MPLS VPN 跨域方案 C方式一

实验拓扑

需求：实现R5-R7，R6-R8两个租户的跨域MPLS VPN的私网互联。

配置思路

1. 搭建骨干网络，R1/2/3/4/9基础配置，设备名/接口IP/ISIS/MPLS/BGP。
2. R2-R3建立EGBP邻居，接口开启MPLS，配置策略P1（打MPLS标签）/P2（匹配到MPLS标签，打上MPLS标签），
R2⇄R3调用P1策略，R2→R1，R3→R4调用P2策略。打通R1-R4跨域段标签交换。
R1⇄R2 R3⇄R4开启标签路由能力， R2→R1 R3→R4修改BGP下一跳为本地。
3. R2发布1.1.1.1 32  R3发布4.4.4.4 32 BGP路由。R1/R4建立 EBGP VPNV4邻居关系，修改最大跳数255。
4. R1/R4配置vpn实列和RD/RT，接口绑定实例配置IP，R1与R5/6分别建立EBGP，R4与R7/8同样。R5/6/7/8发布环回口私网IP。

配置命令

#R1

sys
sysn R1
int g0/0/0
ip addr 19.0.0.1 24
int lo0
ip addr 1.1.1.1 32

ip vpn-instance 5
 ipv4-family
  route-distinguisher 5:5
  vpn-target 5:7 export-extcommunity
  vpn-target 7:5 import-extcommunity
ip vpn-instance 6
 ipv4-family
  route-distinguisher 6:6
  vpn-target 6:8 export-extcommunity
  vpn-target 8:6 import-extcommunity

int g0/0/1
 ip binding vpn-instance 5
 ip addr 15.0.0.1 24
int g0/0/2
 ip binding vpn-instance 6
 ip addr 16.0.0.1 24

isis 1
isis-level level-2
network-ent 49.0001.0000.0000.0001.00
int g0/0/0
isis en 1
int lo0
isis en 1

mpls lsr-id 1.1.1.1
mpls
mpls ldp
int g0/0/0
mpls
mpls ldp


bgp 12
router-id 1.1.1.1
undo default ipv4-unicast
peer 2.2.2.2 as 12 
 peer 2.2.2.2 connect-int lo0
 peer 4.4.4.4 as 34 
 peer 4.4.4.4 ebgp-max-hop 255 
 peer 4.4.4.4 connect-int lo0
 peer 15.0.0.5 as 5 
 peer 16.0.0.6 as 6 
 ipv4-family unicast
  peer 2.2.2.2 en
  peer 2.2.2.2 label-route-capability
 
 ipv4-family vpnv4
  peer 4.4.4.4 enable

 ipv4-family vpn-instance 5 
  peer 15.0.0.5 as 5 
 ipv4-family vpn-instance 6 
  peer 16.0.0.6 as 6

#R9

sys
sysn R9
int g0/0/0
ip addr 19.0.0.9 24
int g0/0/1
ip addr 29.0.0.9 24
int lo0
ip addr 9.9.9.9 32

route-policy P1 permit node 10
apply mpls-label
route-policy P2 permit node 10
if-match mpls-label
apply mpls-label

isis 1
is-level level-2
network-ent 49.0009.0000.0000.0009.00
int g0/0/0
isis en 1
int g0/0/1
isis en 1
int lo0
isis en 1

mpls lsr-id 9.9.9.9
mpls
mpls ldp
int g0/0/0
mpls
mpls ldp
int g0/0/1
mpls
mpls ldp

#R2

sys
sysn R2
int g0/0/1
ip addr 29.0.0.2 24
int g0/0/0
ip addr 23.0.0.2 24
mpls
int lo0
ip addr 2.2.2.2 32

route-policy P1 permit node 10
apply mpls-label
route-policy P2 permit node 10
if-match mpls-label
apply mpls-label

isis 1
is-level level-2
network-ent 49.0002.0000.0000.0003.00
int g0/0/1
isis en 1
int lo0
isis en 1

mpls lsr-id 2.2.2.2
mpls
mpls ldp
int g0/0/1
mpls
mpls ldp

route-policy P1 permit node 10 
 apply mpls-label
route-policy P2 permit node 10 
 if-match mpls-label 
 apply mpls-label

bgp 12
router-id 2.2.2.2
undo default ipv4-unicast
peer 1.1.1.1 as-number 12 
peer 1.1.1.1 connect-int lo0
peer 23.0.0.3 as 34
ipv4-family unicast
  network 1.1.1.1 32
  peer 1.1.1.1 en
  peer 1.1.1.1 route-policy P2 export
  peer 1.1.1.1 next-hop-local 
  peer 1.1.1.1 label-route-capability
  peer 23.0.0.3 en
  peer 23.0.0.3 route-policy P1 export
  peer 23.0.0.3 label-route-capability

#R3

sys
sysn R3
int g0/0/0
ip addr 23.0.0.3 24
mpls
int g0/0/1
ip addr 34.0.0.3 24
int lo0
ip addr 3.3.3.3 32

route-policy P1 permit node 10
apply mpls-label
route-policy P2 permit node 10
if-match mpls-label
apply mpls-label

isis 1
is-level level-2
network-ent 49.0003.0000.0000.0003.00
int g0/0/1
isis en 1
int lo0
isis en 1

mpls lsr-id 3.3.3.3
mpls
mpls ldp
int g0/0/1
mpls
mpls ldp

route-policy P1 permit node 10 
 apply mpls-label
route-policy P2 permit node 10 
 if-match mpls-label 
 apply mpls-label

bgp 34
router-id 3.3.3.3
undo default ipv4-unicast
peer 4.4.4.4 as 34 
peer 4.4.4.4 connect-int lo0
peer 23.0.0.2 as 12 
 ipv4-family unicast
  network 4.4.4.4 32
  peer 4.4.4.4 en
  peer 4.4.4.4 route-policy P2 export
  peer 4.4.4.4 next-hop-local 
  peer 4.4.4.4 label-route-capability
  peer 23.0.0.2 en
  peer 23.0.0.2 route-policy P1 export
  peer 23.0.0.2 label-route-capability

#R4

sys
sysn R4
int g0/0/0
ip addr 34.0.0.4 24
int lo0
ip addr 4.4.4.4 32

ip vpn-instance 7
 ipv4-family
  route-distinguisher 7:7
  vpn-target 7:5 export-extcommunity
  vpn-target 5:7 import-extcommunity
ip vpn-instance 8
 ipv4-family
  route-distinguisher 8:8
  vpn-target 8:6 export-extcommunity
  vpn-target 6:8 import-extcommunity

int g0/0/1
 ip binding vpn-instance 7
 ip addr 47.0.0.4 24
int g0/0/2
 ip binding vpn-instance 8
 ip addr 48.0.0.4 24

isis 1
is-level level-2
network-ent 49.0004.0000.0000.0004.00
int g0/0/0
isis en 1
int lo0
isis en 1

mpls lsr-id 4.4.4.4
mpls
mpls ldp
int g0/0/0
mpls
mpls ldp

bgp 34
router-id 4.4.4.4
undo default ipv4-unicast
peer 1.1.1.1 as 12 
peer 1.1.1.1 ebgp-max-hop 255 
peer 1.1.1.1 connect-int lo0
peer 3.3.3.3 as 34 
peer 3.3.3.3 connect-int lo0
peer 47.0.0.7 as 7 
peer 48.0.0.8 as 8 

ipv4-family unicast
  peer 3.3.3.3 enable
  peer 3.3.3.3 label-route-capability

 ipv4-family vpnv4
  peer 1.1.1.1 enable

 ipv4-family vpn-instance 7 
  peer 47.0.0.7 as 7 

 ipv4-family vpn-instance 8 
  peer 48.0.0.8 as 8

#R5

sys
sysn R5
int g0/0/0
ip addr 15.0.0.5 24
int lo0
ip addr 5.5.5.5 32

bgp 5
router-id 5.5.5.5
peer 15.0.0.1 as 12
ipv4-family unicast
 netowrk 5.5.5.5 32
 peer 15.0.0.1 en

#R6

sys
sysn R6
int g0/0/0
ip addr 16.0.0.6 24
int lo0
ip addr 6.6.6.6 32

bgp 6
router-id 6.6.6.6
peer 16.0.0.1 as 12
ipv4-family unicast
 netowrk 6.6.6.6 32
 peer 16.0.0.1 en

#R7

sys
sysn R7
int g0/0/0
ip addr 47.0.0.7 24
int lo0
ip addr 7.7.7.7 32

bgp 7
router-id 7.7.7.7
peer 47.0.0.4 as 34
ipv4-family unicast
 netowrk 7.7.7.7 32
 peer 47.0.0.4 en

#R8

sys
sysn R8
int g0/0/0
ip addr 48.0.0.8 24
int lo0
ip addr 8.8.8.8 32

bgp 8
router-id 8.8.8.8
peer 48.0.0.4 as 34
ipv4-family unicast
 netowrk 8.8.8.8 32
 peer 48.0.0.4 en

验证结果：

0x0

MPLS VPN 跨域方案 C方式一

BGP MPLS VPN 跨域方案C &RR反射器

Hub&Spoke组网方式一

MPLS VPN 基础实验2

VRF 虚拟路由转发

MPLS VPN 跨域方案 C方式一

MPLS VPN 跨域方案 C方式一

openwrt 软路由wireshark ssh tcpdump远程抓包

BGP MPLS VPN 跨域方案C &RR反射器

Hub&Spoke组网方式一

MPLS VPN 基础实验2

VRF 虚拟路由转发

MPLS VPN 跨域方案 C方式一