Xin chào ! Nếu đây là lần đầu tiên bạn đến với diễn đàn, xin vui lòng danh ra một phút bấm vào đây để đăng kí và tham gia thảo luận cùng VnPro.

Announcement

Collapse
No announcement yet.

Lab: Ospf sham-links

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Lab: Ospf sham-links






    Thực hiện

    Cấu hình địa chỉ ip và định nghĩa các VRF trên các PE.

    Cấu hình OSPF Sham-link theo các bước sau:
    1. Tạo các đầu cuối (endpoint) của sham-link

    Tạo các giao tiếp loopback trên mỗi router PE và gắn kết nó vào VRF CustomerA của VPN. Địa chỉ loopback là một địa chỉ trong không gian địa chỉ của VPN, không được là không gian địa chỉ của nhà cung cấp dịch vụ MPLS VPN vì sham-link là một kết nối của khách hàng (CustomerA).

    Tạo endpoint thực hiện trên PE1-AS1 và PE2-AS1 như sau:
    PE1-AS1(config)#interface Loopback101PE1-AS1(config-if)#description sham-link Endpoint on PE1-AS1PE1-AS1(config-if)#ip vrf forwarding Cust_A

    PE1-AS1(config-if)#ip address 172.16.101.1 255.255.255.255
    PE2-AS1(config)#interface Loopback101PE2-AS1(config-if)#description sham-link Endpoint on PE2-AS1PE2-AS1(config-if)#ip vrf forwarding Cust_A

    PE2-AS1(config-if)#ip address 172.16.102.1 255.255.255.255
    1. Redistribute endpoint vào MP-BGP
    PE1-AS1(config)#router bgp 1PE1-AS1(config-router)#address-family ipv4 vrf Cust_A

    PE1-AS1(config-router-af)#redistribute connected
    PE2-AS1(config)#router bgp 1PE2-AS1(config-router)#address-family ipv4 vrf Cust_A

    PE2-AS1(config-router-af)#redistribute connected
    1. Cho phép sham-link qua tiến trình OSPF VRF
    PE1-AS1(config)#router ospf 101 vrf Cust_A

    PE1-AS1(config-router)#area 0 sham-link 172.16.101.1 172.16.102.1 cost 1
    PE2-AS1(config)#router ospf 101 vrf Cust_APE2-AS1(config-router)#area 0 sham-link 172.16.102.1 172.16.101.1 cost 1

    Cấu hình

    Router P1-AS1

    !

    hostname P1-AS1

    !

    ip subnet-zero

    !

    ip cef

    mpls ldp logging neighbor-changes

    !

    interface Loopback0

    ip address 10.10.10.200 255.255.255.255

    !

    interface Serial0/0

    description Connected to PE1-AS1

    ip address 10.10.10.2 255.255.255.252

    tag-switching ip

    clockrate 64000

    !

    interface Serial0/1

    description Connected to PE2-AS1

    ip address 10.10.10.6 255.255.255.252

    tag-switching ip

    clockrate 64000

    !

    router ospf 1

    log-adjacency-changes

    network 10.0.0.0 0.255.255.255 area 0

    !

    ip http server

    ip classless

    !

    end

    Router PE1-AS1

    !

    hostname PE1-AS1

    !

    ip subnet-zero

    !

    ip vrf CustomerA

    rd 1:100

    route-target export 1:100

    route-target import 1:100

    !

    ip cef

    mpls ldp logging neighbor-changes

    !

    interface Loopback0

    ip address 10.10.10.101 255.255.255.255

    !

    interface Loopback101

    description Sham-link Endpoint on PE1-AS1

    ip vrf forwarding CustomerA

    ip address 172.16.101.1 255.255.255.255

    !

    interface Serial0/0

    description Connected to P1-AS1

    ip address 10.10.10.1 255.255.255.252

    tag-switching ip

    !

    interface Serial1/1

    description Connected to CE1-A

    ip vrf forwarding CustomerA

    ip address 172.16.1.1 255.255.255.252

    clockrate 64000

    !

    interface Serial1/3

    description Connected to CE3-A

    ip vrf forwarding CustomerA

    ip address 172.16.3.1 255.255.255.252

    !

    router ospf 101 vrf CustomerA

    router-id 172.16.101.1

    log-adjacency-changes

    area 0 sham-link 172.16.101.1 172.16.102.1

    redistribute bgp 1 subnets

    network 172.16.1.0 0.0.0.255 area 0

    network 172.16.3.0 0.0.0.255 area 0

    !

    router ospf 1

    router-id 10.10.10.101

    log-adjacency-changes

    network 10.0.0.0 0.255.255.255 area 0

    !

    router bgp 1

    no synchronization

    bgp log-neighbor-changes

    neighbor 10.10.10.102 remote-as 1

    neighbor 10.10.10.102 update-source Loopback0

    no auto-summary

    !

    address-family vpnv4

    neighbor 10.10.10.102 activate

    neighbor 10.10.10.102 send-community both

    no auto-summary

    exit-address-family

    !

    address-family ipv4 vrf CustomerA

    redistribute connected

    redistribute ospf 101 match internal external 1 external 2

    no auto-summary

    no synchronization

    exit-address-family

    !

    ip http server

    ip classless

    !

    end

    Router PE2-A

    !

    hostname PE2-AS1

    !

    ip vrf CustomerA

    rd 1:100

    route-target export 1:100

    route-target import 1:100

    !

    ip cef

    mpls ldp logging neighbor-changes

    !

    interface Loopback0

    ip address 10.10.10.102 255.255.255.255

    !

    interface Loopback101

    description Sham-link Endpoint on PE2-AS1

    ip vrf forwarding CustomerA

    ip address 172.16.102.1 255.255.255.255

    !

    interface Serial0/1

    description Connected to P1-AS1

    ip address 10.10.10.5 255.255.255.252

    tag-switching ip

    !

    interface Serial1/0

    description Connected to CE2-A

    ip vrf forwarding CustomerA

    ip address 172.16.2.1 255.255.255.252

    clockrate 64000

    !

    interface Serial1/2

    description Connected to CE4-A

    ip vrf forwarding CustomerA

    ip address 172.16.4.1 255.255.255.252

    clockrate 64000

    !

    router ospf 101 vrf CustomerA

    router-id 172.16.102.1

    log-adjacency-changes

    area 0 sham-link 172.16.102.1 172.16.101.1

    redistribute bgp 1 subnets

    network 172.16.2.0 0.0.0.255 area 0

    network 172.16.4.0 0.0.0.255 area 0

    !

    router ospf 1

    router-id 10.10.10.102

    log-adjacency-changes

    network 10.0.0.0 0.255.255.255 area 0

    !

    router bgp 1

    no synchronization

    bgp log-neighbor-changes

    neighbor 10.10.10.101 remote-as 1

    neighbor 10.10.10.101 update-source Loopback0

    no auto-summary

    !

    address-family vpnv4

    neighbor 10.10.10.101 activate

    neighbor 10.10.10.101 send-community both

    no auto-summary

    exit-address-family

    !

    address-family ipv4 vrf CustomerA

    redistribute connected

    redistribute ospf 101 match internal external 1 external 2

    no auto-summary

    no synchronization

    exit-address-family

    !

    ip classless

    !

    end

    Router CE1-A

    !

    hostname CE1-A

    !

    mpls ldp logging neighbor-changes

    !

    interface Ethernet0/0

    description VPN-A Site 1 network

    ip address 172.16.10.1 255.255.255.0

    half-duplex

    no keepalive

    !

    interface Serial0/0

    description Connected to PE1-AS1

    ip address 172.16.1.2 255.255.255.252

    no fair-queue

    !

    router ospf 101

    log-adjacency-changes

    network 172.16.0.0 0.0.255.255 area 0

    !

    ip http server

    ip classless

    !

    end

    Router CE2-A

    !

    hostname CE2-A

    !

    interface Ethernet0/0

    description VPN-A CustomerA Site 2 network

    ip address 172.16.20.1 255.255.255.0

    half-duplex

    no keepalive

    !

    interface Serial0/0

    description Connected to PE2-AS1

    ip address 172.16.2.2 255.255.255.252

    !

    router ospf 101

    log-adjacency-changes

    network 172.16.0.0 0.0.255.255 area 0

    !

    ip classless

    !

    end

    Router CE3-A

    !

    hostname CE3-A

    !

    interface FastEthernet0/0

    description VPN-A CustomerA Site 3 network

    ip address 172.16.30.1 255.255.255.0

    duplex auto

    speed auto

    no keepalive

    !

    interface Serial0/0

    description Connected to PE1-AS1

    ip address 172.16.3.2 255.255.255.252

    clockrate 64000

    no fair-queue

    !

    interface Serial0/1

    description Sham-link, connected to CE4-A

    bandwidth 512

    ip address 172.16.5.1 255.255.255.252

    !

    router ospf 101

    log-adjacency-changes

    network 172.16.0.0 0.0.255.255 area 0

    !

    ip classless

    !

    end

    Router CE4-A

    !

    hostname CE4-A

    !

    interface Ethernet0/0

    description VPN-A CustomerA Site 4 network

    ip address 172.16.40.1 255.255.255.0

    half-duplex

    no keepalive

    !

    interface Serial0/0

    description Connected to PE2-AS1

    ip address 172.16.4.2 255.255.255.252

    no fair-queue

    !

    interface Serial0/1

    description Sham-link, connected to CE3-A

    bandwidth 512

    ip address 172.16.5.2 255.255.255.252

    clockrate 64000

    !

    router ospf 101

    log-adjacency-changes

    network 172.16.0.0 0.0.255.255 area 0

    !

    ip classless

    !

    end

    Kiểm tra hoạt động của Sham-link

    PE1-AS1#show ip route vrf CustomerA

    Routing Table: CustomerA

    Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

    D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

    N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

    E1 - OSPF external type 1, E2 - OSPF external type 2

    i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

    * - candidate default, U - per-user static route, o - ODR

    P - periodic downloaded static route



    Gateway of last resort is not set



    172.16.0.0/16 is variably subnetted, 11 subnets, 3 masks

    O 172.16.40.0/24 [110/792] via 10.10.10.102, 00:33:15

    O 172.16.30.0/24 [110/782] via 172.16.3.2, 00:33:59, Serial1/3

    O 172.16.20.0/24 [110/792] via 10.10.10.102, 00:33:15

    O 172.16.10.0/24 [110/791] via 172.16.1.2, 00:33:59, Serial1/1

    O 172.16.4.0/30 [110/782] via 10.10.10.102, 00:33:45

    O 172.16.5.0/30 [110/976] via 172.16.3.2, 00:33:59, Serial1/3

    C 172.16.1.0/30 is directly connected, Serial1/1

    O 172.16.2.0/30 [110/782] via 10.10.10.102, 00:33:46

    C 172.16.3.0/30 is directly connected, Serial1/3

    C 172.16.101.1/32 is directly connected, Loopback101

    B 172.16.102.1/32 [200/0] via 10.10.10.102, 00:34:17

    PE2-AS1#show ip route vrf CustomerA ospf 101

    172.16.0.0/16 is variably subnetted, 11 subnets, 3 masks

    O 172.16.40.0/24 [110/791] via 172.16.4.2, 00:42:24, Serial1/2

    O 172.16.30.0/24 [110/783] via 10.10.10.101, 00:42:24

    O 172.16.20.0/24 [110/791] via 172.16.2.2, 00:42:24, Serial1/0

    O 172.16.10.0/24 [110/792] via 10.10.10.101, 00:42:24

    O 172.16.5.0/30 [110/976] via 172.16.4.2, 00:42:24, Serial1/2

    O 172.16.1.0/30 [110/782] via 10.10.10.101, 00:42:24

    O 172.16.3.0/30 [110/782] via 10.10.10.101, 00:42:24

    CE3-A#show ip route ospf

    172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks

    O 172.16.40.0/24 [110/205] via 172.16.5.2, 00:17:34, Serial0/1

    O 172.16.20.0/24 [110/856] via 172.16.3.1, 00:17:34, Serial0/0

    O 172.16.10.0/24 [110/855] via 172.16.3.1, 00:17:34, Serial0/0

    O 172.16.4.0/30 [110/259] via 172.16.5.2, 00:17:34, Serial0/1

    O 172.16.1.0/30 [110/845] via 172.16.3.1, 00:17:34, Serial0/0

    O 172.16.2.0/30 [110/846] via 172.16.3.1, 00:17:34, Serial0/0

    CE4-A#show ip route

    Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

    D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

    N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

    E1 - OSPF external type 1, E2 - OSPF external type 2

    i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

    * - candidate default, U - per-user static route, o - ODR

    P - periodic downloaded static route



    Gateway of last resort is not set



    172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks

    C 172.16.40.0/24 is directly connected, Ethernet0/0

    O 172.16.30.0/24 [110/196] via 172.16.5.1, 00:26:15, Serial0/1

    O 172.16.20.0/24 [110/855] via 172.16.4.1, 00:26:15, Serial0/0

    O 172.16.10.0/24 [110/856] via 172.16.4.1, 00:26:15, Serial0/0

    C 172.16.4.0/30 is directly connected, Serial0/0

    C 172.16.5.0/30 is directly connected, Serial0/1

    O 172.16.1.0/30 [110/846] via 172.16.4.1, 00:26:15, Serial0/0

    O 172.16.2.0/30 [110/845] via 172.16.4.1, 00:26:16, Serial0/0

    O 172.16.3.0/30 [110/259] via 172.16.5.1, 00:26:16, Serial0/1

    CE3-A#traceroute 172.16.40.1

    Type escape sequence to abort.

    Tracing the route to 172.16.40.1



    1 172.16.5.2 16 msec 12 msec *

    CE1-A#traceroute 172.16.20.1

    Type escape sequence to abort.

    Tracing the route to 172.16.20.1



    1 172.16.1.1 16 msec 16 msec 16 msec

    2 10.10.10.2 [MPLS: Labels 17/23 Exp 0] 153 msec 153 msec 152 msec

    3 172.16.2.1 [MPLS: Label 23 Exp 0] 88 msec 88 msec 88 msec

    4 172.16.2.2 56 msec 56 msec *

    CE1-A#traceroute 172.16.40.1

    Type escape sequence to abort.

    Tracing the route to 172.16.40.1



    1 172.16.1.1 16 msec 16 msec 16 msec

    2 10.10.10.2 [MPLS: Labels 17/22 Exp 0] 152 msec 152 msec 152 msec

    3 172.16.4.1 [MPLS: Label 22 Exp 0] 88 msec 88 msec 88 msec

    4 172.16.4.2 56 msec 56 msec *

    PE1-AS1#show ip ospf sham-links

    Sham Link OSPF_SL0 to address 172.16.102.1 is up

    Area 0 source address 172.16.101.1

    Run as demand circuit

    DoNotAge LSA allowed. Cost of using 1 State POINT_TO_POINT,

    Timer intervals configured, Hello 10, Dead 40, Wait 40,

    Hello due in 00:00:03

    Adjacency State FULL (Hello suppressed)

    Index 3/3, retransmission queue length 0, number of retransmission 0

    First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)

    Last retransmission scan length is 0, maximum is 0

    Last retransmission scan time is 0 msec, maximum is 0 msec

    PE1-AS1#show ip ospf neighbor

    Neighbor ID Pri State Dead Time Address Interface

    10.10.10.200 0 FULL/ - 00:00:34 10.10.10.2 Serial0/0

    172.16.30.1 0 FULL/ - 00:00:39 172.16.3.2 Serial1/3

    172.16.10.1 0 FULL/ - 00:00:30 172.16.1.2 Serial1/1

    172.16.102.1 0 FULL/ - - 172.16.102.1 OSPF_SL0

    PE1-AS1#show ip route vrf CustomerA ospf 101

    172.16.0.0/16 is variably subnetted, 11 subnets, 3 masks

    O 172.16.40.0/24 [110/792] via 10.10.10.102, 00:35:18

    O 172.16.30.0/24 [110/782] via 172.16.3.2, 00:36:02, Serial1/3

    O 172.16.20.0/24 [110/792] via 10.10.10.102, 00:35:18

    O 172.16.10.0/24 [110/791] via 172.16.1.2, 00:36:02, Serial1/1

    O 172.16.4.0/30 [110/782] via 10.10.10.102, 00:35:47

    O 172.16.5.0/30 [110/976] via 172.16.3.2, 00:36:02, Serial1/3

    O 172.16.2.0/30 [110/782] via 10.10.10.102, 00:35:47

    CE3-A#show ip route ospf

    172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks

    O 172.16.40.0/24 [110/205] via 172.16.5.2, 00:17:34, Serial0/1

    O 172.16.20.0/24 [110/856] via 172.16.3.1, 00:17:34, Serial0/0

    O 172.16.10.0/24 [110/855] via 172.16.3.1, 00:17:34, Serial0/0

    O 172.16.4.0/30 [110/259] via 172.16.5.2, 00:17:34, Serial0/1

    O 172.16.1.0/30 [110/845] via 172.16.3.1, 00:17:34, Serial0/0

    O 172.16.2.0/30 [110/846] via 172.16.3.1, 00:17:34, Serial0/0

    CE4-A#show ip route

    172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks

    O 172.16.30.0/24 [110/196] via 172.16.5.1, 00:26:15, Serial0/1

    O 172.16.20.0/24 [110/855] via 172.16.4.1, 00:26:15, Serial0/0

    O 172.16.10.0/24 [110/856] via 172.16.4.1, 00:26:15, Serial0/0

    O 172.16.1.0/30 [110/846] via 172.16.4.1, 00:26:15, Serial0/0

    O 172.16.2.0/30 [110/845] via 172.16.4.1, 00:26:16, Serial0/0

    O 172.16.3.0/30 [110/259] via 172.16.5.1, 00:26:16, Serial0/1
    Email : vnpro@vnpro.org
    ---------------------------------------------------------------------------------------------------------------
    Trung Tâm Tin Học VnPro
    149/1D Ung Văn Khiêm P25 Q.Bình thạnh TPHCM
    Tel : (08) 35124257 (5 lines)
    Fax: (08) 35124314

    Home page: http://www.vnpro.vn
    Support Forum: http://www.vnpro.org
    - Chuyên đào tạo quản trị mạng và hạ tầng Internet
    - Phát hành sách chuyên môn
    - Tư vấn và tuyển dụng nhân sự IT
    - Tư vấn thiết kế và hỗ trợ kỹ thuật hệ thống mạng

    Network channel: http://www.dancisco.com
    Blog: http://www.vnpro.org/blog
Working...
X