Thực hiện
Cấu hình địa chỉ ip và định nghĩa các VRF trên các PE.
Cấu hình OSPF Sham-link theo các bước sau:
- Tạo các đầu cuối (endpoint) của sham-link
Tạo các giao tiếp loopback trên mỗi router PE và gắn kết nó vào VRF CustomerA của VPN. Địa chỉ loopback là một địa chỉ trong không gian địa chỉ của VPN, không được là không gian địa chỉ của nhà cung cấp dịch vụ MPLS VPN vì sham-link là một kết nối của khách hàng (CustomerA).
Tạo endpoint thực hiện trên PE1-AS1 và PE2-AS1 như sau:
PE1-AS1(config)#interface Loopback101PE1-AS1(config-if)#description sham-link Endpoint on PE1-AS1PE1-AS1(config-if)#ip vrf forwarding Cust_A
PE1-AS1(config-if)#ip address 172.16.101.1 255.255.255.255
PE2-AS1(config)#interface Loopback101PE2-AS1(config-if)#description sham-link Endpoint on PE2-AS1PE2-AS1(config-if)#ip vrf forwarding Cust_A
PE2-AS1(config-if)#ip address 172.16.102.1 255.255.255.255
- Redistribute endpoint vào MP-BGP
PE1-AS1(config-router-af)#redistribute connected
PE2-AS1(config)#router bgp 1PE2-AS1(config-router)#address-family ipv4 vrf Cust_A
PE2-AS1(config-router-af)#redistribute connected
- Cho phép sham-link qua tiến trình OSPF VRF
PE1-AS1(config-router)#area 0 sham-link 172.16.101.1 172.16.102.1 cost 1
PE2-AS1(config)#router ospf 101 vrf Cust_APE2-AS1(config-router)#area 0 sham-link 172.16.102.1 172.16.101.1 cost 1
Cấu hình
Router P1-AS1
!
hostname P1-AS1
!
ip subnet-zero
!
ip cef
mpls ldp logging neighbor-changes
!
interface Loopback0
ip address 10.10.10.200 255.255.255.255
!
interface Serial0/0
description Connected to PE1-AS1
ip address 10.10.10.2 255.255.255.252
tag-switching ip
clockrate 64000
!
interface Serial0/1
description Connected to PE2-AS1
ip address 10.10.10.6 255.255.255.252
tag-switching ip
clockrate 64000
!
router ospf 1
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
!
ip http server
ip classless
!
end
Router PE1-AS1
!
hostname PE1-AS1
!
ip subnet-zero
!
ip vrf CustomerA
rd 1:100
route-target export 1:100
route-target import 1:100
!
ip cef
mpls ldp logging neighbor-changes
!
interface Loopback0
ip address 10.10.10.101 255.255.255.255
!
interface Loopback101
description Sham-link Endpoint on PE1-AS1
ip vrf forwarding CustomerA
ip address 172.16.101.1 255.255.255.255
!
interface Serial0/0
description Connected to P1-AS1
ip address 10.10.10.1 255.255.255.252
tag-switching ip
!
interface Serial1/1
description Connected to CE1-A
ip vrf forwarding CustomerA
ip address 172.16.1.1 255.255.255.252
clockrate 64000
!
interface Serial1/3
description Connected to CE3-A
ip vrf forwarding CustomerA
ip address 172.16.3.1 255.255.255.252
!
router ospf 101 vrf CustomerA
router-id 172.16.101.1
log-adjacency-changes
area 0 sham-link 172.16.101.1 172.16.102.1
redistribute bgp 1 subnets
network 172.16.1.0 0.0.0.255 area 0
network 172.16.3.0 0.0.0.255 area 0
!
router ospf 1
router-id 10.10.10.101
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
!
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 10.10.10.102 remote-as 1
neighbor 10.10.10.102 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.10.10.102 activate
neighbor 10.10.10.102 send-community both
no auto-summary
exit-address-family
!
address-family ipv4 vrf CustomerA
redistribute connected
redistribute ospf 101 match internal external 1 external 2
no auto-summary
no synchronization
exit-address-family
!
ip http server
ip classless
!
end
Router PE2-A
!
hostname PE2-AS1
!
ip vrf CustomerA
rd 1:100
route-target export 1:100
route-target import 1:100
!
ip cef
mpls ldp logging neighbor-changes
!
interface Loopback0
ip address 10.10.10.102 255.255.255.255
!
interface Loopback101
description Sham-link Endpoint on PE2-AS1
ip vrf forwarding CustomerA
ip address 172.16.102.1 255.255.255.255
!
interface Serial0/1
description Connected to P1-AS1
ip address 10.10.10.5 255.255.255.252
tag-switching ip
!
interface Serial1/0
description Connected to CE2-A
ip vrf forwarding CustomerA
ip address 172.16.2.1 255.255.255.252
clockrate 64000
!
interface Serial1/2
description Connected to CE4-A
ip vrf forwarding CustomerA
ip address 172.16.4.1 255.255.255.252
clockrate 64000
!
router ospf 101 vrf CustomerA
router-id 172.16.102.1
log-adjacency-changes
area 0 sham-link 172.16.102.1 172.16.101.1
redistribute bgp 1 subnets
network 172.16.2.0 0.0.0.255 area 0
network 172.16.4.0 0.0.0.255 area 0
!
router ospf 1
router-id 10.10.10.102
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
!
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 10.10.10.101 remote-as 1
neighbor 10.10.10.101 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.10.10.101 activate
neighbor 10.10.10.101 send-community both
no auto-summary
exit-address-family
!
address-family ipv4 vrf CustomerA
redistribute connected
redistribute ospf 101 match internal external 1 external 2
no auto-summary
no synchronization
exit-address-family
!
ip classless
!
end
Router CE1-A
!
hostname CE1-A
!
mpls ldp logging neighbor-changes
!
interface Ethernet0/0
description VPN-A Site 1 network
ip address 172.16.10.1 255.255.255.0
half-duplex
no keepalive
!
interface Serial0/0
description Connected to PE1-AS1
ip address 172.16.1.2 255.255.255.252
no fair-queue
!
router ospf 101
log-adjacency-changes
network 172.16.0.0 0.0.255.255 area 0
!
ip http server
ip classless
!
end
Router CE2-A
!
hostname CE2-A
!
interface Ethernet0/0
description VPN-A CustomerA Site 2 network
ip address 172.16.20.1 255.255.255.0
half-duplex
no keepalive
!
interface Serial0/0
description Connected to PE2-AS1
ip address 172.16.2.2 255.255.255.252
!
router ospf 101
log-adjacency-changes
network 172.16.0.0 0.0.255.255 area 0
!
ip classless
!
end
Router CE3-A
!
hostname CE3-A
!
interface FastEthernet0/0
description VPN-A CustomerA Site 3 network
ip address 172.16.30.1 255.255.255.0
duplex auto
speed auto
no keepalive
!
interface Serial0/0
description Connected to PE1-AS1
ip address 172.16.3.2 255.255.255.252
clockrate 64000
no fair-queue
!
interface Serial0/1
description Sham-link, connected to CE4-A
bandwidth 512
ip address 172.16.5.1 255.255.255.252
!
router ospf 101
log-adjacency-changes
network 172.16.0.0 0.0.255.255 area 0
!
ip classless
!
end
Router CE4-A
!
hostname CE4-A
!
interface Ethernet0/0
description VPN-A CustomerA Site 4 network
ip address 172.16.40.1 255.255.255.0
half-duplex
no keepalive
!
interface Serial0/0
description Connected to PE2-AS1
ip address 172.16.4.2 255.255.255.252
no fair-queue
!
interface Serial0/1
description Sham-link, connected to CE3-A
bandwidth 512
ip address 172.16.5.2 255.255.255.252
clockrate 64000
!
router ospf 101
log-adjacency-changes
network 172.16.0.0 0.0.255.255 area 0
!
ip classless
!
end
Kiểm tra hoạt động của Sham-link
PE1-AS1#show ip route vrf CustomerA
Routing Table: CustomerA
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 11 subnets, 3 masks
O 172.16.40.0/24 [110/792] via 10.10.10.102, 00:33:15
O 172.16.30.0/24 [110/782] via 172.16.3.2, 00:33:59, Serial1/3
O 172.16.20.0/24 [110/792] via 10.10.10.102, 00:33:15
O 172.16.10.0/24 [110/791] via 172.16.1.2, 00:33:59, Serial1/1
O 172.16.4.0/30 [110/782] via 10.10.10.102, 00:33:45
O 172.16.5.0/30 [110/976] via 172.16.3.2, 00:33:59, Serial1/3
C 172.16.1.0/30 is directly connected, Serial1/1
O 172.16.2.0/30 [110/782] via 10.10.10.102, 00:33:46
C 172.16.3.0/30 is directly connected, Serial1/3
C 172.16.101.1/32 is directly connected, Loopback101
B 172.16.102.1/32 [200/0] via 10.10.10.102, 00:34:17
PE2-AS1#show ip route vrf CustomerA ospf 101
172.16.0.0/16 is variably subnetted, 11 subnets, 3 masks
O 172.16.40.0/24 [110/791] via 172.16.4.2, 00:42:24, Serial1/2
O 172.16.30.0/24 [110/783] via 10.10.10.101, 00:42:24
O 172.16.20.0/24 [110/791] via 172.16.2.2, 00:42:24, Serial1/0
O 172.16.10.0/24 [110/792] via 10.10.10.101, 00:42:24
O 172.16.5.0/30 [110/976] via 172.16.4.2, 00:42:24, Serial1/2
O 172.16.1.0/30 [110/782] via 10.10.10.101, 00:42:24
O 172.16.3.0/30 [110/782] via 10.10.10.101, 00:42:24
CE3-A#show ip route ospf
172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks
O 172.16.40.0/24 [110/205] via 172.16.5.2, 00:17:34, Serial0/1
O 172.16.20.0/24 [110/856] via 172.16.3.1, 00:17:34, Serial0/0
O 172.16.10.0/24 [110/855] via 172.16.3.1, 00:17:34, Serial0/0
O 172.16.4.0/30 [110/259] via 172.16.5.2, 00:17:34, Serial0/1
O 172.16.1.0/30 [110/845] via 172.16.3.1, 00:17:34, Serial0/0
O 172.16.2.0/30 [110/846] via 172.16.3.1, 00:17:34, Serial0/0
CE4-A#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks
C 172.16.40.0/24 is directly connected, Ethernet0/0
O 172.16.30.0/24 [110/196] via 172.16.5.1, 00:26:15, Serial0/1
O 172.16.20.0/24 [110/855] via 172.16.4.1, 00:26:15, Serial0/0
O 172.16.10.0/24 [110/856] via 172.16.4.1, 00:26:15, Serial0/0
C 172.16.4.0/30 is directly connected, Serial0/0
C 172.16.5.0/30 is directly connected, Serial0/1
O 172.16.1.0/30 [110/846] via 172.16.4.1, 00:26:15, Serial0/0
O 172.16.2.0/30 [110/845] via 172.16.4.1, 00:26:16, Serial0/0
O 172.16.3.0/30 [110/259] via 172.16.5.1, 00:26:16, Serial0/1
CE3-A#traceroute 172.16.40.1
Type escape sequence to abort.
Tracing the route to 172.16.40.1
1 172.16.5.2 16 msec 12 msec *
CE1-A#traceroute 172.16.20.1
Type escape sequence to abort.
Tracing the route to 172.16.20.1
1 172.16.1.1 16 msec 16 msec 16 msec
2 10.10.10.2 [MPLS: Labels 17/23 Exp 0] 153 msec 153 msec 152 msec
3 172.16.2.1 [MPLS: Label 23 Exp 0] 88 msec 88 msec 88 msec
4 172.16.2.2 56 msec 56 msec *
CE1-A#traceroute 172.16.40.1
Type escape sequence to abort.
Tracing the route to 172.16.40.1
1 172.16.1.1 16 msec 16 msec 16 msec
2 10.10.10.2 [MPLS: Labels 17/22 Exp 0] 152 msec 152 msec 152 msec
3 172.16.4.1 [MPLS: Label 22 Exp 0] 88 msec 88 msec 88 msec
4 172.16.4.2 56 msec 56 msec *
PE1-AS1#show ip ospf sham-links
Sham Link OSPF_SL0 to address 172.16.102.1 is up
Area 0 source address 172.16.101.1
Run as demand circuit
DoNotAge LSA allowed. Cost of using 1 State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40,
Hello due in 00:00:03
Adjacency State FULL (Hello suppressed)
Index 3/3, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
PE1-AS1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.10.10.200 0 FULL/ - 00:00:34 10.10.10.2 Serial0/0
172.16.30.1 0 FULL/ - 00:00:39 172.16.3.2 Serial1/3
172.16.10.1 0 FULL/ - 00:00:30 172.16.1.2 Serial1/1
172.16.102.1 0 FULL/ - - 172.16.102.1 OSPF_SL0
PE1-AS1#show ip route vrf CustomerA ospf 101
172.16.0.0/16 is variably subnetted, 11 subnets, 3 masks
O 172.16.40.0/24 [110/792] via 10.10.10.102, 00:35:18
O 172.16.30.0/24 [110/782] via 172.16.3.2, 00:36:02, Serial1/3
O 172.16.20.0/24 [110/792] via 10.10.10.102, 00:35:18
O 172.16.10.0/24 [110/791] via 172.16.1.2, 00:36:02, Serial1/1
O 172.16.4.0/30 [110/782] via 10.10.10.102, 00:35:47
O 172.16.5.0/30 [110/976] via 172.16.3.2, 00:36:02, Serial1/3
O 172.16.2.0/30 [110/782] via 10.10.10.102, 00:35:47
CE3-A#show ip route ospf
172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks
O 172.16.40.0/24 [110/205] via 172.16.5.2, 00:17:34, Serial0/1
O 172.16.20.0/24 [110/856] via 172.16.3.1, 00:17:34, Serial0/0
O 172.16.10.0/24 [110/855] via 172.16.3.1, 00:17:34, Serial0/0
O 172.16.4.0/30 [110/259] via 172.16.5.2, 00:17:34, Serial0/1
O 172.16.1.0/30 [110/845] via 172.16.3.1, 00:17:34, Serial0/0
O 172.16.2.0/30 [110/846] via 172.16.3.1, 00:17:34, Serial0/0
CE4-A#show ip route
172.16.0.0/16 is variably subnetted, 9 subnets, 2 masks
O 172.16.30.0/24 [110/196] via 172.16.5.1, 00:26:15, Serial0/1
O 172.16.20.0/24 [110/855] via 172.16.4.1, 00:26:15, Serial0/0
O 172.16.10.0/24 [110/856] via 172.16.4.1, 00:26:15, Serial0/0
O 172.16.1.0/30 [110/846] via 172.16.4.1, 00:26:15, Serial0/0
O 172.16.2.0/30 [110/845] via 172.16.4.1, 00:26:16, Serial0/0
O 172.16.3.0/30 [110/259] via 172.16.5.1, 00:26:16, Serial0/1