一、实验拓扑:
二、需求概述:
相同公司内网可以通信,公司B分支1和分支2 不能互通!!
三、配置过程:R1:
sysname R1 undo info-center enable interface GigabitEthernet0/0/0 ip address 16.1.1.1 255.255.255.0 interface LoopBack0 ip address 192.1.1.1 255.255.255.255 ospf 1 router-id 1.1.1.1 area 0.0.0.0 network 192.1.1.1 0.0.0.0 network 16.1.1.0 0.0.0.255
R2:
sysname R2 undo info-center enable interface GigabitEthernet0/0/0 ip address 26.1.1.2 255.255.255.0 interface LoopBack0 ip address 192.2.2.2 255.255.255.255 ospf 1 router-id 192.2.2.2 area 0.0.0.0 network 26.1.1.2 0.0.0.0 network 192.2.2.2 0.0.0.0 ip route-static 0.0.0.0 0.0.0.0 26.1.1.6
R3:
sysname R3 undo info-center enable interface GigabitEthernet0/0/0 ip address 36.1.1.3 255.255.255.0 interface LoopBack0 ip address 192.3.3.3 255.255.255.255 bgp 300 router-id 3.3.3.3 peer 36.1.1.6 as-number 400 ipv4-family unicast undo synchronization network 36.1.1.0 255.255.255.0 network 192.3.3.3 255.255.255.255 peer 36.1.1.6 enable
R4:
sysname R4 undo info-center enable interface GigabitEthernet0/0/0 ip address 49.1.1.4 255.255.255.0 interface LoopBack0 ip address 192.4.4.4 255.255.255.255 ospf 1 area 0.0.0.0 network 192.4.4.4 0.0.0.0 network 49.1.1.0 0.0.0.255
R5:
sysname R5 undo info-center enable interface GigabitEthernet0/0/0 ip address 59.1.1.5 255.255.255.0 interface LoopBack0 ip address 192.5.5.5 255.255.255.255 bgp 500 router-id 5.5.5.5 peer 59.1.1.9 as-number 400 ipv4-family unicast undo synchronization network 59.1.1.0 255.255.255.0 network 192.5.5.5 255.255.255.255 peer 59.1.1.9 enable
R6:
sysname R6 ip vpn-instance s1 ipv4-family route-distinguisher 100:100 vpn-target 10:10 export-extcommunity vpn-target 40:40 import-extcommunity ip vpn-instance s2 ipv4-family route-distinguisher 200:200 vpn-target 20:20 export-extcommunity vpn-target 40:40 import-extcommunity ip vpn-instance s3 ipv4-family route-distinguisher 300:300 vpn-target 30:30 export-extcommunity vpn-target 50:50 import-extcommunity mpls lsr-id 6.6.6.6 mpls mpls ldp interface GigabitEthernet0/0/0 ip binding vpn-instance s1 ip address 16.1.1.6 255.255.255.0 interface GigabitEthernet0/0/1 ip binding vpn-instance s2 ip address 26.1.1.6 255.255.255.0 interface GigabitEthernet0/0/2 ip binding vpn-instance s3 ip address 36.1.1.6 255.255.255.0 interface GigabitEthernet3/0/0 ip address 67.1.1.6 255.255.255.0 mpls mpls ldp interface LoopBack0 ip address 6.6.6.6 255.255.255.255 bgp 400 router-id 6.6.6.6 peer 9.9.9.9 as-number 400 peer 9.9.9.9 connect-interface LoopBack0 ipv4-family unicast undo synchronization undo peer 9.9.9.9 enable ipv4-family vpnv4 policy vpn-target peer 9.9.9.9 enable ipv4-family vpn-instance s1 import-route ospf 2 ipv4-family vpn-instance s2 import-route ospf 3 ipv4-family vpn-instance s3 peer 36.1.1.3 as-number 300 ospf 1 router-id 6.6.6.6 area 0.0.0.0 network 6.6.6.6 0.0.0.0 network 67.1.1.6 0.0.0.0 ospf 2 vpn-instance s1 import-route bgp area 0.0.0.0 network 16.1.1.6 0.0.0.0 ospf 3 vpn-instance s2 import-route bgp area 0.0.0.0 network 26.1.1.0 0.0.0.255 ip route-static vpn-instance s2 192.2.2.0 255.255.255.0 26.1.1.2
R7:
sysname R7 mpls lsr-id 7.7.7.7 mpls lsp-trigger all mpls ldp interface GigabitEthernet0/0/0 ip address 67.1.1.7 255.255.255.0 mpls mpls ldp interface GigabitEthernet0/0/1 ip address 78.1.1.7 255.255.255.0 mpls mpls ldp interface LoopBack0 ip address 7.7.7.7 255.255.255.255 ospf 1 area 0.0.0.0 network 7.7.7.7 0.0.0.0 network 67.1.1.7 0.0.0.0 network 78.1.1.7 0.0.0.0
R8:
sysname R8 undo info-center enable mpls lsr-id 8.8.8.8 mpls lsp-trigger all mpls ldp interface GigabitEthernet0/0/0 ip address 78.1.1.8 255.255.255.0 mpls mpls ldp interface GigabitEthernet0/0/1 ip address 89.1.1.8 255.255.255.0 mpls mpls ldp interface LoopBack0 ip address 8.8.8.8 255.255.255.255 ospf 1 area 0.0.0.0 network 8.8.8.8 0.0.0.0 network 78.1.1.8 0.0.0.0 network 89.1.1.8 0.0.0.0
R9:
sysname R9 ip vpn-instance s4 ipv4-family route-distinguisher 400:400 vpn-target 40:40 export-extcommunity vpn-target 20:20 10:10 import-extcommunity ip vpn-instance s5 ipv4-family route-distinguisher 500:500 vpn-target 50:50 export-extcommunity vpn-target 30:30 import-extcommunity mpls lsr-id 9.9.9.9 mpls lsp-trigger all mpls ldp interface GigabitEthernet0/0/0 ip address 89.1.1.9 255.255.255.0 ospf enable 1 area 0.0.0.0 mpls mpls ldp interface GigabitEthernet0/0/1 ip binding vpn-instance s4 ip address 49.1.1.9 255.255.255.0 interface GigabitEthernet0/0/2 ip binding vpn-instance s5 ip address 59.1.1.9 255.255.255.0 interface LoopBack0 ip address 9.9.9.9 255.255.255.255 ospf enable 1 area 0.0.0.0 bgp 400 router-id 9.9.9.9 peer 6.6.6.6 as-number 400 peer 6.6.6.6 connect-interface LoopBack0 ipv4-family unicast undo synchronization undo peer 6.6.6.6 enable ipv4-family vpnv4 undo policy vpn-target peer 6.6.6.6 enable ipv4-family vpn-instance s4 import-route ospf 2 ipv4-family vpn-instance s5 peer 59.1.1.5 as-number 500 ospf 1 area 0.0.0.0 network 9.9.9.9 0.0.0.0 network 89.1.1.9 0.0.0.0 ospf 2 vpn-instance s4 import-route bgp area 0.0.0.0 network 49.1.1.9 0.0.0.0
四、测试过程:
查看lDP邻居情况:
查看vpn实例路由情况:
测试公司连通性:公司B分支1到公司B总部:
公司B分支2到公司B总部:
公司A分支到公司A总部:
测试公司B分支1到公司B分支2:不通是正常现象,实验要求
测试不同公司间能否通信,不通为正常:
公司A分支到公司B总部:
至此实验完成!
