多宿主MPLSVPN中-应用AS-override注意的问题
《多宿主MPLSVPN中-应用AS-override注意的问题》由会员分享,可在线阅读,更多相关《多宿主MPLSVPN中-应用AS-override注意的问题(9页珍藏版)》请在装配图网上搜索。
1、多宿主MPLS/VPN中,应用AS-override注意的问题由 admin 于 星期二, 04/01/2008 - 16:25 发表目的研究PE与CE间使用BGP时,可能出现的次优路径及其环路拓扑图在下面当PE与CE之间使用BGP时,在多宿主网络中,使用AS-override 有可能形成次优路径或环路,如上图所示。配置如下R1 ip vrf vpn-ard 1:10route-target export 1:10route-target import 1:10!ip cef!interface Loopback0ip address 1.1.1.1 255.255.255.255!inter
2、face FastEthernet0/0no ip addressinterface FastEthernet0/0.12encapsulation dot1Q 12ip address 12.1.1.1 255.255.255.0tag-switching ip!interface FastEthernet0/0.13encapsulation dot1Q 13ip address 13.1.1.1 255.255.255.0tag-switching ip!interface FastEthernet0/0.14encapsulation dot1Q 14ip vrf forwarding
3、 vpn-aip address 14.1.1.1 255.255.255.0router ospf 10log-adjacency-changesnetwork 0.0.0.0 255.255.255.255 area 0!router bgp 1no synchronizationbgp log-neighbor-changesneighbor 2.2.2.2 remote-as 1neighbor 2.2.2.2 update-source Loopback0neighbor 3.3.3.3 remote-as 1neighbor 3.3.3.3 update-source Loopba
4、ck0no auto-summary!address-family vpnv4neighbor 2.2.2.2 activateneighbor 2.2.2.2 send-community extendedneighbor 3.3.3.3 activateneighbor 3.3.3.3 send-community extendedexit-address-family!address-family ipv4 vrf vpn-aneighbor 14.1.1.4 remote-as 2neighbor 14.1.1.4 activateneighbor 14.1.1.4 as-overri
5、deno auto-summaryno synchronizationexit-address-familyR2ip vrf vpn-ard 1:10route-target export 1:10route-target import 1:10!ip cef!interface Loopback0ip address 2.2.2.2 255.255.255.255!interface FastEthernet0/0no ip address!interface FastEthernet0/0.12encapsulation dot1Q 12ip address 12.1.1.2 255.25
6、5.255.0tag-switching ip!interface FastEthernet0/0.23encapsulation dot1Q 23ip address 23.1.1.2 255.255.255.0tag-switching ip!interface FastEthernet0/0.25encapsulation dot1Q 25ip vrf forwarding vpn-aip address 25.1.1.2 255.255.255.0router ospf 10log-adjacency-changesnetwork 0.0.0.0 255.255.255.255 are
7、a 0!router bgp 1no synchronizationbgp log-neighbor-changesneighbor 1.1.1.1 remote-as 1neighbor 1.1.1.1 update-source Loopback0neighbor 3.3.3.3 remote-as 1neighbor 3.3.3.3 update-source Loopback0no auto-summary!address-family vpnv4neighbor 1.1.1.1 activateneighbor 1.1.1.1 send-community extendedneigh
8、bor 3.3.3.3 activateneighbor 3.3.3.3 send-community extendedexit-address-family!address-family ipv4 vrf vpn-aneighbor 25.1.1.5 remote-as 2neighbor 25.1.1.5 activateneighbor 25.1.1.5 as-overrideno auto-summaryno synchronizationexit-address-familyR3ip vrf vpn-ard 1:10route-target export 1:10route-targ
9、et import 1:10!ip cefinterface Loopback0ip address 3.3.3.3 255.255.255.255!interface FastEthernet0/0no ip addressduplex half!interface FastEthernet0/0.13encapsulation dot1Q 13ip address 13.1.1.3 255.255.255.0tag-switching ip!interface FastEthernet0/0.23encapsulation dot1Q 23ip address 23.1.1.3 255.2
10、55.255.0tag-switching ip!interface FastEthernet0/0.36encapsulation dot1Q 36ip vrf forwarding vpn-aip address 36.1.1.3 255.255.255.0router ospf 10log-adjacency-changesnetwork 0.0.0.0 255.255.255.255 area 0!router bgp 1no synchronizationbgp log-neighbor-changesneighbor 1.1.1.1 remote-as 1neighbor 1.1.
11、1.1 update-source Loopback0neighbor 2.2.2.2 remote-as 1neighbor 2.2.2.2 update-source Loopback0no auto-summary!address-family vpnv4neighbor 1.1.1.1 activateneighbor 1.1.1.1 send-community extendedneighbor 2.2.2.2 activateneighbor 2.2.2.2 send-community extendedexit-address-family!address-family ipv4
12、 vrf vpn-aneighbor 36.1.1.6 remote-as 2neighbor 36.1.1.6 activateneighbor 36.1.1.6 as-overrideno auto-summaryno synchronizationexit-address-family R4interface Loopback0ip address 4.4.4.4 255.255.255.255!interface FastEthernet0/0no ip addressinterface FastEthernet0/0.14encapsulation dot1Q 14ip addres
13、s 14.1.1.4 255.255.255.0!router bgp 2no synchronizationbgp log-neighbor-changesnetwork 1.1.1.1 mask 255.255.255.255redistribute connectedneighbor 14.1.1.1 remote-as 1no auto-summaryR5interface Loopback0ip address 5.5.5.5 255.255.255.255!interface FastEthernet0/0no ip addressinterface FastEthernet0/0
14、.25encapsulation dot1Q 25ip address 25.1.1.5 255.255.255.0!interface FastEthernet0/0.56encapsulation dot1Q 56ip address 56.1.1.5 255.255.255.0serial restart-delay 0!router ospf 100router-id 5.5.5.5log-adjacency-changesnetwork 0.0.0.0 255.255.255.255 area 0!router bgp 2no synchronizationbgp log-neigh
15、bor-changesnetwork 5.5.5.5 mask 255.255.255.255redistribute connectedneighbor 25.1.1.2 remote-as 1no auto-summaryR6interface Loopback0ip address 6.6.6.6 255.255.255.255!interface FastEthernet0/0no ip addressinterface FastEthernet0/0.36encapsulation dot1Q 36ip address 36.1.1.6 255.255.255.0interface
16、FastEthernet0/0.56encapsulation dot1Q 56ip address 56.1.1.6 255.255.255.0router ospf 100router-id 6.6.6.6log-adjacency-changesnetwork 0.0.0.0 255.255.255.255 area 0router ospf 10log-adjacency-changesrouter bgp 2no synchronizationbgp log-neighbor-changesredistribute connectedneighbor 36.1.1.3 remote-
17、as 1no auto-summary!在R2上看,BGP VPN表r2#sh ip bg vp allBGP table version is 18, local router ID is 2.2.2.2Status codes: s suppressed, d damped, h history, * valid, best, i - internal,r RIB-failure, S StaleOrigin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight PathRoute Dist
18、inguisher: 1:10 (default for vrf vpn-a)*i4.4.4.4/32 1.1.1.1 0 100 0 2 ?* 5.5.5.5/32 25.1.1.5 0 0 2 i*i6.6.6.6/32 3.3.3.3 0 100 0 2 ?*i14.1.1.0/24 1.1.1.1 0 100 0 2 ?r 25.1.1.0/24 25.1.1.5 0 0 2 ?*i36.1.1.0/24 3.3.3.3 0 100 0 2 ?* i56.1.1.0/24 3.3.3.3 0 100 0 2 ?* 25.1.1.5 0 0 2 ?在R5上,r5#sh ip rou36.
19、0.0.0/24 is subnetted, 1 subnetsB 36.1.1.0 20/0 via 25.1.1.2, 00:27:046.0.0.0/32 is subnetted, 1 subnetsB 6.6.6.6 20/0 via 25.1.1.2, 00:27:04可以看到原本红色部分是从OSPF学来,现在变成从EBGP学来,下一条变为R2,r5#trace 6.6.6.6Type escape sequence to abort.Tracing the route to 6.6.6.61 25.1.1.2 56 msec 112 msec 140 msec2 36.1.1.3
20、 AS 1 312 msec 104 msec 320 msec3 36.1.1.6 AS 1 316 msec 212 msec * /运营商中路由前缀6.6.6.6/32,在CE3上生成被发往PE3,当PE3把这条前缀通回给CE2时,由于AS-override作用,AS-PATH变成 1 1 ,故形成了环路。解决方案:AS-override同SOO (site of origin)一起使用,在多宿主MPLS VPN中,SOO用来标识客户站点,防止从某一点离开该站点的流量从另外一点被发送回同一站点。SOO检测环路是自动的,需做在in 的方向上。R2上配置address-family ipv4
21、 vrf vpn-aneighbor 25.1.1.5 route-map dog inroute-map dog permit 10set extcommunity soo 2:2/ 当前缀从PE2通告给PE3时,会被附上SOO值,当PE3检测到相同的SOO时,该前缀便不发给站点2中CE3 R3上配置address-family ipv4 vrf vpn-aneighbor 36.1.1.6 route-map boy inroute-map boy permit 10set extcommunity soo 2:2/SOO值要相同在R5,r5#sh ip rou36.0.0.0/24 is
22、 subnetted, 1 subnetsO 36.1.1.0 110/2 via 56.1.1.6, 00:05:23, FastEthernet0/0.566.0.0.0/32 is subnetted, 1 subnetsO 6.6.6.6 110/2 via 56.1.1.6, 00:05:23, FastEthernet0/0.56r5#trac 6.6.6.6Type escape sequence to abort.Tracing the route to 6.6.6.61 56.1.1.6 84 msec 240 msec *附件大小附件大小24.82 KB MPLS技术的应用与发展
- 温馨提示:
1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
2: 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
3.本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 装配图网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。