960 msec 1128 msec CE5-R5#traceroute Protocol [ip]: Target IP address: 172.16.80.1 Source address: 172.16.50.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.80.1 1 25.25.25.1 168 msec 264 msec 240 msec 2 12.12.12.1 [MPLS: Labels 18/22 Exp 0] 1752 msec 1748 msec 2016 msec 3 48.48.48.4 [MPLS: Label 22 Exp 0] 696 msec 644 msec 696 msec 4 48.48.48.8 960 msec 744 msec 816 msec CE5-R5#

2.4.6

CE6-R6 配置验证

CE6-R6#show ip ospf neighbor Neighbor ID 36.36.36.3 0 CE6-R6#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets O E2 C C O E2 O E2 O E2 O E2 O E2 O E2 CE6-R6# CE6-R6#traceroute Protocol [ip]: Target IP address: 172.16.50.1 Source address: 172.16.60.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: 48.48.48.0 [110/1] via 36.36.36.3, 00:59:54, FastEthernet0/0 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 is directly connected, FastEthernet0/0 172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks 172.16.60.0/24 is directly connected, Loopback0 172.16.50.1/32 [110/2] via 36.36.36.3, 04:55:14, FastEthernet0/0 172.16.80.1/32 [110/2] via 36.36.36.3, 00:59:54, FastEthernet0/0 172.16.70.1/32 [110/11] via 36.36.36.3, 00:59:54, FastEthernet0/0 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [110/1] via 36.36.36.3, 00:59:54, FastEthernet0/0 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [110/2] via 36.36.36.3, 04:55:15, FastEthernet0/0 25.25.25.4 [110/1] via 36.36.36.3, 04:55:15, FastEthernet0/0 Pri 1 State FULL/DR Dead Time 00:00:30 Address 36.36.36.3 Interface FastEthernet0/

Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.50.1 1 36.36.36.3 216 msec 120 msec 264 msec 2 13.13.13.1 [MPLS: Labels 16/24 Exp 0] 1520 msec 1988 msec 1944 msec 3 25.25.25.5 [MPLS: Label 24 Exp 0] 576 msec 956 msec 816 msec 4 25.25.25.6 696 msec 840 msec 816 msec CE6-R6#traceroute Protocol [ip]: Target IP address: 172.16.70.1 Source address: 172.16.60.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.70.1 1 36.36.36.3 216 msec 264 msec 168 msec 2 13.13.13.1 [MPLS: Labels 16/29 Exp 0] 1824 msec 1832 msec 2124 msec 3 25.25.25.5 [MPLS: Label 29 Exp 0] 816 msec 860 msec 1452 msec 4 25.25.25.6 948 msec 792 msec 912 msec 5 25.25.25.1 936 msec 1080 msec 1032 msec 6 12.12.12.1 [MPLS: Labels 17/24 Exp 0] 2952 msec 3116 msec 2832 msec 7 37.37.37.3 [MPLS: Label 24 Exp 0] 1248 msec 1532 msec 1704 msec 8 37.37.37.7 2184 msec 1992 msec 1800 msec CE6-R6#traceroute Protocol [ip]: Target IP address: 172.16.80.1 Source address: 172.16.60.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.80.1 1 36.36.36.3 336 msec 312 msec 192 msec

2 13.13.13.1 [MPLS: Labels 16/28 Exp 0] 1968 msec 1156 msec 2136 msec 3 25.25.25.5 [MPLS: Label 28 Exp 0] 840 msec 744 msec 744 msec 4 25.25.25.6 936 msec 816 msec 900 msec 5 25.25.25.1 840 msec 984 msec 816 msec 6 12.12.12.1 [MPLS: Labels 18/22 Exp 0] 3024 msec 2924 msec 2616 msec 7 48.48.48.4 [MPLS: Label 22 Exp 0] 3408 msec 1460 msec 1800 msec 8 48.48.48.8 1968 msec 1800 msec 2452 msec CE6-R6#

2.4.7

CE7-R7 配置验证

CE7-R7#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets O E2 O E2 O E2 O E2 O E2 C C O E2 O E2 48.48.48.0 [110/1] via 37.37.37.3, 01:09:25, FastEthernet0/0 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [110/1] via 37.37.37.3, 01:09:25, FastEthernet0/0 172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks 172.16.60.1/32 [110/11] via 37.37.37.3, 01:09:25, FastEthernet0/0 172.16.50.1/32 [110/2] via 37.37.37.3, 05:01:16, FastEthernet0/0 172.16.80.1/32 [110/2] via 37.37.37.3, 01:09:25, FastEthernet0/0 172.16.70.0/24 is directly connected, Loopback0 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 is directly connected, FastEthernet0/0 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [110/2] via 37.37.37.3, 05:01:16, FastEthernet0/0 25.25.25.4 [110/1] via 37.37.37.3, 05:01:17, FastEthernet0/0

CE7-R7#show ip ospf neighbor Neighbor ID 37.37.37.3 0 CE7-R7# CE7-R7#traceroute Pri 1 State FULL/DR Dead Time 00:00:33 Address 37.37.37.3 Interface FastEthernet0/

Protocol [ip]: Target IP address: 172.16.50.1 Source address: 172.16.70.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.50.1 1 37.37.37.3 240 msec 336 msec 288 msec 2 13.13.13.1 [MPLS: Labels 16/24 Exp 0] 1992 msec 1940 msec 1800 msec 3 25.25.25.5 [MPLS: Label 24 Exp 0] 816 msec 860 msec 888 msec 4 25.25.25.6 912 msec 2508 msec 2336 msec CE7-R7#traceroute Protocol [ip]: Target IP address: 172.16.60.1 Source address: 172.16.70.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.60.1 1 37.37.37.3 144 msec 312 msec 240 msec 2 13.13.13.1 [MPLS: Labels 16/27 Exp 0] 2112 msec 1892 msec 1848 msec 3 25.25.25.5 [MPLS: Label 27 Exp 0] 864 msec 984 msec 912 msec 4 25.25.25.6 1200 msec 720 msec 744 msec 5 25.25.25.1 1000 msec 872 msec 816 msec 6 12.12.12.1 [MPLS: Labels 17/23 Exp 0] 2736 msec 2636 msec 3072 msec 7 36.36.36.3 [MPLS: Label 23 Exp 0] 1584 msec 1616 msec 1776 msec 8 36.36.36.6 1872 msec 2328 msec 1536 msec CE7-R7#traceroute Protocol [ip]: Target IP address: 172.16.80.1 Source address: 172.16.70.1 Numeric display [n]: Timeout in seconds [3]: 10

Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.80.1 1 37.37.37.3 288 msec 456 msec 144 msec 2 13.13.13.1 [MPLS: Labels 16/28 Exp 0] 2040 msec 1868 msec 2188 msec 3 25.25.25.5 [MPLS: Label 28 Exp 0] 1212 msec 844 msec 816 msec 4 25.25.25.6 792 msec 960 msec 936 msec 5 25.25.25.1 2536 msec 1976 msec 1104 msec 6 12.12.12.1 [MPLS: Labels 18/22 Exp 0] 2928 msec 2876 msec 3168 msec 7 48.48.48.4 [MPLS: Label 22 Exp 0] 1488 msec 1488 msec 1844 msec 8 48.48.48.8 1800 msec 2460 msec 1776 msec CE7-R7#

2.4.8

CE8-R8 配置验证

CE8-R8#show ip ospf neighbor Neighbor ID 48.48.48.4 0 CE8-R8#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 48.0.0.0/24 is subnetted, 1 subnets C O E2 O E2 O E2 C 48.48.48.0 is directly connected, FastEthernet0/0 36.0.0.0/24 is subnetted, 1 subnets 36.36.36.0 [110/1] via 48.48.48.4, 01:15:58, FastEthernet0/0 172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks 172.16.60.1/32 [110/11] via 48.48.48.4, 01:15:58, FastEthernet0/0 172.16.50.1/32 [110/2] via 48.48.48.4, 05:04:33, FastEthernet0/0 172.16.80.0/24 is directly connected, Loopback0 Pri 1 State FULL/DR Dead Time 00:00:39 Address 48.48.48.4 Interface FastEthernet0/

O E2 O E2 O E2 O E2 CE8-R8#

172.16.70.1/32 [110/11] via 48.48.48.4, 01:15:58, FastEthernet0/0 37.0.0.0/24 is subnetted, 1 subnets 37.37.37.0 [110/1] via 48.48.48.4, 01:15:58, FastEthernet0/0 25.0.0.0/30 is subnetted, 2 subnets 25.25.25.0 [110/2] via 48.48.48.4, 05:04:34, FastEthernet0/0 25.25.25.4 [110/1] via 48.48.48.4, 05:04:53, FastEthernet0/0

CE8-R8#traceroute Protocol [ip]: Target IP address: 172.16.50.1 Source address: 172.16.80.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.50.1 1 48.48.48.4 288 msec 264 msec 252 msec 2 14.14.14.1 [MPLS: Labels 16/24 Exp 0] 1936 msec 2008 msec 2092 msec 3 25.25.25.5 [MPLS: Label 24 Exp 0] 768 msec 908 msec 1032 msec 4 25.25.25.6 768 msec 1056 msec 960 msec CE8-R8#traceroute Protocol [ip]: Target IP address: 172.16.60.1 Source address: 172.16.80.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.60.1 1 48.48.48.4 360 msec 216 msec 240 msec 2 14.14.14.1 [MPLS: Labels 16/27 Exp 0] 2040 msec 2204 msec 2088 msec 3 25.25.25.5 [MPLS: Label 27 Exp 0] 1128 msec 764 msec 1248 msec 4 25.25.25.6 912 msec 1128 msec 1056 msec 5 25.25.25.1 744 msec 984 msec 864 msec 6 12.12.12.1 [MPLS: Labels 17/23 Exp 0] 3096 msec 2924 msec 3140 msec

7 36.36.36.3 [MPLS: Label 23 Exp 0] 1488 msec 1316 msec 1872 msec 8 36.36.36.6 2136 msec 1824 msec 1896 msec CE8-R8#traceroute Protocol [ip]: Target IP address: 172.16.70.1 Source address: 172.16.80.1 Numeric display [n]: Timeout in seconds [3]: 10 Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 172.16.70.1 1 48.48.48.4 264 msec 360 msec 144 msec 2 14.14.14.1 [MPLS: Labels 16/29 Exp 0] 1480 msec 2120 msec 2016 msec 3 25.25.25.5 [MPLS: Label 29 Exp 0] 1144 msec 868 msec 744 msec 4 25.25.25.6 936 msec 792 msec 576 msec 5 25.25.25.1 720 msec 888 msec 1200 msec 6 12.12.12.1 [MPLS: Labels 17/24 Exp 0] 3048 msec 2984 msec 2880 msec 7 37.37.37.3 [MPLS: Label 24 Exp 0] 1392 msec 1988 msec 1492 msec 8 37.37.37.7 1508 msec 1728 msec 1608 msec CE8-R8#

2.5

实现原理及注意事项

1)实现原理:PE2-R2 接收所有从 PE3-R3、PE4-R4 来的私网路由(CE6-R6,CE7-R7,CE8-R8) ,PE2-R2 的 F0/0.1 绑定到 HUB,那么 CE5-R5 接收到了所有 PE3-R3、PE4-R4 的私网路由,并合成 一个路由表;又因为 PE2-R2 的 F0/0.2 绑定到 SPOKE,所以 CE5-R5 把所有的路由发给 PE2-R2,并携带 RT200:200 发送给 PE 邻居。 2)注意事项:PE2-R2 的两个私网接口和 CE5-R5 运行的路由协议是 BGP,在这种配置下一定要考虑到的 一个细节就是环路问题,PE2-R2 私网路由通过 BGP 协议从 F0/0.1 发送给 CE5-R5 时,bgp 会带上自己的 AS-number,CE5-R5 再通过 BGP 将路由传递给 PE2-R2 时,又会带上原来的 AS-number,这样 PE2-R2 就会发现带有自己的 AS-number,认为网络存在环路,则会忽略 掉这些路由。解决的办法就是让 bgp 不进行环路检测,具体方法如下: address-family ipv4 vrf SPOKE redistribute connected neighbor 25.25.25.6 remote-as 65005 neighbor 25.25.25.6 activate neighbor 25.25.25.6 as-override neighbor 25.25.25.6 allowas-in no auto-summary

no synchronization exit-address-family ! address-family ipv4 vrf HUB redistribute connected neighbor 25.25.25.2 remote-as 65005 neighbor 25.25.25.2 activate neighbor 25.25.25.2 as-override no auto-summary no synchronization exit-address-family !


1
1.1

MPLS VPN 访问 Internet 组网
MPLS VPN 访问 Internet 方式一
网络拓扑图

1.2

应用需求

1)不同的 VPN 之间用户不能互访,相同的 VPN 之间的用户能够互访; 2)所有的 VPN 用户都有访问 Internet 的需求,Internet 出口接在 PE5-IGW 设备上,该接口不属于任何的 VPN 实例;

1.3
1.3.1

设备配置
PE1-RR 设备配置

hostname PE1-R1 ! ip vrf vpn1 rd 1:1 route-target export 1:1 route-target import 1:1 ! ip vrf vpn2 rd 2:2 route-target export 2:2 route-target import 2:2 ! ip vrf vpn3 rd 3:3 route-target export 3:3 route-target import 3:3 ! mpls label protocol ldp tag-switching tdp router-id Loopback0 force ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface FastEthernet0/0 ip address 12.12.12.1 255.255.255.0 duplex auto speed auto mpls label protocol ldp tag-switching ip ! interface Ethernet1/0 ip address 13.13.13.1 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/1 ip address 14.14.14.1 255.255.255.0 half-duplex

mpls label protocol ldp tag-switching ip ! interface Ethernet1/2 ip address 15.15.15.1 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/3 no ip address shutdown half-duplex ! router ospf 1 router-id 1.1.1.1 log-adjacency-changes network 1.1.1.1 0.0.0.0 area 0.0.0.0 network 12.12.12.1 0.0.0.0 area 0.0.0.0 network 13.13.13.1 0.0.0.0 area 0.0.0.0 network 14.14.14.1 0.0.0.0 area 0.0.0.0 network 15.15.15.1 0.0.0.0 area 0.0.0.0 ! router bgp 100 no synchronization bgp log-neighbor-changes neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 neighbor 2.2.2.2 route-reflector-client neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 update-source Loopback0 neighbor 3.3.3.3 route-reflector-client neighbor 4.4.4.4 remote-as 100 neighbor 4.4.4.4 update-source Loopback0 neighbor 4.4.4.4 route-reflector-client neighbor 5.5.5.5 remote-as 100 neighbor 5.5.5.5 update-source Loopback0 neighbor 5.5.5.5 route-reflector-client no auto-summary ! address-family ipv4 vrf vpn3 redistribute connected no auto-summary no synchronization exit-address-family

! address-family ipv4 vrf vpn2 redistribute connected no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf vpn1 redistribute connected no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 route-reflector-client neighbor 2.2.2.2 send-community extended neighbor 3.3.3.3 activate neighbor 3.3.3.3 route-reflector-client neighbor 3.3.3.3 send-community both neighbor 4.4.4.4 activate neighbor 4.4.4.4 route-reflector-client neighbor 4.4.4.4 send-community extended neighbor 5.5.5.5 activate neighbor 5.5.5.5 route-reflector-client neighbor 5.5.5.5 send-community extended no auto-summary exit-address-family ! ! end PE1-R1#

1.3.2

PE2-RR 设备配置

hostname PE2-R2 ! ip vrf vpn1 rd 1:1 route-target export 1:1 route-target import 1:1 ! ip vrf vpn2 rd 2:2

route-target export 2:2 route-target import 2:2 ! ip vrf vpn3 rd 3:3 route-target export 3:3 route-target import 3:3 ! ip cef mpls label protocol ldp tag-switching tdp router-id Loopback0 force ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface FastEthernet0/0 ip address 12.12.12.2 255.255.255.0 duplex auto speed auto mpls label protocol ldp tag-switching ip ! interface Ethernet1/0 ip address 24.24.24.2 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/1 ip address 23.23.23.2 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/2 ip address 25.25.25.2 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! router ospf 1 router-id 2.2.2.2 log-adjacency-changes network 2.2.2.2 0.0.0.0 area 0.0.0.0 network 12.12.12.2 0.0.0.0 area 0.0.0.0

network 23.23.23.2 0.0.0.0 area 0.0.0.0 network 24.24.24.2 0.0.0.0 area 0.0.0.0 network 25.25.25.2 0.0.0.0 area 0.0.0.0 ! router bgp 100 no synchronization bgp log-neighbor-changes neighbor 1.1.1.1 remote-as 100 neighbor 1.1.1.1 update-source Loopback0 neighbor 1.1.1.1 route-reflector-client neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 update-source Loopback0 neighbor 3.3.3.3 route-reflector-client neighbor 4.4.4.4 remote-as 100 neighbor 4.4.4.4 update-source Loopback0 neighbor 4.4.4.4 route-reflector-client neighbor 5.5.5.5 remote-as 100 neighbor 5.5.5.5 update-source Loopback0 neighbor 5.5.5.5 route-reflector-client no auto-summary ! address-family ipv4 vrf vpn3 redistribute connected no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf vpn2 redistribute connected no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf vpn1 redistribute connected no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 1.1.1.1 activate neighbor 1.1.1.1 route-reflector-client neighbor 1.1.1.1 send-community extended neighbor 3.3.3.3 activate neighbor 3.3.3.3 route-reflector-client

neighbor 3.3.3.3 next-hop-self neighbor 3.3.3.3 send-community extended neighbor 4.4.4.4 activate neighbor 4.4.4.4 route-reflector-client neighbor 4.4.4.4 next-hop-self neighbor 4.4.4.4 send-community extended neighbor 5.5.5.5 activate neighbor 5.5.5.5 route-reflector-client neighbor 5.5.5.5 send-community extended no auto-summary exit-address-family ! end PE2-R2#

1.3.3

PE3-Client 设备配置

hostname PE3-R3 ! ip vrf vpn1 rd 1:1 route-target export 1:1 route-target import 1:1 ! ip vrf vpn2 rd 2:2 route-target export 2:2 route-target import 2:2 ! ip vrf vpn3 rd 3:3 route-target export 3:3 route-target import 3:3 ! ip cef mpls label protocol ldp tag-switching tdp router-id Loopback0 force ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface FastEthernet0/0.1 encapsulation dot1Q 10

ip vrf forwarding vpn1 ip address 36.36.36.1 255.255.255.192 ! interface FastEthernet0/0.2 encapsulation dot1Q 20 ip vrf forwarding vpn2 ip address 36.36.36.65 255.255.255.192 ! interface FastEthernet0/0.3 encapsulation dot1Q 30 ip vrf forwarding vpn3 ip address 36.36.36.129 255.255.255.192 ! interface Ethernet1/0 ip address 13.13.13.3 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/1 ip address 23.23.23.3 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! router ospf 1 router-id 3.3.3.3 log-adjacency-changes redistribute static subnets network 3.3.3.3 0.0.0.0 area 0.0.0.0 network 13.13.13.3 0.0.0.0 area 0.0.0.0 network 23.23.23.3 0.0.0.0 area 0.0.0.0 ! router ospf 10 vrf vpn1 log-adjacency-changes redistribute bgp 100 subnets network 36.36.36.0 0.0.0.63 area 0.0.0.0 default-information originate always ! router ospf 20 vrf vpn2 log-adjacency-changes redistribute bgp 100 subnets network 36.36.36.64 0.0.0.63 area 0.0.0.0 default-information originate always !

router ospf 30 vrf vpn3 log-adjacency-changes redistribute bgp 100 subnets network 36.36.36.128 0.0.0.63 area 0.0.0.0 default-information originate always ! router bgp 100 no synchronization bgp log-neighbor-changes neighbor 1.1.1.1 remote-as 100 neighbor 1.1.1.1 update-source Loopback0 neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 no auto-summary ! address-family ipv4 vrf vpn3 redistribute connected redistribute ospf 30 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf vpn2 redistribute connected redistribute ospf 20 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf vpn1 redistribute connected redistribute ospf 10 no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 1.1.1.1 activate neighbor 1.1.1.1 send-community extended neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community extended no auto-summary exit-address-family ! ip classless

ip route 192.168.1.0 255.255.255.0 FastEthernet0/0.1 36.36.36.62 ip route 192.168.2.0 255.255.255.0 FastEthernet0/0.2 36.36.36.126 ip route 192.168.3.0 255.255.255.0 FastEthernet0/0.3 36.36.36.190 ! end

1.3.4

PE4-Client 设备配置

hostname PE4-R4 ! ip vrf vpn1 rd 1:1 route-target export 1:1 route-target import 1:1 ! ip vrf vpn2 rd 2:2 route-target export 2:2 route-target import 2:2 ! ip vrf vpn3 rd 3:3 route-target export 3:3 route-target import 3:3 ! ip cef mpls label protocol ldp tag-switching tdp router-id Loopback0 force ! interface Loopback0 ip address 4.4.4.4 255.255.255.255 ! interface FastEthernet0/0 no ip address duplex auto speed auto ! interface FastEthernet0/0.10 encapsulation dot1Q 10 ip vrf forwarding vpn1 ip address 47.47.47.1 255.255.255.192 ! interface FastEthernet0/0.20 encapsulation dot1Q 20

ip vrf forwarding vpn2 ip address 47.47.47.65 255.255.255.192 ! interface FastEthernet0/0.30 encapsulation dot1Q 30 ip vrf forwarding vpn3 ip address 47.47.47.129 255.255.255.192 ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Ethernet1/0 ip address 24.24.24.4 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! interface Ethernet1/1 ip address 14.14.14.4 255.255.255.0 half-duplex mpls label protocol ldp tag-switching ip ! router ospf 1 router-id 4.4.4.4 log-adjacency-changes network 4.4.4.4 0.0.0.0 area 0.0.0.0 network 14.14.14.4 0.0.0.0 area 0.0.0.0 network 24.24.24.4 0.0.0.0 area 0.0.0.0 ! router ospf 10 vrf vpn1 router-id 47.47.47.1 log-adjacency-changes redistribute bgp 100 subnets network 47.47.47.0 0.0.0.63 area 0.0.0.0 ! router ospf 20 vrf vpn2 router-id 47.47.47.65 log-adjacency-changes redistribute bgp 100 subnets network 47.47.47.64 0.0.0.63 area 0.0.0.0 !

router ospf 30 vrf vpn3 router-id 47.47.47.129 log-adjacency-changes redistribute bgp 100 subnets network 47.47.47.128 0.0.0.63 area 0.0.0.0 ! router bgp 100 no synchronization bgp log-neighbor-changes neighbor 1.1.1.1 remote-as 100 neighbor 1.1.1.1 update-source Loopback0 neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 no auto-summary ! address-family ipv4 vrf vpn3 redistribute ospf 30 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf vpn2 redistribute ospf 20 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf vpn1 redistribute connected redistribute ospf 10 no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 1.1.1.1 activate neighbor 1.1.1.1 send-community extended neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community extended no auto-summary exit-address-family ! end

MPLS基础知识_图文.ppt

MPLS基础知识 - 2014-3-7 Security Level: Internal Use Only MPLS基础知识 光网络产品服务部 www.huawei.com HUAWEI ...

MPLS-自己的经验理解通俗易懂_图文.ppt

世 界 触 手 可 及 48 共享PE的方式 共享 的方式 世 界 触 手 可 及 49 专用PE的方式 专用 的方式 世 界 触 手 可 及 50 MPLS VPN 世 界 触 ...

MPLS Ping&Trace_图文.ppt

MPLS Ping&Trace - MPLS Ping & Tr

MPLS原理_图文.ppt

MPLS原理 - MPLS原理 经过本章的学习,你可以获得以下收获: ? 了解 MPLS 多协议标签交换的概念,及其作用 ? 了解 MPLS 多协议标签交换的工作原理和过程 ? 了解...

城域网与MPLS技术_图文.ppt

城域网与MPLS技术 - 城域网与MPLS技术 练永彬 城域网与MPLS技术 ?为什么需要MPLS ?MPLS原理 ?BGP MPLS VPN 为什么需要MPLS ? MPLS的现实意义...

什么是MPLS VPN? MPLS VPN的九大优势.txt

什么是MPLS VPN? MPLS VPN的九大优势 - MPLSVPN是一种基于MPLS?MultiprotocolLabelSwitching,多协议标记交换 技术的IPVPN,是在网...

MPLS标签分配分析.doc

MPLS标签分配分析 - BGP/MPLS L3 VPN 中的标签分配 朱彦波

MPLS_中兴培训教材_图文.ppt

MPLS_中兴培训教材 - MPLS 的业务原理 MPLS的起源 ?MPLS是吸

CISCO 路由器MPLS VPN配置实例.doc

CISCO 路由器MPLS VPN配置实例 - 目录一、网络环境 ...

MPLS TE学习总结.doc

MPLS TE学习总结 - MPLS-TE 学习总结 在介绍 MPLS-TE 之

华为5700交换机MPLS配置.pdf

华为5700交换机MPLS配置 - 华为 5700 交换机 MPLS 配置 1 2 实验目标 通过实验模拟 3 台 5700 交换机上运行 MPLS。完成底层 IGP-OSPF 多区域配置、MP...

MPLS-VPN原理.doc

MPLS-VPN原理 - MPLS/BGP VPN MPLS VPN 是一种基于 MPLS 技术的 IP-VPN,根据 PE(Provider Edge)设 备是否参与 VPN 路由处理又细分为...

MPLS详解.doc

MPLS 是什么 MPLS(Multi-Propocol Label Switching)即多协议标记交换。 MPLS 属于第三代网络架构,是新一代的 IP 高速骨干网络交换标准,由 IETF(Internet ...

MPLS协议原理_图文.ppt

DA000015 MPLS协议原理 ISSUE 1.0 固网产品课程开发室 课程内容 第一章 MPLS 简介 第二章 标签与标签栈 第三章 标签的转发和分配 第四章 LDP及配置 MPLS ?...

MPLS.doc

Notification 先要有 IGP 需要路由表 根据路由表获得的 IGP 路由本地产生 mpls 标签 依靠 LDP 协议建立邻居传递标签(现在路由条目即是标签) 利用 cef 转发表建立...

MPLS.doc

MPLS - 第一部分:MPLS 大体框架 MPLS 实际应用中是 ISP 级别,即运营商级别 MPLS---Multi-Protocol Label Switching, 中文含义为多协议标...

MPLS交换过程演示分析_图文.doc

MPLS交换过程演示分析 - 企业网络规划现代交换原理课程设计... MPLS交换过程演示分析_信息与通信_工程科技_专业资料。企业网络规划现代交换原理课程设计 ...

全面理解MPLS_图文.ppt

全面理解MPLS - 目录 MPLS的前世今生 MPLS的一些概念 MPLS VPN MPLS OAM MPLS TE/FRR MPLS-TP MPLS概念 MPLS,全称是Multiple...

MPLS基本原理_图文.ppt

MPLS基本原理 - MPLS基本原理 中国联合通信有限公司 山东分公司 培训中心 ? 本课程主要介绍MPLS协议原理以 及标签的转发和分配,最后介绍 LDP标签分发协议。 中国...

MPLS BGP VPN.doc

MPLS BGP VPN - 课程 DA000017 MPLS/BGP VPN