让 VRF 工作(以及其他一些问题)

网络工程 BGP 多路复用器 虚拟现实
2022-02-11 10:09:01

我第一次弄乱BGP / MPLS,我对我的配置是否有问题以及是否是最好的方法都有一些疑问,希望你们能在这里澄清一下。

因此,首先我要做的是能够从客户 A 分支 ping 到网络另一部分的另一个客户 A 分支。现在考虑到我在这方面仍然很糟糕,我觉得我做了一个科学怪人的命令来让它在任何地方都能正常工作,很可能有些东西配置错误或者我正在做的事情是不可能的。

这是网络:

在此处输入图像描述

(对不起,糟糕的油漆)

B_South 配置:

!

!
! Last configuration change at 21:51:05 UTC Thu Jan 7 2021
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname B_South
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
ip cef
!
ip vrf ARASAKA-1
 rd 1020:1
 route-target export 1020:1
 route-target import 1020:1
!
!
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
mpls traffic-eng tunnels
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
ip tcp synwait-time 5
! 
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.10.3.3 255.255.255.255
!
interface FastEthernet0/0
 ip address 10.10.2.3 255.255.255.0
 duplex full
 mpls ip
 mpls traffic-eng tunnels
 ip rsvp bandwidth 512 512
!
interface FastEthernet1/0
 ip address 10.10.4.1 255.255.255.252
 speed auto
 duplex auto
 mpls traffic-eng tunnels
!
interface FastEthernet1/1
 ip vrf forwarding ARASAKA-1
 ip address 10.10.4.5 255.255.255.252
 speed auto
 duplex auto
!
interface FastEthernet2/0
 ip address 200.100.4.1 255.255.255.0
 speed auto
 duplex auto
!
interface FastEthernet2/1
 no ip address
 shutdown
 speed auto
 duplex auto
!
router ospf 1
 network 10.10.2.0 0.0.0.255 area 0
 network 10.10.3.3 0.0.0.0 area 0
 network 200.100.4.0 0.0.0.255 area 0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng area 0
!
router bgp 1020
 bgp router-id 10.10.10.11
 bgp log-neighbor-changes
 neighbor 10.10.3.1 remote-as 1020
 neighbor 10.10.3.1 update-source Loopback0
 neighbor 10.10.3.1 next-hop-self
 neighbor 10.10.3.2 remote-as 1020
 neighbor 10.10.3.2 update-source Loopback0
 neighbor 10.10.3.2 next-hop-self
 neighbor 10.10.3.4 remote-as 1020
 neighbor 10.10.3.4 update-source Loopback0
 neighbor 10.10.3.4 next-hop-self
 !
 address-family vpnv4
  neighbor 10.10.3.4 activate
  neighbor 10.10.3.4 send-community both
 exit-address-family
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 193.136.1.0 255.255.255.192 10.10.4.6
ip route 193.136.1.64 255.255.255.192 10.10.4.6
!
!
!
!
control-plane
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line vty 0 4
 login
!
!
end

荒坂_S配置:

!
!
!

!
! Last configuration change at 09:24:06 UTC Sun Jan 3 2021
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname Arasaka_S
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
ip tcp synwait-time 5
! 
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 ip address 10.10.4.6 255.255.255.252
 duplex full
!
interface FastEthernet1/0
 ip address 193.136.1.65 255.255.255.192
 speed auto
 duplex auto
!
interface FastEthernet1/1
 ip address 193.136.1.1 255.255.255.192
 speed auto
 duplex auto
!
interface FastEthernet2/0
 no ip address
 shutdown
 speed auto
 duplex auto
!
interface FastEthernet2/1
 no ip address
 shutdown
 speed auto
 duplex auto
!
router ospf 1
 network 193.136.1.0 0.0.0.63 area 0
 network 193.136.1.64 0.0.0.63 area 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.10.4.5
!
!
!
!
control-plane
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line vty 0 4
 login
!
!
end

Arasaka_N 配置:

!
!
!

!
! Last configuration change at 08:54:37 UTC Sun Jan 3 2021
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname Arasaka_N
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
ip tcp synwait-time 5
! 
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 ip address 10.10.4.10 255.255.255.252
 duplex full
!
interface FastEthernet1/0
 ip address 193.136.1.129 255.255.255.192
 speed auto
 duplex auto
!
interface FastEthernet1/1
 ip address 193.136.1.193 255.255.255.192
 speed auto
 duplex auto
!
interface FastEthernet2/0
 no ip address
 shutdown
 speed auto
 duplex auto
!
interface FastEthernet2/1
 no ip address
 shutdown
 speed auto
 duplex auto
!
router ospf 1
 network 193.136.1.128 0.0.0.63 area 0
 network 193.136.1.192 0.0.0.63 area 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.10.4.9
!
!
!
!
control-plane
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line vty 0 4
 login
!
!
end

B_North配置:

!

!
! Last configuration change at 21:57:40 UTC Thu Jan 7 2021
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname B_North
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
ip cef
!
ip vrf ARASAKA-1
 rd 1020:1
 route-target export 1020:1
 route-target import 1020:1
!
!
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
mpls traffic-eng tunnels
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
ip tcp synwait-time 5
! 
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.10.3.4 255.255.255.255
!
interface FastEthernet0/0
 ip address 10.10.2.4 255.255.255.0
 duplex full
 mpls ip
 mpls traffic-eng tunnels
 ip rsvp bandwidth 512 512
!
interface FastEthernet1/0
 ip vrf forwarding ARASAKA-1
 ip address 10.10.4.9 255.255.255.252
 speed auto
 duplex auto
!
interface FastEthernet1/1
 ip address 200.100.2.1 255.255.255.0
 speed auto
 duplex auto
!
interface FastEthernet2/0
 ip address 10.20.1.1 255.255.255.0
 speed auto
 duplex auto
!
interface FastEthernet2/1
 no ip address
 shutdown
 speed auto
 duplex auto
!
router ospf 1
 network 10.10.2.0 0.0.0.255 area 0
 network 10.10.3.4 0.0.0.0 area 0
 network 200.100.2.0 0.0.0.255 area 0
 mpls traffic-eng router-id Loopback0
 mpls traffic-eng area 0
!
router bgp 1020
 bgp router-id 10.10.10.10
 bgp log-neighbor-changes
 neighbor 10.10.3.1 remote-as 1020
 neighbor 10.10.3.1 update-source Loopback0
 neighbor 10.10.3.1 next-hop-self
 neighbor 10.10.3.2 remote-as 1020
 neighbor 10.10.3.2 update-source Loopback0
 neighbor 10.10.3.2 next-hop-self
 neighbor 10.10.3.3 remote-as 1020
 neighbor 10.10.3.3 update-source Loopback0
 neighbor 10.10.3.3 next-hop-self
 !
 address-family vpnv4
  neighbor 10.10.3.3 activate
  neighbor 10.10.3.3 send-community both
 exit-address-family
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 193.136.1.128 255.255.255.192 10.10.4.10
ip route 193.136.1.192 255.255.255.192 10.10.4.10
!
!
!
!
control-plane
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line vty 0 4
 login
!
!
end

所以我的问题是:

1-> 为什么路由器 B_south 不能“ping vrf” B_North vrf 接口 (f1/0)?

2-> 我已经添加了 mpls LDP 和 mpls RSVP-TE,我需要使用其中一个吗?

3-> 在 B_South 和 B_North 上使用 BGP 是否是一个不错的选择,因为据我所知,BGP 更多地用于 ISP 之类的事物之间,而不是在同一个 AS 中,或者我应该在没有 VRF 的情况下使用 ospf 来获得两者之间的连接?

如果我在这里做错了什么可怕的事情,请告诉我哈哈。

0个回答
没有发现任何回复~
其它你可能感兴趣的问题
上一篇标准、协议和工作组之间的区别? 下一篇为什么 IANA 专门为私有 IP 地址空间选择这些范围?