Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 12 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
12
Dung lượng
69 KB
Nội dung
MPLS - Lưu ý khi triển khai Kênh VPN : VPN A : Router A1 và Router A Central VPN B : Router A2 và Router A Central VPN AB-Internet : Router PE2 và Router A3 Các VPN này được thiết kế với mong muốn hòan tòan không truy cập qua lại được vì chúng là mạng của các đơn vị hòan tòan khác nhau. Internet được kết nối vào router CE, cụ thể là A3. Router A3 chức thông tin về default route dạng ip route 0.0.0.0 0.0.0.0 destination_address và thông tin này sẽ được quảng bá đến tất cả các router A 1, A 2, A central qua các phương thức địng tuyến động (dynamic routing) để cho phép các khách hàng của các VPN A và B có thể truy cập Internet. Vùng MPLS : _ Router PE1, Router P và Router PE2 _ Router PE1 và PE2 chạy BGP Cấu hình của các Router: Router A1: ! hostname A1 ! ip subnet-zero ! interface Loopback0 ip address 11.0.0.1 255.255.255.255 ! interface Ethernet0 ip address 151.0.0.2 255.255.255.0 ! interface Serial0 no ip address shutdown ! ! router rip version 2 network 11.0.0.0 network 151.0.0.0 ! ip classless Router A2: ! hostname A2 ! ip subnet-zero ! ! interface Loopback0 ip address 12.0.0.1 255.0.0.0 ! interface Serial0 ip address 153.0.0.2 255.255.255.0 no fair-queue clockrate 56000 ! ! router eigrp 100 network 12.0.0.0 network 153.0.0.0 no eigrp log-neighbor-changes ! ip classless no ip http server ! Router A3 : ! hostname A3 ! enable password cisco ! ip subnet-zero ! interface Loopback0 ip address 13.0.0.1 255.255.255.0 ! interface Ethernet0 ip address 200.10.10.1 255.255.255.0 ! ! interface Serial1 ip address 152.0.0.2 255.255.255.0 ! router eigrp 100 redistribute static metric 1000 100 255 255 1500 network 13.0.0.0 network 152.0.0.0 no eigrp log-neighbor-changes ! ip classless ip route 0.0.0.0 0.0.0.0 200.10.10.2 no ip http server ! Router Acentral : ! hostname Acentral ! ip subnet-zero ! ! interface Loopback0 ip address 10.0.0.1 255.255.255.255 ! interface Ethernet0 ip address 150.0.0.2 255.255.255.0 ! ! router rip version 2 network 10.0.0.0 network 150.0.0.0 ! ip classless Router PE1 : ! hostname PE1 ! ip subnet-zero ! ! ip cef ! ip vrf A rd 123:100 route-target export 123:100 route-target export 123:101 route-target import 123:100 route-target import 123:1000 route-target import 123:101 ! mpls ldp logging neighbor-changes ! ! interface Loopback0 ip address 192.168.0.13 255.255.255.255 ! interface FastEthernet1/0 description To P ip address 192.168.0.2 255.255.255.252 duplex auto speed auto tag-switching ip ! interface FastEthernet1/1 description To ACentral ip vrf forwarding A ip address 150.0.0.1 255.255.255.0 duplex auto speed auto ! router eigrp 100 network 192.168.0.0 0.0.255.255 auto-summary ! router rip version 2 ! address-family ipv4 vrf A version 2 redistribute bgp 1 metric transparent network 150.0.0.0 no auto-summary exit-address-family ! router bgp 1 no synchronization bgp log-neighbor-changes neighbor 192.168.0.9 remote-as 1 neighbor 192.168.0.9 update-source Loopback0 no auto-summary ! address-family vpnv4 neighbor 192.168.0.9 activate neighbor 192.168.0.9 next-hop-self neighbor 192.168.0.9 send-community both no auto-summary exit-address-family ! address-family ipv4 vrf A redistribute rip metric 1 no auto-summary no synchronization exit-address-family ! ip classless ! call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom ! Router PE2 : ! hostname PE2 ! ip subnet-zero ! ! ip cef ! ip vrf A rd 123:100 route-target export 123:100 route-target import 123:100 route-target import 123:1000 ! ip vrf AB-Internet rd 123:1000 route-target export 123:1000 route-target import 123:100 route-target import 123:101 ! ip vrf B rd 123:101 route-target export 123:101 route-target import 123:101 route-target import 123:1000 ! mpls ldp logging neighbor-changes ! mta receive maximum-recipients 0 ! interface Loopback0 ip address 192.168.0.9 255.255.255.255 ! interface FastEthernet2/0 description To P ip address 192.168.0.6 255.255.255.252 duplex auto speed auto tag-switching ip ! interface Serial2/0 description To A3 ip vrf forwarding AB-Internet ip address 152.0.0.1 255.255.255.0 clockrate 64000 ! interface FastEthernet2/1 description To A1 ip vrf forwarding A ip address 151.0.0.1 255.255.255.0 duplex auto speed auto ! interface Serial2/1 description To A2 ip vrf forwarding B ip address 153.0.0.1 255.255.255.0 ! router eigrp 100 no redistribute eigrp 100 network 192.168.0.0 no auto-summary ! router eigrp 1 no auto-summary ! address-family ipv4 vrf B redistribute bgp 1 metric 10000 10 255 1 2000 network 153.0.0.0 auto-summary autonomous-system 100 exit-address-family ! address-family ipv4 vrf AB-Internet redistribute bgp 1 metric 10000 10 255 1 2000 network 152.0.0.0 no auto-summary autonomous-system 100 exit-address-family ! router rip version 2 ! address-family ipv4 vrf A version 2 redistribute bgp 1 metric transparent network 151.0.0.0 no auto-summary exit-address-family ! router bgp 1 no synchronization bgp log-neighbor-changes neighbor 192.168.0.13 remote-as 1 neighbor 192.168.0.13 update-source Loopback0 no auto-summary ! address-family vpnv4 neighbor 192.168.0.13 activate neighbor 192.168.0.13 next-hop-self neighbor 192.168.0.13 send-community both no auto-summary exit-address-family ! address-family ipv4 vrf B redistribute eigrp 100 metric 1 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf AB-Internet redistribute eigrp 100 metric 1 default-information originate no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf A redistribute rip metric 1 redistribute eigrp metric 1 no auto-summary no synchronization exit-address-family ! ip http server ip classless call rsvp-sync ! ! mgcp profile default ! ! ! dial-peer cor custom Router P : ! hostname P ! boot-start-marker boot-end-marker ! enable password cisco ! ip subnet-zero ip cef ! ip ips po max-events 100 no ftp-server write-enable voice-card 0 ! interface Loopback0 ip address 192.168.0.17 255.255.255.255 ! interface GigabitEthernet0/0 ip address 192.168.0.1 255.255.255.252 duplex auto speed auto media-type rj45 tag-switching ip ! interface GigabitEthernet0/1 ip address 192.168.0.5 255.255.255.252 duplex auto speed auto media-type rj45 tag-switching ip ! ! router eigrp 100 network 192.168.0.0 auto-summary ! ip classless ! ! control-plane Phương thức hoạt động: i) Đường đi Internet : _ Router A3 có default route ra Router Gateway để đi ra Internet. Router ACentral, A1, A2 có thể đi ra Internet, tuy nhiên do không nằm chung trong VPN nên A1 và A2 không nhìn thấy nhau, ta có thể xem trong Routing Table của A1 và A2. Router A1 không nhìn thấy network 12.0.0.0 của Router A2 Router A2 không nhìn thấy network 11.0.0.0 của Router A1 A1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 151.0.0.1 to network 0.0.0.0 152.0.0.0/24 is subnetted, 1 subnets R 152.0.0.0 [120/1] via 151.0.0.1, 00:00:08, Ethernet0 R 10.0.0.0/8 [120/2] via 151.0.0.1, 00:00:08, Ethernet0 11.0.0.0/32 is subnetted, 1 subnets C 11.0.0.1 is directly connected, Loopback0 R 13.0.0.0/8 [120/2] via 151.0.0.1, 00:00:08, Ethernet0 151.0.0.0/24 is subnetted, 1 subnets C 151.0.0.0 is directly connected, Ethernet0 150.0.0.0/24 is subnetted, 1 subnets R 150.0.0.0 [120/1] via 151.0.0.1, 00:00:08, Ethernet0 R* 0.0.0.0/0 [120/2] via 151.0.0.1, 00:00:08, Ethernet0 A2#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 153.0.0.1 to network 0.0.0.0 [...]... A1#ping 12.0.0.1 Type escape sequence to abort Sending 5, 100-byte ICMP Echos to 12.0.0.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 96/100/116 ms A2#ping 11.0.0.1 Type escape sequence to abort Sending 5, 100-byte ICMP Echos to 11.0.0.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 100/104/124 ms Ta có thể sử dụng lệnh . 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P. 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P. route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external