Lab 9 Overlapping VPNs 02
Topology:
拓扑说明:
1.R4与R5为MPLS VPN PE
2.R1、R2、R6、R7为VPN Client,每个Client都有单独的VRF
3.R3、R8为Server1,Server2
实验要求:
1.所有的clients都要与Servers互通
2.所有的Servers都要互通
3.client与client之间不能互通
Step 1、配置各台路由器的IP地址,并且使用Ping命令确认各路由器的直连口的互通性。
|
R1: interface Loopback0 ip address 1.1.1.1 255.255.255.255
interface Serial2/0 ip address 14.1.1.1 255.255.255.0 encapsulation frame-relay serial restart-delay 0 frame-relay map ip 14.1.1.4 104 broadcast no frame-relay inverse-arp |
|
R2: interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface Serial2/1 ip address 24.1.1.2 255.255.255.0 encapsulation frame-relay serial restart-delay 0 frame-relay map ip 24.1.1.4 214 broadcast no frame-relay inverse-arp |
|
R3: interface Loopback0 ip address 3.3.3.3 255.255.255.255
interface FastEthernet0/0.34 encapsulation dot1Q 34 ip address 34.1.1.3 255.255.255.0 |
|
R4: interface Loopback0 ip address 4.4.4.4 255.255.255.255
interface FastEthernet0/0.34 encapsulation dot1Q 34 ip vrf forwarding server1 ip address 34.1.1.4 255.255.255.0
interface FastEthernet0/0.45 encapsulation dot1Q 1 native ip address 45.1.1.4 255.255.255.0 ip router isis tag-switching ip
|
|
R5:
|
|
R6:
|
|
R7:
|
|
R8:
|
Step 2、在R4,R5之间运行igp。
Step 3、启用ip cef。
|
全局模式下:ip cef |
Step 4、R4,R5配置MPLS。
Step 5、R4,R5配置VRF。
Step 6、R4,R5配置MP-BGP。
Step 7、R1,R2,R3,R6,R7,R8配置rip。
|
R1: router rip version 2 network 1.0.0.0 network 14.0.0.0 no auto-summary |
|
R2: router rip version 2 network 2.0.0.0 network 24.0.0.0 no auto-summary |
Step 8、R4,R5也配置rip及重分发。
Step 9、查看的相关命令以及测试结果。
#sh ip bgp vpn4 all su ---------查看mp-bgp 邻居
#sh ip route vrf SiteA----------查看vrf里的路由
#sh mpls forwarding-table-------查看mpls转发表
#sh ip bgp vpn all labels-------MP-BGP标签表
#sh mpls ldp nei ---------------ldp 邻居表
|
R1#sh run Building configuration...
Current configuration : 1113 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface FastEthernet0/0 no ip address shutdown duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial2/0 ip address 14.1.1.1 255.255.255.0 encapsulation frame-relay serial restart-delay 0 frame-relay map ip 14.1.1.4 104 broadcast no frame-relay inverse-arp ! interface Serial2/1 no ip address shutdown serial restart-delay 0 ! interface Serial2/2 no ip address shutdown serial restart-delay 0 ! interface Serial2/3 no ip address shutdown serial restart-delay 0 ! router rip version 2 network 1.0.0.0 network 14.0.0.0 no auto-summary ! ip http server ip classless ! ! ! ! ! ! ! ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 ! ! end |
|
R2#sh run Building configuration...
Current configuration : 1082 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface FastEthernet0/0 no ip address shutdown duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial2/0 no ip address ! interface Serial2/1 ip address 24.1.1.2 255.255.255.0 encapsulation frame-relay serial restart-delay 0 frame-relay map ip 24.1.1.4 214 broadcast no frame-relay inverse-arp ! interface Serial2/2 no ip address shutdown serial restart-delay 0 ! interface Serial2/3 no ip address shutdown serial restart-delay 0 ! router rip version 2 network 2.0.0.0 network 24.0.0.0 no auto-summary ! no ip http server ip classless ! ! ! ! ! ! ! ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 ! ! end |
|
R3#sh run Building configuration...
Current configuration : 1061 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 ! interface FastEthernet0/0 no ip address duplex auto speed auto ! interface FastEthernet0/0.34 encapsulation dot1Q 34 ip address 34.1.1.3 255.255.255.0 ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial2/0 no ip address shutdown ! interface Serial2/1 no ip address shutdown serial restart-delay 0 ! interface Serial2/2 no ip address shutdown serial restart-delay 0 ! interface Serial2/3 no ip address shutdown serial restart-delay 0 ! router rip version 2 network 3.0.0.0 network 34.0.0.0 no auto-summary ! ip http server ip classless ! ! ! ! ! ! ! ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 ! ! end |
|
R4#sh run Building configuration...
Current configuration : 3208 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R4 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! no ip domain lookup ! ip vrf client1 rd 100:1 route-target export 100:1 route-target import 300:1 route-target import 800:1 ! ip vrf client2 rd 200:1 route-target export 200:1 route-target import 300:1 route-target import 800:1 ! ip vrf server1 rd 300:1 route-target export 38:38 route-target export 300:1 route-target import 100:1 route-target import 200:1 route-target import 600:1 route-target import 700:1 route-target import 38:38 ! ip cef mpls label range 4000 4999 mpls label protocol ldp tag-switching tdp router-id Loopback0 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 4.4.4.4 255.255.255.255 ip router isis ! interface FastEthernet0/0 no ip address duplex auto speed auto ! interface FastEthernet0/0.34 encapsulation dot1Q 34 ip vrf forwarding server1 ip address 34.1.1.4 255.255.255.0 ! interface FastEthernet0/0.45 encapsulation dot1Q 1 native ip address 45.1.1.4 255.255.255.0 ip router isis tag-switching ip ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial2/0 ip vrf forwarding client1 ip address 14.1.1.4 255.255.255.0 encapsulation frame-relay frame-relay map ip 14.1.1.1 401 broadcast no frame-relay inverse-arp ! interface Serial2/0.401 point-to-point shutdown ! interface Serial2/0.402 point-to-point shutdown ! interface Serial2/0.403 point-to-point shutdown ! interface Serial2/1 ip vrf forwarding client2 ip address 24.1.1.4 255.255.255.0 encapsulation frame-relay serial restart-delay 0 frame-relay map ip 24.1.1.2 412 broadcast no frame-relay inverse-arp ! interface Serial2/2 no ip address shutdown serial restart-delay 0 ! interface Serial2/3 no ip address shutdown serial restart-delay 0 ! router isis net 49.0001.4444.4444.4444.00 ! router rip version 2 no auto-summary ! address-family ipv4 vrf server1 redistribute bgp 45 metric 1 network 34.0.0.0 no auto-summary version 2 exit-address-family ! address-family ipv4 vrf client2 redistribute bgp 45 metric 1 network 24.0.0.0 no auto-summary version 2 exit-address-family ! address-family ipv4 vrf client1 redistribute bgp 45 metric 1 network 14.0.0.0 no auto-summary version 2 exit-address-family ! router bgp 45 bgp router-id 4.4.4.4 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 5.5.5.5 remote-as 45 neighbor 5.5.5.5 update-source Loopback0 ! address-family vpnv4 neighbor 5.5.5.5 activate neighbor 5.5.5.5 send-community extended exit-address-family ! address-family ipv4 vrf server1 redistribute rip no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf client2 redistribute rip no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf client1 redistribute rip no auto-summary no synchronization exit-address-family ! ip http server ip classless ! ! ! ! ! ! ! ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 ! ! end |
|
R5#sh run Building configuration...
Current configuration : 3208 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R5 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! no ip domain lookup ! ip vrf client6 rd 600:1 route-target export 600:1 route-target import 300:1 route-target import 800:1 ! ip vrf client7 rd 700:1 route-target export 700:1 route-target import 300:1 route-target import 800:1 ! ip vrf server2 rd 800:1 route-target export 800:1 route-target export 38:38 route-target import 100:1 route-target import 200:1 route-target import 600:1 route-target import 700:1 route-target import 38:38 ! ip cef mpls label range 5000 5999 mpls label protocol ldp tag-switching tdp router-id Loopback0 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 5.5.5.5 255.255.255.255 ip router isis ! interface FastEthernet0/0 no ip address duplex auto speed auto ! interface FastEthernet0/0.45 encapsulation dot1Q 1 native ip address 45.1.1.5 255.255.255.0 ip router isis tag-switching ip ! interface FastEthernet0/0.58 encapsulation dot1Q 58 ip vrf forwarding server2 ip address 58.1.1.5 255.255.255.0 ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial2/0 ip vrf forwarding client6 ip address 56.1.1.5 255.255.255.0 encapsulation frame-relay frame-relay map ip 56.1.1.6 506 broadcast no frame-relay inverse-arp ! interface Serial2/0.506 point-to-point shutdown ! interface Serial2/0.507 point-to-point shutdown ! interface Serial2/0.508 point-to-point shutdown ! interface Serial2/1 ip vrf forwarding client7 ip address 57.1.1.5 255.255.255.0 encapsulation frame-relay serial restart-delay 0 frame-relay map ip 57.1.1.7 517 broadcast no frame-relay inverse-arp ! interface Serial2/2 no ip address shutdown serial restart-delay 0 ! interface Serial2/3 no ip address shutdown serial restart-delay 0 ! router isis net 49.0001.5555.5555.5555.00 ! router rip version 2 no auto-summary ! address-family ipv4 vrf server2 redistribute bgp 45 metric 1 network 58.0.0.0 no auto-summary version 2 exit-address-family ! address-family ipv4 vrf client7 redistribute bgp 45 metric 1 network 57.0.0.0 no auto-summary version 2 exit-address-family ! address-family ipv4 vrf client6 redistribute bgp 45 metric 1 network 56.0.0.0 no auto-summary version 2 exit-address-family ! router bgp 45 bgp router-id 5.5.5.5 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 4.4.4.4 remote-as 45 neighbor 4.4.4.4 update-source Loopback0 ! address-family vpnv4 neighbor 4.4.4.4 activate neighbor 4.4.4.4 send-community extended exit-address-family ! address-family ipv4 vrf server2 redistribute rip no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf client7 redistribute rip no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf client6 redistribute rip no auto-summary no synchronization exit-address-family ! ip http server ip classless ! ! ! ! ! ! ! ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 ! ! end |
|
R6#sh run Building configuration...
Current configuration : 1113 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R6 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 6.6.6.6 255.255.255.255 ! interface FastEthernet0/0 no ip address shutdown duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial2/0 ip address 56.1.1.6 255.255.255.0 encapsulation frame-relay serial restart-delay 0 frame-relay map ip 56.1.1.5 605 broadcast no frame-relay inverse-arp ! interface Serial2/1 no ip address shutdown serial restart-delay 0 ! interface Serial2/2 no ip address shutdown serial restart-delay 0 ! interface Serial2/3 no ip address shutdown serial restart-delay 0 ! router rip version 2 network 6.0.0.0 network 56.0.0.0 no auto-summary ! ip http server ip classless ! ! ! ! ! ! ! ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 ! ! end |
|
R7#sh run Building configuration...
Current configuration : 1079 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R7 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 7.7.7.7 255.255.255.255 ! interface FastEthernet0/0 no ip address shutdown duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial2/0 no ip address ! interface Serial2/1 ip address 57.1.1.7 255.255.255.0 encapsulation frame-relay serial restart-delay 0 frame-relay map ip 57.1.1.5 715 broadcast no frame-relay inverse-arp ! interface Serial2/2 no ip address shutdown serial restart-delay 0 ! interface Serial2/3 no ip address shutdown serial restart-delay 0 ! router rip version 2 network 7.0.0.0 network 57.0.0.0 no auto-summary ! ip http server ip classless ! ! ! ! ! ! ! ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 ! ! end |
|
R8#sh run Building configuration...
Current configuration : 1051 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R8 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero ! ! no ip domain lookup ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 8.8.8.8 255.255.255.255 ! interface FastEthernet0/0 no ip address duplex auto speed auto ! interface FastEthernet0/0.58 encapsulation dot1Q 58 ip address 58.1.1.8 255.255.255.0 ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial2/0 no ip address ! interface Serial2/1 no ip address shutdown serial restart-delay 0 ! interface Serial2/2 no ip address shutdown serial restart-delay 0 ! interface Serial2/3 no ip address shutdown serial restart-delay 0 ! router rip version 2 network 8.0.0.0 network 58.0.0.0 no auto-summary ! ip http server ip classless ! ! ! ! ! ! ! ! ! ! ! gatekeeper shutdown ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 ! ! end |
